Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/a4rhz7SUwabLhYINM4W3GfL1zAI.roa
File: a4rhz7SUwabLhYINM4W3GfL1zAI.roa (raw, json)
Hash identifier: cixCTsisaxf+t6Bg2zP2EFKAAZm4FrU4DGHnrQqkHeU=
Subject key identifier: 6B:8A:E1:CF:B4:94:C1:A6:CB:85:82:0D:33:85:B7:19:F2:F5:CC:02
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0888
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/a4rhz7SUwabLhYINM4W3GfL1zAI.roa
Signing time: Sun 18 May 2025 11:08:10 +0000
ROA not before: Sun 18 May 2025 11:08:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2184 (0x888)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 11:08:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6B8AE1CFB494C1A6CB85820D3385B719F2F5CC02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:6f:38:f3:cb:23:01:fd:11:f5:b3:3a:0c:
be:7b:00:54:2f:70:33:50:42:30:83:40:8f:7c:a0:
d7:05:be:af:ea:d0:ce:05:c6:84:d4:f2:76:b3:65:
8f:66:16:04:26:5e:01:43:09:2c:71:93:3f:02:0f:
23:e4:03:a0:2e:5c:07:92:a0:03:42:2d:7f:70:f0:
8b:ca:ad:47:2d:79:79:6d:92:65:96:a8:0e:6a:8d:
ee:bc:83:9d:58:03:65:6b:54:ee:42:f7:a8:4c:da:
85:56:38:3f:97:e1:de:bb:33:6b:16:8a:67:ad:42:
18:6a:c5:d1:22:20:c3:38:ee:16:53:d7:07:c4:e6:
da:cb:36:de:5d:0f:c4:3e:b7:98:1f:81:d2:bb:1c:
e3:66:54:e8:78:c1:04:e3:22:85:c3:27:bb:7f:46:
d1:f2:60:bb:42:09:65:2f:85:da:e9:cf:c4:c5:e7:
86:9f:17:f3:67:44:ab:5e:2a:fe:43:8c:a1:f6:32:
7c:20:d4:a1:17:72:f2:0c:e9:0f:73:ea:15:38:c5:
0c:e3:ce:c2:a4:2c:8e:2e:9d:ef:33:dd:61:a1:73:
16:17:2f:25:d2:bd:2d:02:06:2a:0f:05:61:9c:76:
6e:21:0d:bf:74:b1:a1:dc:58:dd:64:1b:f6:e4:8d:
f7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8A:E1:CF:B4:94:C1:A6:CB:85:82:0D:33:85:B7:19:F2:F5:CC:02
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/a4rhz7SUwabLhYINM4W3GfL1zAI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:fc:54:1b:97:cf:a4:a6:ef:2a:f9:92:e1:34:63:d3:c2:08:
70:4d:24:16:d2:27:75:f4:28:ba:5b:7e:13:31:56:e8:8e:07:
df:ce:c3:ba:d9:80:b5:ed:f6:92:c5:e1:b1:7b:ca:7f:d1:ff:
7c:af:ed:fa:c7:05:2e:16:3d:35:f9:02:47:0b:58:1f:55:39:
7a:dd:20:18:eb:1c:ae:35:16:e8:f3:af:1d:fd:08:3f:af:33:
82:66:06:0f:c5:58:d8:36:52:60:7c:f2:26:00:58:b9:36:92:
89:bd:2c:65:37:3a:0d:21:d3:90:dd:a2:46:0c:13:20:9f:00:
b9:11:c3:4c:06:59:a2:f5:18:d6:b7:1c:de:07:aa:23:b4:1d:
1e:3a:9b:e6:de:d7:6b:aa:c4:d2:97:1a:87:76:9b:c5:24:44:
94:1d:f4:d0:4f:40:ac:6b:fc:82:2f:09:a0:b0:23:87:0c:0b:
a9:97:18:d2:36:95:72:6f:46:bf:36:23:fb:ee:75:58:ae:6e:
d7:d1:72:71:47:a5:97:29:35:b8:4e:ed:0a:33:d4:3b:8c:5b:
23:7d:86:68:d6:ab:82:c2:a1:a3:cb:0d:2d:c1:98:59:72:30:
9e:1d:22:a7:a9:67:69:64:e5:72:8f:e6:0a:0c:dc:f2:d0:b1:
db:8c:02:73
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCIgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
MTA4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZCOEFFMUNGQjQ5NEMx
QTZDQjg1ODIwRDMzODVCNzE5RjJGNUNDMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7SW8488sjAf0R9bM6DL57AFQvcDNQQjCDQI98oNcFvq/q0M4F
xoTU8nazZY9mFgQmXgFDCSxxkz8CDyPkA6AuXAeSoANCLX9w8IvKrUcteXltkmWW
qA5qje68g51YA2VrVO5C96hM2oVWOD+X4d67M2sWimetQhhqxdEiIMM47hZT1wfE
5trLNt5dD8Q+t5gfgdK7HONmVOh4wQTjIoXDJ7t/RtHyYLtCCWUvhdrpz8TF54af
F/NnRKteKv5DjKH2Mnwg1KEXcvIM6Q9z6hU4xQzjzsKkLI4une8z3WGhcxYXLyXS
vS0CBioPBWGcdm4hDb90saHcWN1kG/bkjfdTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUa4rhz7SUwabLhYINM4W3GfL1zAIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hNHJoejdTVXdhYkxoWUlO
TTRXM0dmTDF6QUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGr8VBuXz6Sm7yr5kuE0Y9PCCHBNJBbSJ3X0
KLpbfhMxVuiOB9/Ow7rZgLXt9pLF4bF7yn/R/3yv7frHBS4WPTX5AkcLWB9VOXrd
IBjrHK41Fujzrx39CD+vM4JmBg/FWNg2UmB88iYAWLk2kom9LGU3Og0h05DdokYM
EyCfALkRw0wGWaL1GNa3HN4HqiO0HR46m+be12uqxNKXGod2m8UkRJQd9NBPQKxr
/IIvCaCwI4cMC6mXGNI2lXJvRr82I/vudViubtfRcnFHpZcpNbhO7Qoz1DuMWyN9
hmjWq4LCoaPLDS3BmFlyMJ4dIqepZ2lk5XKP5goM3PLQsduMAnM=
-----END CERTIFICATE-----
Generated at Fri Jun 20 17:50:22 2025 by rpki-client