Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cANyjvX8jGAIQuJm4q_IBTN3FsQ.roa
File: cANyjvX8jGAIQuJm4q_IBTN3FsQ.roa (raw, json)
Hash identifier: bvNWlhvlJo205aIf8aiSIO+lAMQA9SRiW2msfouD2mA=
Subject key identifier: 70:03:72:8E:F5:FC:8C:60:08:42:E2:66:E2:AF:C8:05:33:77:16:C4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0194
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cANyjvX8jGAIQuJm4q_IBTN3FsQ.roa
Signing time: Fri 09 May 2025 04:37:44 +0000
ROA not before: Fri 09 May 2025 04:37:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 404 (0x194)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 04:37:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7003728EF5FC8C600842E266E2AFC805337716C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0f:91:ce:53:cb:da:da:67:6c:8d:b1:02:03:
f5:ab:d2:6b:b8:54:48:19:e5:8a:a5:1f:e2:69:d3:
91:dd:82:d0:f2:03:d9:3a:73:9a:72:8a:42:27:1c:
0e:f8:18:8a:07:f5:da:9e:43:f0:c1:37:f3:f7:ee:
d0:07:fe:04:cb:8b:f4:6f:2e:ba:8d:f7:ae:00:96:
2a:29:8d:d0:dd:c5:c6:fd:aa:51:e3:b0:b0:1a:36:
67:8f:93:21:1a:c1:63:9d:04:2e:0a:17:1e:22:87:
31:74:d3:91:6f:0c:c6:da:5a:92:24:16:de:33:00:
5a:db:f4:49:4a:b7:5a:78:35:ba:67:bd:dd:29:45:
cd:f3:e7:6c:40:1d:31:ea:50:be:5f:9e:c4:5b:23:
0c:0a:39:82:4c:64:da:16:30:11:e3:47:a8:05:b5:
db:cb:c2:56:21:be:7f:e9:5d:3e:6d:4c:8a:3c:0b:
79:2a:ee:47:e9:a7:f0:fc:f5:36:57:32:f6:b1:e5:
2c:91:31:eb:93:ec:b0:65:a4:72:dc:ec:3d:2f:36:
d7:9a:0f:88:67:62:8b:a5:d9:d0:53:da:70:74:2f:
96:06:73:cf:76:50:31:14:db:58:22:dc:e6:86:6a:
4d:d3:0e:19:83:e6:31:68:58:7a:12:c0:2e:55:b7:
33:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:03:72:8E:F5:FC:8C:60:08:42:E2:66:E2:AF:C8:05:33:77:16:C4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cANyjvX8jGAIQuJm4q_IBTN3FsQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:ba:9f:c2:d1:e8:d5:b5:dc:44:6c:5f:9e:1f:47:3f:4a:86:
e3:ed:15:b1:45:c4:bb:00:0d:d6:fb:fc:48:3f:ba:78:88:65:
f7:df:fa:c7:fb:67:e8:a1:c8:6e:a4:ef:c5:aa:92:fd:d0:b7:
6f:c6:18:eb:c7:ef:45:82:6d:3c:65:ae:1f:7e:0a:9f:8f:19:
dd:17:59:b9:e6:5d:c7:8b:1f:56:cf:db:8e:99:70:fc:48:9c:
a6:a0:cd:cf:fc:ab:94:c5:3d:b5:2b:ed:1b:04:10:34:3b:41:
0a:8c:6a:5e:95:01:7a:74:cd:78:f5:53:96:2d:39:c0:f2:42:
6d:e6:5e:26:f2:4f:7c:7e:3e:26:21:af:ec:65:12:32:a8:c9:
58:a6:ad:c9:de:25:bd:36:c1:bd:cf:70:dc:a6:92:63:04:48:
64:47:4a:47:a0:ea:7d:ea:64:5f:1c:80:ad:0c:5e:27:e1:c1:
46:d9:df:73:5c:1a:6b:9c:27:9d:52:8c:cd:61:e3:1a:90:34:
e1:42:99:cf:19:c3:96:41:d2:d9:3d:fa:d0:44:f6:c8:6a:16:
7f:6c:ba:4b:c9:39:7a:e8:c6:bb:22:89:23:c8:0b:2b:c2:64:
c6:51:ec:63:a0:31:a1:0a:bc:5c:5a:12:02:db:61:bd:33:63:
04:39:19:e2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NDM3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcwMDM3MjhFRjVGQzhD
NjAwODQyRTI2NkUyQUZDODA1MzM3NzE2QzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaD5HOU8va2mdsjbECA/Wr0mu4VEgZ5YqlH+Jp05HdgtDyA9k6
c5pyikInHA74GIoH9dqeQ/DBN/P37tAH/gTLi/RvLrqN964AliopjdDdxcb9qlHj
sLAaNmePkyEawWOdBC4KFx4ihzF005FvDMbaWpIkFt4zAFrb9ElKt1p4Nbpnvd0p
Rc3z52xAHTHqUL5fnsRbIwwKOYJMZNoWMBHjR6gFtdvLwlYhvn/pXT5tTIo8C3kq
7kfpp/D89TZXMvax5SyRMeuT7LBlpHLc7D0vNteaD4hnYoul2dBT2nB0L5YGc892
UDEU21gi3OaGak3TDhmD5jFoWHoSwC5VtzOvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcANyjvX8jGAIQuJm4q/IBTN3FsQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jQU55anZYOGpHQUlRdUpt
NHFfSUJUTjNGc1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABu6n8LR6NW13ERsX54fRz9KhuPtFbFFxLsA
Ddb7/Eg/uniIZfff+sf7Z+ihyG6k78Wqkv3Qt2/GGOvH70WCbTxlrh9+Cp+PGd0X
WbnmXceLH1bP246ZcPxInKagzc/8q5TFPbUr7RsEEDQ7QQqMal6VAXp0zXj1U5Yt
OcDyQm3mXibyT3x+PiYhr+xlEjKoyVimrcneJb02wb3PcNymkmMESGRHSkeg6n3q
ZF8cgK0MXifhwUbZ33NcGmucJ51SjM1h4xqQNOFCmc8Zw5ZB0tk9+tBE9shqFn9s
ukvJOXroxrsiiSPICyvCZMZR7GOgMaEKvFxaEgLbYb0zYwQ5GeI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:17:38 2025 by rpki-client