Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ciVaEbEttnoVgRRsBDE-V8LM-qo.roa
File: ciVaEbEttnoVgRRsBDE-V8LM-qo.roa (raw, json)
Hash identifier: zQCtVwuXHaQuhXmLfcHHkHgfVusPDqPiOxFe7pMvyhw=
Subject key identifier: 72:25:5A:11:B1:2D:B6:7A:15:81:14:6C:04:31:3E:57:C2:CC:FA:AA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DA0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ciVaEbEttnoVgRRsBDE-V8LM-qo.roa
Signing time: Sun 25 May 2025 06:08:32 +0000
ROA not before: Sun 25 May 2025 06:08:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3488 (0xda0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 06:08:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=72255A11B12DB67A1581146C04313E57C2CCFAAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:af:ae:1c:a2:93:3b:95:15:ff:c3:0f:7d:
93:2c:50:3c:07:5b:96:08:92:dd:16:cf:75:e4:e2:
89:3c:3c:41:c6:e4:3d:53:c3:df:80:af:9f:af:b5:
23:63:36:01:13:8f:80:27:79:c8:e6:d5:06:74:80:
e2:b0:3a:1f:6c:ab:ce:67:f7:21:7a:dd:08:4a:f1:
2c:2b:81:08:5c:ba:f0:7f:64:f8:c7:6c:e7:5b:04:
a7:de:ca:4a:90:c1:10:12:51:74:0e:19:18:eb:c7:
3c:97:17:15:a7:c7:e3:18:c6:2c:4c:9c:98:7a:95:
fe:4e:c6:6a:14:d0:67:37:1d:7b:60:65:78:35:4d:
e4:1d:59:85:d5:03:5e:19:4f:c8:c1:96:85:59:c7:
56:0f:33:86:1a:c2:03:0b:8c:8c:e3:d4:a7:f5:0f:
ed:8c:b8:a5:87:64:09:11:60:20:02:bb:6e:af:c3:
0a:47:01:bc:25:6b:b0:03:5c:72:6c:5a:a6:c3:94:
4d:cd:11:b8:e2:96:3e:c4:09:6b:5d:5a:d4:35:c7:
d3:4b:72:fe:17:21:a4:b0:ac:4d:7c:cb:2d:48:98:
c4:0c:94:6b:55:e6:45:76:11:ae:f5:23:47:bc:8f:
85:c1:22:b1:f6:c7:3f:ce:db:15:1c:86:38:c6:81:
56:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:25:5A:11:B1:2D:B6:7A:15:81:14:6C:04:31:3E:57:C2:CC:FA:AA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ciVaEbEttnoVgRRsBDE-V8LM-qo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:2a:b3:ad:1a:bf:3d:33:22:3a:ca:8d:a3:a2:fb:8d:7c:b2:
5c:e8:3e:b1:fd:8c:11:c8:4f:4b:05:3e:a0:a7:51:0a:f7:ce:
ae:69:4c:d4:33:d3:24:0b:d0:c4:8f:13:55:a0:d2:0d:ee:f4:
bf:83:64:c0:04:e9:5c:36:03:2c:ba:1f:d9:18:0c:21:3d:b7:
cc:b1:f6:af:cc:a4:c7:df:a8:8b:6b:f7:79:9b:d5:9f:0a:60:
cd:be:e2:18:74:65:3f:08:72:b8:29:61:4d:2b:47:67:e3:fe:
b7:e3:a1:2f:48:f1:96:6b:5d:f2:84:d1:e0:be:1b:23:35:06:
91:ed:04:74:10:fe:00:7a:bb:87:8d:23:a4:32:cd:15:19:bc:
7e:af:9c:0b:75:b9:f1:1f:f9:00:06:d2:d8:48:c1:23:22:2f:
11:8d:45:51:b2:32:01:ac:3d:29:f1:b7:20:07:d4:b3:ad:c6:
bd:e1:d2:02:66:e1:7a:6d:5d:90:75:4a:59:d4:c4:01:09:19:
86:b4:a4:71:bf:5f:b5:3d:6c:fe:45:7a:b4:d7:76:d0:b0:81:
b3:38:38:d2:f5:90:2c:ad:06:1b:6c:2b:df:f3:7b:3f:79:eb:
e4:a2:8f:a4:3e:84:81:e1:a8:4f:19:c7:96:5a:eb:ef:06:f8:
12:1a:70:fb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
NjA4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcyMjU1QTExQjEyREI2
N0ExNTgxMTQ2QzA0MzEzRTU3QzJDQ0ZBQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC98K+uHKKTO5UV/8MPfZMsUDwHW5YIkt0Wz3Xk4ok8PEHG5D1T
w9+Ar5+vtSNjNgETj4Anecjm1QZ0gOKwOh9sq85n9yF63QhK8SwrgQhcuvB/ZPjH
bOdbBKfeykqQwRASUXQOGRjrxzyXFxWnx+MYxixMnJh6lf5OxmoU0Gc3HXtgZXg1
TeQdWYXVA14ZT8jBloVZx1YPM4YawgMLjIzj1Kf1D+2MuKWHZAkRYCACu26vwwpH
Abwla7ADXHJsWqbDlE3NEbjilj7ECWtdWtQ1x9NLcv4XIaSwrE18yy1ImMQMlGtV
5kV2Ea71I0e8j4XBIrH2xz/O2xUchjjGgVa7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUciVaEbEttnoVgRRsBDE+V8LM+qowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jaVZhRWJFdHRub1ZnUlJz
QkRFLVY4TE0tcW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFIqs60avz0zIjrKjaOi+418slzoPrH9jBHI
T0sFPqCnUQr3zq5pTNQz0yQL0MSPE1Wg0g3u9L+DZMAE6Vw2Ayy6H9kYDCE9t8yx
9q/MpMffqItr93mb1Z8KYM2+4hh0ZT8IcrgpYU0rR2fj/rfjoS9I8ZZrXfKE0eC+
GyM1BpHtBHQQ/gB6u4eNI6QyzRUZvH6vnAt1ufEf+QAG0thIwSMiLxGNRVGyMgGs
PSnxtyAH1LOtxr3h0gJm4XptXZB1SlnUxAEJGYa0pHG/X7U9bP5FerTXdtCwgbM4
ONL1kCytBhtsK9/zez956+Sij6Q+hIHhqE8Zx5Za6+8G+BIacPs=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:56:43 2025 by rpki-client