Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AdxBOx5ijzEt7vMhQ-Ssdk8JnC0.roa
File: AdxBOx5ijzEt7vMhQ-Ssdk8JnC0.roa (raw, json)
Hash identifier: 1S5l3dxVU0TMed5qvGc67HS5P1jd9fUj50SwgjGthD0=
Subject key identifier: 01:DC:41:3B:1E:62:8F:31:2D:EE:F3:21:43:E4:AC:76:4F:09:9C:2D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C14
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AdxBOx5ijzEt7vMhQ-Ssdk8JnC0.roa
Signing time: Fri 13 Jun 2025 12:39:58 +0000
ROA not before: Fri 13 Jun 2025 12:39:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7188 (0x1c14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 12:39:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=01DC413B1E628F312DEEF32143E4AC764F099C2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a1:ab:b8:88:01:ed:5b:18:ce:0d:d8:2f:c2:
3c:07:2f:69:8a:18:18:56:85:f5:3f:d3:1d:1f:b2:
2f:6c:ff:f8:a6:d2:84:e9:7e:8f:93:3e:73:37:1c:
7a:b0:28:fb:6c:de:60:3e:6a:b1:a6:ed:f0:6a:05:
23:83:9e:6d:2c:4b:92:96:27:16:82:d8:35:a8:f4:
1e:2b:79:2b:87:46:26:7e:99:7b:c7:97:43:de:6e:
72:27:e7:dd:3b:43:e6:e8:b7:fa:e9:9c:c2:4a:24:
30:0f:e8:ff:25:50:33:9c:fa:e6:8a:78:ca:bd:92:
e7:4b:99:57:3b:d2:92:16:a8:68:a7:a7:6a:7c:6f:
c9:dd:01:97:90:3a:02:0d:e7:cd:07:60:cc:fb:3b:
be:7c:4d:68:ad:64:5d:3b:ad:29:82:16:13:74:f5:
08:26:d9:4f:b2:6f:bb:27:24:a6:68:d3:46:99:3e:
ab:8e:f4:f8:69:d3:58:de:fa:36:3c:bb:79:23:3e:
01:2f:f6:a0:26:e6:4b:31:2b:92:9d:5b:27:50:a6:
50:13:17:5b:fa:c3:85:d1:c7:2f:36:33:78:a5:fc:
1e:db:bb:be:48:79:5b:56:d4:36:8e:77:e8:16:9b:
a5:4f:c1:fc:c8:83:d6:66:60:71:ea:d0:ad:4f:0b:
d1:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:DC:41:3B:1E:62:8F:31:2D:EE:F3:21:43:E4:AC:76:4F:09:9C:2D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AdxBOx5ijzEt7vMhQ-Ssdk8JnC0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:2b:e6:db:6f:b8:60:46:5a:94:ca:54:4e:4a:26:56:1e:9a:
61:a7:c1:65:0a:d9:de:56:23:73:0d:7f:c3:6c:8d:19:a7:d0:
f0:85:14:2e:61:28:9a:25:a2:d2:ae:48:31:ce:68:f5:e2:72:
2c:c7:b5:57:f7:90:c4:a5:2f:85:24:64:bc:3b:4d:16:15:ee:
86:65:5d:32:a2:36:63:f6:6f:22:0a:1c:5c:6d:93:4e:3e:43:
87:f0:fb:32:ef:9a:bb:78:bd:79:e9:96:99:e4:35:5f:30:27:
9c:5c:8d:3b:76:65:0f:f9:61:5e:a8:64:fe:fe:3d:7b:c1:43:
02:83:45:06:50:b3:e4:45:30:b7:68:32:b1:da:7d:ff:87:e2:
e4:34:b6:46:90:f5:79:28:94:30:4f:95:85:2b:f0:d8:b9:03:
1c:3e:a9:ce:c4:ee:56:49:03:0c:a8:bd:42:e2:6b:e5:32:3f:
86:a0:5f:36:63:c0:6f:8f:6a:9e:13:82:53:6b:5b:ac:97:b2:
16:17:c0:06:96:9b:df:4e:ae:71:a6:09:3c:1e:fc:a5:16:3d:
a1:7d:bc:31:a4:59:63:58:b0:0c:8b:a6:f4:8f:67:7e:3c:b3:
b7:9d:79:13:7e:2f:8f:cc:63:74:02:bb:7c:63:ad:1d:f7:f2:
82:36:ca:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHBQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
MjM5NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAxREM0MTNCMUU2MjhG
MzEyREVFRjMyMTQzRTRBQzc2NEYwOTlDMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtoau4iAHtWxjODdgvwjwHL2mKGBhWhfU/0x0fsi9s//im0oTp
fo+TPnM3HHqwKPts3mA+arGm7fBqBSODnm0sS5KWJxaC2DWo9B4reSuHRiZ+mXvH
l0PebnIn5907Q+bot/rpnMJKJDAP6P8lUDOc+uaKeMq9kudLmVc70pIWqGinp2p8
b8ndAZeQOgIN580HYMz7O758TWitZF07rSmCFhN09Qgm2U+yb7snJKZo00aZPquO
9Php01je+jY8u3kjPgEv9qAm5ksxK5KdWydQplATF1v6w4XRxy82M3il/B7bu75I
eVtW1DaOd+gWm6VPwfzIg9ZmYHHq0K1PC9H1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAdxBOx5ijzEt7vMhQ+Ssdk8JnC0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BZHhCT3g1aWp6RXQ3dk1o
US1Tc2RrOEpuQzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGkr5ttvuGBGWpTKVE5KJlYemmGnwWUK2d5W
I3MNf8NsjRmn0PCFFC5hKJolotKuSDHOaPXicizHtVf3kMSlL4UkZLw7TRYV7oZl
XTKiNmP2byIKHFxtk04+Q4fw+zLvmrt4vXnplpnkNV8wJ5xcjTt2ZQ/5YV6oZP7+
PXvBQwKDRQZQs+RFMLdoMrHaff+H4uQ0tkaQ9XkolDBPlYUr8Ni5Axw+qc7E7lZJ
AwyovULia+UyP4agXzZjwG+Pap4TglNrW6yXshYXwAaWm99OrnGmCTwe/KUWPaF9
vDGkWWNYsAyLpvSPZ348s7edeRN+L4/MY3QCu3xjrR338oI2yps=
-----END CERTIFICATE-----
Generated at Fri Jun 20 14:56:29 2025 by rpki-client