Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/drUyzpwGesefipnqOdR_uTaG4M0.roa
File: drUyzpwGesefipnqOdR_uTaG4M0.roa (raw, json)
Hash identifier: nEO5dkMkJqj8veZtU3Uq6yQRIPOSQ0AllhTG2i3/tHY=
Subject key identifier: 76:B5:32:CE:9C:06:7A:C7:9F:8A:99:EA:39:D4:7F:B9:36:86:E0:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CEC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/drUyzpwGesefipnqOdR_uTaG4M0.roa
Signing time: Sat 24 May 2025 07:38:31 +0000
ROA not before: Sat 24 May 2025 07:38:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3308 (0xcec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 07:38:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=76B532CE9C067AC79F8A99EA39D47FB93686E0CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:8e:33:5e:b6:8d:96:27:e7:5d:10:a5:6e:e1:
4e:74:cc:37:09:79:dc:a2:ed:c9:d9:a0:9c:dc:a9:
e1:09:b3:30:bf:75:53:20:05:d6:0e:ec:cc:04:1a:
c4:e6:33:f8:08:91:94:e4:d1:90:58:a3:d9:6e:03:
6e:23:d1:7a:24:b5:87:76:a5:a1:10:b9:8d:8c:74:
90:88:e4:39:70:12:02:f3:b4:8c:c2:24:ee:5a:df:
c3:4b:a9:2c:b6:6b:b5:5e:31:7a:90:99:79:cb:12:
79:2a:36:b6:2b:cb:06:f4:dc:25:11:bd:bd:09:94:
41:d2:bd:31:03:a0:2f:e0:e1:ed:f7:c0:9a:78:af:
38:f1:2d:30:99:7f:6c:3a:3c:9d:86:d4:d8:0a:e1:
7a:40:1a:6b:9b:4b:01:53:d8:91:5e:2c:7c:db:b2:
82:ec:23:81:1a:ed:4b:31:0b:9e:eb:fa:41:56:fb:
b7:a5:d3:91:b9:1b:f4:d6:10:c4:9a:45:5f:bb:db:
fe:1a:f4:3c:f0:85:d3:2e:6f:79:d4:4a:8f:72:78:
fd:d2:fb:2f:b5:6d:e4:ea:0f:07:1c:db:e5:43:86:
2c:06:51:ae:a9:ce:8b:ea:a7:a4:d3:8c:c1:d8:63:
f8:7d:fb:81:21:9c:64:5a:10:73:73:c8:f3:62:bb:
b5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B5:32:CE:9C:06:7A:C7:9F:8A:99:EA:39:D4:7F:B9:36:86:E0:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/drUyzpwGesefipnqOdR_uTaG4M0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:00:59:a3:78:82:31:08:0d:10:a3:d1:51:4e:6d:dc:1b:9f:
61:2d:a7:b1:e8:77:49:45:dd:67:0b:0b:16:37:7e:fb:a8:6f:
42:92:66:40:70:51:64:4e:a6:f4:2b:1d:4f:e1:18:17:cc:d3:
91:5c:21:16:6b:ec:12:a2:f1:c2:ff:82:bb:2e:68:88:45:12:
5e:41:45:52:8d:5a:68:22:e7:d3:bd:a1:f9:41:42:55:87:1f:
55:f3:79:d5:01:2e:d0:e5:7a:27:33:3a:93:fb:4f:b4:c2:cb:
af:b8:2d:c1:2e:4d:de:03:00:0f:ba:53:e1:fc:51:19:60:f8:
e2:2c:2d:51:64:cd:7d:ca:71:26:9e:81:f4:af:24:db:21:d5:
af:b9:b4:11:05:b3:46:d8:2c:5d:bd:3a:b4:d6:62:91:33:b9:
ed:dc:8e:aa:1e:bc:6a:38:1e:d7:e2:bc:4c:f3:d3:b1:8d:25:
e2:d6:e5:b2:14:a4:90:89:0a:f4:94:6e:4c:9d:40:4a:d5:aa:
73:02:ee:94:e8:d8:80:91:db:66:84:2a:0a:2f:83:79:ec:e1:
b1:38:04:9e:88:5f:0e:88:22:0b:db:3b:91:a5:10:26:66:bd:
7c:ca:93:be:31:bb:3b:50:d6:31:7f:b2:34:96:c2:86:99:dd:
98:37:00:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQw
NzM4MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc2QjUzMkNFOUMwNjdB
Qzc5RjhBOTlFQTM5RDQ3RkI5MzY4NkUwQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2jjNeto2WJ+ddEKVu4U50zDcJedyi7cnZoJzcqeEJszC/dVMg
BdYO7MwEGsTmM/gIkZTk0ZBYo9luA24j0XoktYd2paEQuY2MdJCI5DlwEgLztIzC
JO5a38NLqSy2a7VeMXqQmXnLEnkqNrYrywb03CURvb0JlEHSvTEDoC/g4e33wJp4
rzjxLTCZf2w6PJ2G1NgK4XpAGmubSwFT2JFeLHzbsoLsI4Ea7UsxC57r+kFW+7el
05G5G/TWEMSaRV+72/4a9DzwhdMub3nUSo9yeP3S+y+1beTqDwcc2+VDhiwGUa6p
zovqp6TTjMHYY/h9+4EhnGRaEHNzyPNiu7V9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdrUyzpwGesefipnqOdR/uTaG4M0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kclV5enB3R2VzZWZpcG5x
T2RSX3VUYUc0TTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAAAWaN4gjEIDRCj0VFObdwbn2Etp7Hod0lF
3WcLCxY3fvuob0KSZkBwUWROpvQrHU/hGBfM05FcIRZr7BKi8cL/grsuaIhFEl5B
RVKNWmgi59O9oflBQlWHH1XzedUBLtDleiczOpP7T7TCy6+4LcEuTd4DAA+6U+H8
URlg+OIsLVFkzX3KcSaegfSvJNsh1a+5tBEFs0bYLF29OrTWYpEzue3cjqoevGo4
HtfivEzz07GNJeLW5bIUpJCJCvSUbkydQErVqnMC7pTo2ICR22aEKgovg3ns4bE4
BJ6IXw6IIgvbO5GlECZmvXzKk74xuztQ1jF/sjSWwoaZ3Zg3AOw=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:10:04 2025 by rpki-client