Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TUj2t1UKDw5ztJ5lhW4HM2ZuUSo.roa
File: TUj2t1UKDw5ztJ5lhW4HM2ZuUSo.roa (raw, json)
Hash identifier: 7iLgCft+sHQa+e1gV3ka0HDDf6tPlgvgWYo4w+/34x4=
Subject key identifier: 4D:48:F6:B7:55:0A:0F:0E:73:B4:9E:65:85:6E:07:33:66:6E:51:2A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1588
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TUj2t1UKDw5ztJ5lhW4HM2ZuUSo.roa
Signing time: Wed 04 Jun 2025 19:09:21 +0000
ROA not before: Wed 04 Jun 2025 19:09:21 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5512 (0x1588)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 19:09:21 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4D48F6B7550A0F0E73B49E65856E0733666E512A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:80:d3:c0:0f:38:eb:07:b6:4c:8b:49:c5:24:
d5:5f:27:cd:6c:07:98:af:03:4c:f4:d2:01:28:64:
49:18:6f:56:0b:45:6e:c1:02:88:71:7f:37:26:01:
29:e8:78:82:93:61:1a:78:36:ae:9d:95:50:81:18:
a0:bb:22:cf:b4:c6:76:d4:7d:0c:5d:dc:39:43:91:
dc:d0:cb:30:1a:0b:37:83:af:07:5a:f4:aa:dc:fd:
2f:4d:bd:64:b5:76:9e:7a:20:9f:d5:33:f5:76:f9:
31:8d:2e:a4:ca:5d:49:18:f9:39:54:2e:c0:9a:34:
31:4f:52:ef:26:e2:27:fc:0d:e7:46:e7:ea:c0:b9:
cb:3c:24:79:51:0c:66:5e:ef:5e:e7:12:2c:e4:51:
a0:85:77:40:ae:09:49:6b:04:d6:7a:46:d5:d7:63:
4e:49:48:29:c1:14:59:7e:b6:3f:6b:a6:b4:60:09:
78:de:35:cf:2f:33:41:36:4c:bd:25:72:94:3b:e9:
e3:36:31:e4:2b:6d:a8:35:b1:06:17:13:77:86:db:
f4:43:92:75:5f:d4:f0:89:51:67:63:37:c9:02:83:
d1:15:69:f7:7a:62:3b:96:d8:83:a7:fe:c7:5a:d0:
74:6b:5a:f8:1d:93:10:3e:12:2d:bb:60:c7:ad:05:
48:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:48:F6:B7:55:0A:0F:0E:73:B4:9E:65:85:6E:07:33:66:6E:51:2A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TUj2t1UKDw5ztJ5lhW4HM2ZuUSo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:83:84:cb:60:81:d7:0f:85:ab:9c:72:61:27:5d:8a:f0:ec:
a0:74:04:5d:94:dc:d5:b1:96:4e:ed:30:ce:f5:bb:0b:cd:96:
8a:4f:e2:dd:ee:af:18:be:74:84:17:da:ae:3e:d0:e9:b2:0e:
2a:43:42:b1:2d:ab:cf:dd:61:e4:d0:46:e7:fe:1d:8f:13:c3:
e9:72:5b:ea:12:d3:7d:d3:65:8e:fb:ea:d1:dd:81:ec:a2:9c:
9d:06:84:c6:9c:f6:9a:aa:51:21:82:f8:3b:3c:cb:50:42:dc:
e2:6f:ed:36:3a:83:f4:67:13:3c:ae:b2:c9:55:84:d3:ed:65:
1f:44:fa:04:8a:c5:9c:ed:4c:9b:9a:fd:3e:7a:f7:c3:b2:0a:
56:2a:2a:fa:a7:7f:4d:71:94:ce:67:ea:7c:20:e4:fd:65:cf:
aa:c0:26:c7:e1:56:99:ff:1f:ae:b3:ca:fd:9a:20:00:6e:f6:
96:80:38:bc:db:6f:9a:13:4b:44:60:f9:4c:a1:0c:8b:0d:e9:
3b:93:72:62:dd:2c:e6:a6:c7:75:67:0a:2d:44:e6:28:f6:b9:
7b:e6:9f:57:ec:79:5a:85:47:e8:b7:ed:b1:fe:46:90:11:b6:
bb:0a:24:b9:89:7f:d3:2f:66:c0:d6:6a:ca:2c:20:2f:4a:7e:
ba:a6:4a:4e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQx
OTA5MjFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRENDhGNkI3NTUwQTBG
MEU3M0I0OUU2NTg1NkUwNzMzNjY2RTUxMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIgNPADzjrB7ZMi0nFJNVfJ81sB5ivA0z00gEoZEkYb1YLRW7B
AohxfzcmASnoeIKTYRp4Nq6dlVCBGKC7Is+0xnbUfQxd3DlDkdzQyzAaCzeDrwda
9Krc/S9NvWS1dp56IJ/VM/V2+TGNLqTKXUkY+TlULsCaNDFPUu8m4if8DedG5+rA
ucs8JHlRDGZe717nEizkUaCFd0CuCUlrBNZ6RtXXY05JSCnBFFl+tj9rprRgCXje
Nc8vM0E2TL0lcpQ76eM2MeQrbag1sQYXE3eG2/RDknVf1PCJUWdjN8kCg9EVafd6
YjuW2IOn/sda0HRrWvgdkxA+Ei27YMetBUh1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTUj2t1UKDw5ztJ5lhW4HM2ZuUSowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UVWoydDFVS0R3NXp0SjVs
aFc0SE0yWnVVU28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKWDhMtggdcPhauccmEnXYrw7KB0BF2U3NWx
lk7tMM71uwvNlopP4t3urxi+dIQX2q4+0OmyDipDQrEtq8/dYeTQRuf+HY8Tw+ly
W+oS033TZY776tHdgeyinJ0GhMac9pqqUSGC+Ds8y1BC3OJv7TY6g/RnEzyusslV
hNPtZR9E+gSKxZztTJua/T5698OyClYqKvqnf01xlM5n6nwg5P1lz6rAJsfhVpn/
H66zyv2aIABu9paAOLzbb5oTS0Rg+UyhDIsN6TuTcmLdLOamx3VnCi1E5ij2uXvm
n1fseVqFR+i37bH+RpARtrsKJLmJf9MvZsDWasosIC9KfrqmSk4=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:57:15 2025 by rpki-client