Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/E3BV1s0jfo3QNaW56H9-LjSzktA.roa
File: E3BV1s0jfo3QNaW56H9-LjSzktA.roa (raw, json)
Hash identifier: jA20jYdd1n3UVdpWg/Kb5+kYNor8Cg/v1nWuQOhhJd0=
Subject key identifier: 13:70:55:D6:CD:23:7E:8D:D0:35:A5:B9:E8:7F:7E:2E:34:B3:92:D0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12A0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E3BV1s0jfo3QNaW56H9-LjSzktA.roa
Signing time: Sat 31 May 2025 22:09:10 +0000
ROA not before: Sat 31 May 2025 22:09:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4768 (0x12a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 22:09:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=137055D6CD237E8DD035A5B9E87F7E2E34B392D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2e:1a:52:7d:26:cb:a1:26:35:6a:3c:d1:cb:
97:12:a5:39:72:10:91:05:8e:ed:f1:bc:82:7e:d4:
a3:fd:6e:fa:90:39:1f:d4:0c:f0:1a:1a:be:cb:0f:
ac:d9:99:5f:57:bf:30:8d:41:6e:0a:c4:3d:77:a1:
a6:63:81:b3:45:f7:74:7b:f9:53:bf:b4:8d:ae:60:
4b:af:fb:14:5e:6f:0d:73:26:e4:ff:a1:23:90:d3:
e9:ef:93:67:b3:bc:d6:ea:d5:1c:87:a2:b1:b4:61:
bb:a8:b1:6a:21:a7:b1:5c:a4:68:69:0d:b0:7d:be:
4a:40:ad:e0:90:25:19:f2:e7:50:ea:f0:be:9b:96:
4c:2a:84:dd:3d:a3:50:0e:34:e1:1b:90:cf:87:01:
b2:42:62:10:1a:3b:54:ae:90:1c:14:82:17:98:71:
02:46:7a:c1:db:4a:e9:76:34:cd:32:54:dc:e6:4f:
b3:9e:f0:89:e4:7e:5d:2a:86:a3:a3:2a:9c:f4:f2:
82:db:27:0d:e0:5f:ab:53:a9:71:3a:40:ec:7c:a6:
b0:e3:df:93:fc:2d:43:25:99:b7:e0:11:d8:b6:6d:
08:4b:21:a4:95:2b:fd:40:cf:6f:10:62:5d:e1:06:
80:dd:4d:32:73:41:99:cc:30:b6:6e:4a:be:04:a8:
60:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:70:55:D6:CD:23:7E:8D:D0:35:A5:B9:E8:7F:7E:2E:34:B3:92:D0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E3BV1s0jfo3QNaW56H9-LjSzktA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:a8:6b:ba:fb:3f:2b:a1:cf:dd:cb:27:4a:72:89:e2:08:de:
3a:f0:10:e0:4b:4f:38:83:a3:60:d4:0c:98:74:24:b6:f1:ab:
8e:06:df:26:7e:0b:58:64:f6:d0:9d:74:b7:cb:b3:b1:25:38:
b6:2d:e8:fb:51:4b:0c:42:9e:77:d1:c3:0d:32:9d:d4:55:24:
4e:f3:43:77:da:aa:56:6a:d9:26:dc:61:82:6d:be:59:1a:b1:
41:6e:bc:e4:07:54:93:47:13:ef:b0:90:6e:27:4e:a7:a7:8e:
3f:21:58:7d:4c:0e:cf:28:4a:fc:d2:0e:7b:9e:68:14:b6:ae:
6e:d1:33:2e:b0:93:e6:10:c9:17:9a:d1:8b:a7:45:75:0d:2c:
9c:90:47:f8:4f:9c:61:28:87:a1:93:74:ad:26:98:57:ca:5e:
7d:59:45:e2:b5:49:05:87:b3:05:e8:e3:a8:72:47:f8:b2:6f:
73:5d:eb:c4:a3:8d:ff:53:b1:bc:6a:ac:a0:36:f7:15:b0:4b:
d9:38:8c:df:51:95:23:56:54:f6:c8:3b:69:fe:03:eb:e6:06:
4c:ba:c2:77:cb:bc:14:5f:6b:1e:f7:4b:f9:15:36:20:1a:a6:
69:0c:a7:b7:d7:2e:f6:2b:24:ec:73:93:ad:78:34:39:07:b3:
c2:02:78:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEqAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEy
MjA5MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEzNzA1NUQ2Q0QyMzdF
OEREMDM1QTVCOUU4N0Y3RTJFMzRCMzkyRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKLhpSfSbLoSY1ajzRy5cSpTlyEJEFju3xvIJ+1KP9bvqQOR/U
DPAaGr7LD6zZmV9XvzCNQW4KxD13oaZjgbNF93R7+VO/tI2uYEuv+xRebw1zJuT/
oSOQ0+nvk2ezvNbq1RyHorG0YbuosWohp7FcpGhpDbB9vkpAreCQJRny51Dq8L6b
lkwqhN09o1AONOEbkM+HAbJCYhAaO1SukBwUgheYcQJGesHbSul2NM0yVNzmT7Oe
8Inkfl0qhqOjKpz08oLbJw3gX6tTqXE6QOx8prDj35P8LUMlmbfgEdi2bQhLIaSV
K/1Az28QYl3hBoDdTTJzQZnMMLZuSr4EqGDxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUE3BV1s0jfo3QNaW56H9+LjSzktAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FM0JWMXMwamZvM1FOYVc1
Nkg5LUxqU3prdEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEyoa7r7Pyuhz93LJ0pyieII3jrwEOBLTziD
o2DUDJh0JLbxq44G3yZ+C1hk9tCddLfLs7ElOLYt6PtRSwxCnnfRww0yndRVJE7z
Q3faqlZq2SbcYYJtvlkasUFuvOQHVJNHE++wkG4nTqenjj8hWH1MDs8oSvzSDnue
aBS2rm7RMy6wk+YQyRea0YunRXUNLJyQR/hPnGEoh6GTdK0mmFfKXn1ZReK1SQWH
swXo46hyR/iyb3Nd68Sjjf9TsbxqrKA29xWwS9k4jN9RlSNWVPbIO2n+A+vmBky6
wnfLvBRfax73S/kVNiAapmkMp7fXLvYrJOxzk614NDkHs8ICeIs=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:09:49 2025 by rpki-client