Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2FXcRspVW-RIdoZw3PvWTM275ZA.roa
File: 2FXcRspVW-RIdoZw3PvWTM275ZA.roa (raw, json)
Hash identifier: 9BTLcBnTlS2jpe/EZ+d1/6/zxrYys5L5/eSKbZgs3n0=
Subject key identifier: D8:55:DC:46:CA:55:5B:E4:48:76:86:70:DC:FB:D6:4C:CD:BB:E5:90
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1644
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2FXcRspVW-RIdoZw3PvWTM275ZA.roa
Signing time: Thu 05 Jun 2025 18:39:33 +0000
ROA not before: Thu 05 Jun 2025 18:39:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5700 (0x1644)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 18:39:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D855DC46CA555BE448768670DCFBD64CCDBBE590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:65:d8:b8:31:9e:65:10:93:d2:d8:9d:76:97:
59:f3:53:5a:a3:b7:6c:e5:dc:e6:fa:5a:85:a0:8f:
75:43:c5:9f:d5:ee:b0:8f:49:0e:f9:2a:cf:34:08:
14:16:eb:c0:ce:26:2b:9d:f7:e4:47:f8:52:ff:27:
28:2f:0a:66:da:1d:4b:e2:81:2a:df:bb:ca:d0:cb:
1f:67:15:e4:4c:01:62:d2:38:e7:36:b0:45:bd:b9:
ab:32:e1:79:a3:3c:f9:3f:9c:14:f3:10:d4:0d:31:
3a:7b:00:9b:10:9c:e5:f7:a1:35:30:af:86:06:f3:
c6:97:52:fd:97:0a:18:cd:c4:6f:b0:4e:41:83:60:
0d:0b:60:2c:c7:28:09:0d:27:f3:f9:ca:28:cc:7f:
7a:1d:4f:d7:4b:80:d1:16:18:97:a8:98:4f:e5:06:
52:c7:85:64:76:a0:a3:56:f3:5f:69:d4:b7:dd:4c:
99:4a:88:c6:a8:98:38:9a:e3:a2:61:b7:6d:f9:2b:
64:c8:ce:e6:32:16:08:71:a4:83:79:96:3e:06:af:
9b:c5:d9:d8:a5:6f:fc:d2:3b:d0:a6:7a:18:aa:fe:
e6:de:cc:26:73:49:02:4e:36:23:5c:41:b1:3a:89:
ac:5b:2f:43:9d:4e:5d:04:36:ac:98:6e:3a:6a:f8:
0f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:55:DC:46:CA:55:5B:E4:48:76:86:70:DC:FB:D6:4C:CD:BB:E5:90
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2FXcRspVW-RIdoZw3PvWTM275ZA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:05:0c:15:f9:1b:f9:ce:e8:69:3b:e5:d1:5d:cb:04:47:63:
64:bd:7b:97:14:f7:ff:08:9e:2d:95:2b:67:df:d9:51:28:e3:
3b:e9:34:e8:b6:13:aa:b8:e0:61:92:f2:8a:47:b1:94:f1:6c:
f1:68:21:40:61:de:67:d4:93:a9:1f:9f:67:b9:0f:88:5f:76:
55:58:98:4d:07:6d:50:7a:59:3a:c0:dc:f7:f3:93:c3:a5:29:
29:b1:01:ff:ab:ce:54:d9:40:33:70:3a:ef:81:1f:35:84:6b:
44:73:fc:44:f0:d1:70:55:67:3e:ea:d7:94:3a:06:96:34:5a:
7a:39:6c:64:73:c1:c6:70:91:68:c9:e4:65:df:04:15:74:6a:
b0:b8:39:3b:65:07:b5:90:96:7c:ea:6e:0d:48:09:e6:f1:b9:
e9:d0:d4:d6:11:0a:5c:dc:d9:40:4f:59:9c:95:5c:aa:9c:b3:
56:8a:4d:56:71:38:74:bb:ea:2a:bf:0c:d8:ff:f6:a2:20:1a:
bd:55:83:ea:54:58:e2:15:e2:90:68:51:4d:8f:29:b9:e9:8d:
bf:39:fc:0f:b7:c2:37:37:35:07:41:97:ac:2c:c9:0e:26:ac:
dd:f7:65:ea:2a:d3:2f:89:ab:19:10:e0:25:6c:94:4a:e8:6e:
89:6d:56:14
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
ODM5MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ4NTVEQzQ2Q0E1NTVC
RTQ0ODc2ODY3MERDRkJENjRDQ0RCQkU1OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCZdi4MZ5lEJPS2J12l1nzU1qjt2zl3Ob6WoWgj3VDxZ/V7rCP
SQ75Ks80CBQW68DOJiud9+RH+FL/JygvCmbaHUvigSrfu8rQyx9nFeRMAWLSOOc2
sEW9uasy4XmjPPk/nBTzENQNMTp7AJsQnOX3oTUwr4YG88aXUv2XChjNxG+wTkGD
YA0LYCzHKAkNJ/P5yijMf3odT9dLgNEWGJeomE/lBlLHhWR2oKNW819p1LfdTJlK
iMaomDia46Jht235K2TIzuYyFghxpIN5lj4Gr5vF2dilb/zSO9Cmehiq/ubezCZz
SQJONiNcQbE6iaxbL0OdTl0ENqyYbjpq+A/TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2FXcRspVW+RIdoZw3PvWTM275ZAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yRlhjUnNwVlctUklkb1p3
M1B2V1RNMjc1WkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABkFDBX5G/nO6Gk75dFdywRHY2S9e5cU9/8I
ni2VK2ff2VEo4zvpNOi2E6q44GGS8opHsZTxbPFoIUBh3mfUk6kfn2e5D4hfdlVY
mE0HbVB6WTrA3Pfzk8OlKSmxAf+rzlTZQDNwOu+BHzWEa0Rz/ETw0XBVZz7q15Q6
BpY0Wno5bGRzwcZwkWjJ5GXfBBV0arC4OTtlB7WQlnzqbg1ICebxuenQ1NYRClzc
2UBPWZyVXKqcs1aKTVZxOHS76iq/DNj/9qIgGr1Vg+pUWOIV4pBoUU2PKbnpjb85
/A+3wjc3NQdBl6wsyQ4mrN33Zeoq0y+JqxkQ4CVslEroboltVhQ=
-----END CERTIFICATE-----
Generated at Fri Jun 20 21:34:35 2025 by rpki-client