Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/iDIyC459TGjLeKJjtx6_E2NLMK8.roa
File: iDIyC459TGjLeKJjtx6_E2NLMK8.roa (raw, json)
Hash identifier: J7MRM/nPZf6FyK5SYvKSatMBCLbh6dMt4tQOjqp/vQs=
Subject key identifier: 88:32:32:0B:8E:7D:4C:68:CB:78:A2:63:B7:1E:BF:13:63:4B:30:AF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0648
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iDIyC459TGjLeKJjtx6_E2NLMK8.roa
Signing time: Thu 15 May 2025 11:08:03 +0000
ROA not before: Thu 15 May 2025 11:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1608 (0x648)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 11:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8832320B8E7D4C68CB78A263B71EBF13634B30AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e5:9c:99:dd:dd:2f:0b:1b:cd:ab:82:60:14:
42:79:72:77:2e:ea:73:c5:54:4c:5f:db:d1:50:8f:
0b:04:cf:b1:45:ad:a9:f9:95:92:da:67:0d:14:2b:
7c:59:c6:ba:fa:ac:0f:1c:8f:cf:a6:7b:6e:58:18:
18:9b:f1:ee:c9:1c:72:da:04:0c:28:5e:b5:de:86:
a3:4a:c8:3b:a9:5d:32:bf:1c:07:a4:6e:29:2a:3f:
ed:91:19:14:b8:77:fb:dd:7a:80:1b:33:d5:0f:36:
97:75:b3:b9:53:4e:fd:f8:32:dd:0a:bb:3b:ca:59:
ee:04:16:7b:19:c7:f6:c5:58:1e:97:be:38:24:89:
14:e9:3c:f5:e3:84:85:cd:38:2f:15:7f:e7:c8:14:
2a:40:f7:88:6b:f5:37:ae:e5:b0:55:96:4a:b8:be:
49:9f:09:62:e3:bf:c1:7f:59:1e:34:4d:4d:30:2c:
31:bf:0e:84:40:fc:5a:4c:c5:43:c0:3f:b7:d1:39:
4a:c8:1a:8b:bd:0d:6e:bd:11:4e:b7:3f:55:70:7b:
42:0c:b7:98:da:2c:c6:36:a2:3f:1c:e3:b6:eb:c2:
88:ad:55:11:5e:66:99:2a:ce:39:32:c1:18:9c:96:
31:07:77:68:8f:a0:d5:40:70:f0:97:34:79:f7:a7:
ad:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:32:32:0B:8E:7D:4C:68:CB:78:A2:63:B7:1E:BF:13:63:4B:30:AF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/iDIyC459TGjLeKJjtx6_E2NLMK8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:d5:dd:b2:5c:e6:a8:09:1b:1c:dd:3e:be:a2:7d:4e:3c:7b:
40:62:e5:d9:a6:51:47:d7:a2:15:4b:a8:83:07:37:74:26:7f:
42:fd:95:a9:6e:21:d2:03:4e:51:ed:9b:e2:be:4a:1d:92:f9:
b0:d0:58:52:34:bc:ef:ec:3a:a1:e0:d1:fe:46:6a:93:ad:44:
b8:4b:4c:74:a8:ca:08:d6:54:14:25:6d:9d:71:af:15:3d:7f:
5d:fb:a3:17:da:c1:54:fd:df:49:70:51:48:7b:2f:db:c6:64:
ee:f5:3c:c2:ee:5a:a7:ba:29:7a:9d:40:6e:55:2f:71:fe:6e:
01:5f:36:8a:2f:d4:66:54:e4:95:ac:34:cc:18:36:aa:e7:a8:
28:68:b2:f4:87:9e:55:89:45:bf:bc:49:47:7d:9b:9f:1a:14:
27:7d:16:32:87:f4:a2:06:6e:af:36:7c:86:90:b5:b7:12:e7:
bd:64:7b:05:5b:b6:5e:a8:60:c8:9f:cd:47:59:dd:c4:03:ce:
39:3e:42:4a:15:4b:a5:42:cf:63:8e:12:66:24:d1:d2:09:58:
bd:25:e4:ee:a0:36:89:87:f3:99:98:4f:01:ec:e0:6d:33:1c:
ec:10:34:ab:28:19:27:66:b7:1c:ee:2c:fa:f1:c0:7a:96:72:
9c:42:9d:10
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBkgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
MTA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg4MzIzMjBCOEU3RDRD
NjhDQjc4QTI2M0I3MUVCRjEzNjM0QjMwQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDM5ZyZ3d0vCxvNq4JgFEJ5cncu6nPFVExf29FQjwsEz7FFran5
lZLaZw0UK3xZxrr6rA8cj8+me25YGBib8e7JHHLaBAwoXrXehqNKyDupXTK/HAek
bikqP+2RGRS4d/vdeoAbM9UPNpd1s7lTTv34Mt0KuzvKWe4EFnsZx/bFWB6Xvjgk
iRTpPPXjhIXNOC8Vf+fIFCpA94hr9Teu5bBVlkq4vkmfCWLjv8F/WR40TU0wLDG/
DoRA/FpMxUPAP7fROUrIGou9DW69EU63P1Vwe0IMt5jaLMY2oj8c47brwoitVRFe
ZpkqzjkywRicljEHd2iPoNVAcPCXNHn3p62ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUiDIyC459TGjLeKJjtx6/E2NLMK8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pREl5QzQ1OVRHakxlS0pq
dHg2X0UyTkxNSzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABLV3bJc5qgJGxzdPr6ifU48e0Bi5dmmUUfX
ohVLqIMHN3Qmf0L9laluIdIDTlHtm+K+Sh2S+bDQWFI0vO/sOqHg0f5GapOtRLhL
THSoygjWVBQlbZ1xrxU9f137oxfawVT930lwUUh7L9vGZO71PMLuWqe6KXqdQG5V
L3H+bgFfNoov1GZU5JWsNMwYNqrnqChosvSHnlWJRb+8SUd9m58aFCd9FjKH9KIG
bq82fIaQtbcS571kewVbtl6oYMifzUdZ3cQDzjk+QkoVS6VCz2OOEmYk0dIJWL0l
5O6gNomH85mYTwHs4G0zHOwQNKsoGSdmtxzuLPrxwHqWcpxCnRA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:00:42 2025 by rpki-client