Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2aNrE5mO-3n7J7MXv5x_qjuACzE.roa
File: 2aNrE5mO-3n7J7MXv5x_qjuACzE.roa (raw, json)
Hash identifier: CpsxsoX8k0RQi4nZuL4HGg34TAGcIid/K7PBIhyskRU=
Subject key identifier: D9:A3:6B:13:99:8E:FB:79:FB:27:B3:17:BF:9C:7F:AA:3B:80:0B:31
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04AC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2aNrE5mO-3n7J7MXv5x_qjuACzE.roa
Signing time: Tue 13 May 2025 07:37:56 +0000
ROA not before: Tue 13 May 2025 07:37:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1196 (0x4ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 07:37:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D9A36B13998EFB79FB27B317BF9C7FAA3B800B31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:10:d9:56:8c:b3:72:e5:d9:5d:cd:d2:c5:85:
aa:43:f1:3c:38:07:18:a9:cb:31:84:dd:c5:2c:e7:
f8:29:ca:03:6f:58:bc:76:bc:16:2d:c9:6a:1f:93:
38:45:74:c4:27:62:bd:14:3e:bc:c8:79:90:dd:4b:
2b:39:5d:4c:81:95:41:d8:f2:58:47:7e:e5:08:eb:
3e:4c:f7:7b:46:ea:46:eb:02:4c:ba:d8:c7:ae:ef:
05:34:2d:8a:e4:18:35:1d:f7:91:53:00:45:c5:b1:
42:a4:91:bb:f0:7f:bf:f9:d5:3a:a0:87:d8:fb:6d:
72:f7:ad:ca:87:3f:61:3e:1d:f3:1e:fe:96:6f:9d:
4d:d2:ae:d6:b2:8a:7a:10:21:02:2b:f8:7a:d7:ac:
d6:38:c5:cd:af:c9:00:2d:1a:8a:11:26:2a:27:6c:
11:c3:0b:9a:db:3d:9b:d1:45:bf:8a:99:23:c2:18:
84:0c:e7:a0:35:1e:11:c1:20:2b:75:f7:fe:cc:5f:
62:df:95:e7:a1:08:9a:d3:0f:97:bf:a2:a9:9f:ad:
42:5c:12:ed:97:70:5b:d3:c0:79:b9:a1:c0:db:c3:
d0:1d:b7:f5:37:11:0e:63:39:2b:77:c8:15:0e:68:
a7:74:28:d4:07:4c:fa:2b:9b:8c:e2:eb:c6:0d:d9:
90:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A3:6B:13:99:8E:FB:79:FB:27:B3:17:BF:9C:7F:AA:3B:80:0B:31
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2aNrE5mO-3n7J7MXv5x_qjuACzE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:78:7f:07:66:ea:a8:d7:2c:98:60:6e:9d:99:fc:49:1a:bc:
2d:e8:72:46:27:8e:18:e6:b6:87:dd:11:fd:43:92:05:bd:f2:
91:d7:99:db:17:4c:f2:e5:d7:d3:e3:3b:65:66:bb:22:33:fe:
35:70:b8:85:22:c7:db:5a:ce:3d:d9:62:f4:42:d4:84:3a:73:
d7:5a:0d:97:00:45:82:0f:37:e8:79:e9:cd:41:24:88:21:2e:
d1:c2:c0:34:06:65:50:07:96:f4:80:5d:60:bb:b8:90:ac:13:
33:86:9d:cd:ce:a8:3f:de:78:4b:3c:88:26:e6:58:89:e9:0c:
d1:0a:29:f2:fd:25:b7:54:6d:7e:78:25:06:a0:51:79:23:04:
d3:05:43:34:dc:5e:8d:80:60:ed:93:5a:90:28:87:d9:e4:73:
20:87:d9:6b:fa:2b:e7:f6:f3:fd:00:0c:f0:89:5e:c5:a1:42:
48:55:6b:4c:77:39:c6:bc:2a:87:9e:73:e9:d6:e0:42:f8:6d:
2c:0a:d5:a9:33:ab:c7:29:15:98:0a:76:a5:03:78:87:47:2f:
38:54:d5:82:63:ec:e0:ff:7e:f9:bc:8e:26:e0:f4:fe:fb:c5:
e5:3f:d0:7a:77:f6:a5:2d:45:0d:9e:13:d5:25:cb:c4:fe:d1:
81:76:1d:7d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBKwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NzM3NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ5QTM2QjEzOTk4RUZC
NzlGQjI3QjMxN0JGOUM3RkFBM0I4MDBCMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCENlWjLNy5dldzdLFhapD8Tw4BxipyzGE3cUs5/gpygNvWLx2
vBYtyWofkzhFdMQnYr0UPrzIeZDdSys5XUyBlUHY8lhHfuUI6z5M93tG6kbrAky6
2Meu7wU0LYrkGDUd95FTAEXFsUKkkbvwf7/51Tqgh9j7bXL3rcqHP2E+HfMe/pZv
nU3SrtayinoQIQIr+HrXrNY4xc2vyQAtGooRJionbBHDC5rbPZvRRb+KmSPCGIQM
56A1HhHBICt19/7MX2LfleehCJrTD5e/oqmfrUJcEu2XcFvTwHm5ocDbw9Adt/U3
EQ5jOSt3yBUOaKd0KNQHTPorm4zi68YN2ZCNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2aNrE5mO+3n7J7MXv5x/qjuACzEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yYU5yRTVtTy0zbjdKN01Y
djV4X3FqdUFDekUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEJ4fwdm6qjXLJhgbp2Z/EkavC3ockYnjhjm
tofdEf1DkgW98pHXmdsXTPLl19PjO2VmuyIz/jVwuIUix9tazj3ZYvRC1IQ6c9da
DZcARYIPN+h56c1BJIghLtHCwDQGZVAHlvSAXWC7uJCsEzOGnc3OqD/eeEs8iCbm
WInpDNEKKfL9JbdUbX54JQagUXkjBNMFQzTcXo2AYO2TWpAoh9nkcyCH2Wv6K+f2
8/0ADPCJXsWhQkhVa0x3Oca8Koeec+nW4EL4bSwK1akzq8cpFZgKdqUDeIdHLzhU
1YJj7OD/fvm8jibg9P77xeU/0Hp39qUtRQ2eE9Uly8T+0YF2HX0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 23:01:01 2025 by rpki-client