Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zo0i6gl69k6oB037dRclmm9IgTA.roa
File: zo0i6gl69k6oB037dRclmm9IgTA.roa (raw, json)
Hash identifier: bUSrEjyP0tvOloTHD4f03Za3N8Y3zEkLKypBwEORcro=
Subject key identifier: CE:8D:22:EA:09:7A:F6:4E:A8:07:4D:FB:75:17:25:9A:6F:48:81:30
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06BC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zo0i6gl69k6oB037dRclmm9IgTA.roa
Signing time: Fri 16 May 2025 01:38:09 +0000
ROA not before: Fri 16 May 2025 01:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1724 (0x6bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 01:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CE8D22EA097AF64EA8074DFB7517259A6F488130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:99:1c:17:5b:69:a8:6a:1c:dd:3e:ee:59:de:
d3:4b:ff:5d:89:e8:a8:55:c3:27:8d:2f:c6:d5:ad:
17:86:b7:c1:a0:9f:66:14:b1:d2:d4:c7:87:17:9d:
05:e6:00:54:87:47:a7:c8:dc:85:43:50:f2:16:49:
fd:3a:e6:b7:5c:79:86:79:0a:08:36:cf:11:79:54:
b6:f1:73:f8:38:b5:7e:38:f5:55:cb:95:32:4b:a6:
38:ff:07:7e:55:7e:65:9f:fc:96:a5:64:f6:22:0e:
61:fc:5b:26:2a:5b:af:ad:08:c2:cf:00:72:1c:1b:
18:a9:f3:31:61:2a:55:e5:d3:a4:ae:23:90:e7:01:
6d:23:6d:96:d3:62:f4:ea:8b:cb:bd:e0:6e:0e:1e:
ac:25:63:65:db:84:70:12:d5:3a:59:10:e1:2b:08:
a0:90:48:17:b4:f7:5e:0c:dd:02:83:84:70:52:d8:
02:18:63:f2:ea:2d:0f:26:b8:95:a0:9f:7e:15:99:
0b:77:1c:94:ed:c7:e9:30:89:f9:40:2e:20:85:b9:
35:b7:f8:43:9b:ac:df:37:b1:e0:c2:4e:f2:87:4c:
7f:e6:29:e3:54:dd:01:ac:d7:f1:fa:72:53:3e:f5:
9c:ef:c4:75:c7:49:8f:62:95:df:04:59:af:b2:a4:
9f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8D:22:EA:09:7A:F6:4E:A8:07:4D:FB:75:17:25:9A:6F:48:81:30
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zo0i6gl69k6oB037dRclmm9IgTA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:5d:6e:cc:c5:71:a5:9b:b3:ec:5e:49:84:1a:c7:16:59:45:
fe:d7:df:59:8f:15:94:bd:f1:5b:39:d6:2a:1b:e8:1e:8b:77:
da:38:73:01:1a:2f:92:e6:96:52:cd:f0:4e:ed:c1:80:70:c1:
92:ce:da:bb:95:32:01:bc:d2:4f:f9:87:cc:a5:ea:1b:72:49:
25:36:4a:89:ee:27:3b:89:a0:b6:bf:fb:f2:26:5e:cb:a6:d1:
5c:ca:9f:38:a6:13:48:d6:bb:f6:fc:7f:5f:75:0a:44:ba:49:
66:40:99:28:b3:16:b8:c7:00:e0:38:59:f3:dd:8d:25:eb:c4:
53:f5:10:bd:e3:5a:fa:6c:09:b0:56:fc:8a:fa:20:16:75:56:
c8:3f:35:3c:40:f0:c4:99:75:e7:86:a5:dd:07:cf:b2:f5:4b:
41:32:53:ff:83:10:aa:cc:71:cb:b9:12:de:0a:47:ab:dc:c0:
9d:bd:09:8c:24:4b:a0:55:2d:c4:b2:3e:cf:8a:98:dd:b3:3b:
12:ae:76:9d:36:4a:bf:79:6a:b3:22:48:97:90:a7:4f:72:46:
b0:fc:02:90:95:4f:b6:4b:87:79:21:1a:81:6f:c0:59:f2:f4:
72:10:06:19:1e:d7:43:51:f7:e3:ea:51:52:c5:49:7c:c8:9b:
3c:f1:be:85
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
MTM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENFOEQyMkVBMDk3QUY2
NEVBODA3NERGQjc1MTcyNTlBNkY0ODgxMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzmRwXW2moahzdPu5Z3tNL/12J6KhVwyeNL8bVrReGt8Ggn2YU
sdLUx4cXnQXmAFSHR6fI3IVDUPIWSf065rdceYZ5Cgg2zxF5VLbxc/g4tX449VXL
lTJLpjj/B35VfmWf/JalZPYiDmH8WyYqW6+tCMLPAHIcGxip8zFhKlXl06SuI5Dn
AW0jbZbTYvTqi8u94G4OHqwlY2XbhHAS1TpZEOErCKCQSBe0914M3QKDhHBS2AIY
Y/LqLQ8muJWgn34VmQt3HJTtx+kwiflALiCFuTW3+EObrN83seDCTvKHTH/mKeNU
3QGs1/H6clM+9ZzvxHXHSY9ild8EWa+ypJ+FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzo0i6gl69k6oB037dRclmm9IgTAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96bzBpNmdsNjlrNm9CMDM3
ZFJjbG1tOUlnVEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAZdbszFcaWbs+xeSYQaxxZZRf7X31mPFZS9
8Vs51iob6B6Ld9o4cwEaL5LmllLN8E7twYBwwZLO2ruVMgG80k/5h8yl6htySSU2
SonuJzuJoLa/+/ImXsum0VzKnzimE0jWu/b8f191CkS6SWZAmSizFrjHAOA4WfPd
jSXrxFP1EL3jWvpsCbBW/Ir6IBZ1Vsg/NTxA8MSZdeeGpd0Hz7L1S0EyU/+DEKrM
ccu5Et4KR6vcwJ29CYwkS6BVLcSyPs+KmN2zOxKudp02Sr95arMiSJeQp09yRrD8
ApCVT7ZLh3khGoFvwFny9HIQBhke10NR9+PqUVLFSXzImzzxvoU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:06 2025 by rpki-client