Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ZcTaDwcbg918Yk_2zQf4VLboWqs.roa
File: ZcTaDwcbg918Yk_2zQf4VLboWqs.roa (raw, json)
Hash identifier: Ta8mcVk0KucjodMhT3q29dfypqrwTo7fpTtiWa5MQr8=
Subject key identifier: 65:C4:DA:0F:07:1B:83:DD:7C:62:4F:F6:CD:07:F8:54:B6:E8:5A:AB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07C8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZcTaDwcbg918Yk_2zQf4VLboWqs.roa
Signing time: Sat 17 May 2025 11:08:08 +0000
ROA not before: Sat 17 May 2025 11:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1992 (0x7c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 11:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=65C4DA0F071B83DD7C624FF6CD07F854B6E85AAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:a1:86:47:1d:cb:2e:ff:96:83:31:a3:e4:
b2:15:fa:fe:7a:b2:6c:2f:cf:9c:8e:ac:d7:cb:d6:
12:67:a0:8c:ad:c3:30:d6:a1:70:3d:5f:03:16:ed:
dd:2b:0e:8e:72:ee:d3:a5:4d:a0:7f:01:f8:bd:4f:
28:61:3e:f0:59:66:12:7a:3d:92:62:06:bb:3b:cd:
20:ab:6c:9e:bd:9f:e5:9c:18:3b:3f:e1:03:99:92:
28:89:a5:f3:fd:56:26:60:a9:3d:40:6d:e2:c5:b5:
05:b8:e3:8d:67:c9:b7:70:85:c9:17:76:e8:03:36:
5b:a5:ce:08:3f:da:31:cf:5f:34:39:b6:68:59:1a:
fc:b9:94:f9:34:21:5d:89:cc:90:bb:92:29:83:9e:
6b:b6:4e:1e:68:b2:69:8d:05:ca:c8:a5:22:71:f5:
15:f9:08:01:e6:3d:96:19:15:08:f0:9e:b5:61:89:
64:ec:79:4c:63:d3:c2:5b:34:fd:4c:ef:8d:27:a5:
09:22:70:60:3b:32:9e:43:91:7e:2f:7a:4e:4d:87:
38:b2:be:f1:b5:98:d2:35:a7:f4:2d:d4:9d:c4:cb:
16:15:ee:4e:bd:15:09:d0:a1:40:4a:52:73:db:9a:
83:05:9d:85:ad:c6:81:a3:b9:93:e6:13:bf:2a:75:
47:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C4:DA:0F:07:1B:83:DD:7C:62:4F:F6:CD:07:F8:54:B6:E8:5A:AB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZcTaDwcbg918Yk_2zQf4VLboWqs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:2f:84:80:10:cc:30:3c:cf:5a:78:c9:b2:39:2b:c3:ec:06:
51:13:26:c7:a0:fc:71:59:7c:1f:9e:7b:e3:83:f5:dc:41:cd:
e3:39:25:ab:58:37:7d:66:6f:bd:e1:d7:52:fa:da:4c:11:ac:
ea:9d:ff:29:18:a3:0e:e6:b2:44:35:d4:d8:11:d0:d0:8f:e9:
f8:c2:24:20:fb:f9:89:1e:a2:40:cb:ee:4d:d4:f0:cc:46:5d:
bf:f5:93:29:8c:d1:3b:28:7d:89:70:9a:6e:71:dc:22:e7:96:
5f:ee:f0:47:72:7a:48:d9:22:d9:37:5e:73:99:63:ab:69:b0:
71:34:fc:c7:04:bc:fe:56:47:c2:6b:5a:e6:aa:b6:29:45:be:
75:be:ae:1d:b0:27:76:fb:ef:8c:91:84:b1:fe:e2:1b:03:57:
be:b9:22:27:ac:84:f8:e6:03:8c:72:72:67:e5:0f:c3:ac:7e:
ee:98:b7:3a:43:24:09:ff:f0:e9:41:30:86:6e:4f:52:1b:41:
07:c2:58:c6:ff:65:c7:72:14:14:57:79:a6:1a:5d:f5:82:68:
2e:21:9e:ed:d2:4d:9b:e5:56:22:25:55:31:22:a8:b8:87:1d:
28:7d:7a:c1:59:d7:b2:7c:ce:b5:13:eb:48:40:fc:f0:2a:b8:
29:e8:ee:88
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB8gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
MTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY1QzREQTBGMDcxQjgz
REQ3QzYyNEZGNkNEMDdGODU0QjZFODVBQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFbaGGRx3LLv+WgzGj5LIV+v56smwvz5yOrNfL1hJnoIytwzDW
oXA9XwMW7d0rDo5y7tOlTaB/Afi9TyhhPvBZZhJ6PZJiBrs7zSCrbJ69n+WcGDs/
4QOZkiiJpfP9ViZgqT1AbeLFtQW4441nybdwhckXdugDNlulzgg/2jHPXzQ5tmhZ
Gvy5lPk0IV2JzJC7kimDnmu2Th5osmmNBcrIpSJx9RX5CAHmPZYZFQjwnrVhiWTs
eUxj08JbNP1M740npQkicGA7Mp5DkX4vek5NhziyvvG1mNI1p/Qt1J3EyxYV7k69
FQnQoUBKUnPbmoMFnYWtxoGjuZPmE78qdUfJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZcTaDwcbg918Yk/2zQf4VLboWqswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aY1RhRHdjYmc5MThZa18y
elFmNFZMYm9XcXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEgvhIAQzDA8z1p4ybI5K8PsBlETJseg/HFZ
fB+ee+OD9dxBzeM5JatYN31mb73h11L62kwRrOqd/ykYow7mskQ11NgR0NCP6fjC
JCD7+YkeokDL7k3U8MxGXb/1kymM0TsofYlwmm5x3CLnll/u8EdyekjZItk3XnOZ
Y6tpsHE0/McEvP5WR8JrWuaqtilFvnW+rh2wJ3b774yRhLH+4hsDV765IieshPjm
A4xycmflD8Osfu6YtzpDJAn/8OlBMIZuT1IbQQfCWMb/ZcdyFBRXeaYaXfWCaC4h
nu3STZvlViIlVTEiqLiHHSh9esFZ17J8zrUT60hA/PAquCno7og=
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:48:53 2025 by rpki-client