Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/pa3L4NUbRUr1os6nSGumQElLwCM.roa
File: pa3L4NUbRUr1os6nSGumQElLwCM.roa (raw, json)
Hash identifier: 3U8/sE8+DZRV5dhPX5RnE705nFjk0OPGChXkK+61NLo=
Subject key identifier: A5:AD:CB:E0:D5:1B:45:4A:F5:A2:CE:A7:48:6B:A6:40:49:4B:C0:23
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 179C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pa3L4NUbRUr1os6nSGumQElLwCM.roa
Signing time: Sat 07 Jun 2025 13:39:37 +0000
ROA not before: Sat 07 Jun 2025 13:39:37 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6044 (0x179c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 13:39:37 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A5ADCBE0D51B454AF5A2CEA7486BA640494BC023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b6:9b:b2:ec:84:88:b1:95:b0:e1:55:b0:40:
3d:70:5c:99:87:c8:f2:2d:b2:52:e1:07:18:93:c4:
7e:e2:fd:69:61:95:b4:61:59:eb:33:d0:9c:80:b6:
80:4e:fa:2c:5a:94:e2:66:74:f3:6d:01:8f:45:cf:
4a:98:7c:8d:de:94:ab:f7:69:5e:e9:bd:15:ae:33:
8a:45:3c:65:93:1e:47:c8:57:af:9d:2a:46:d8:40:
be:07:f0:59:df:ba:b6:68:86:d9:87:23:1d:af:36:
55:5a:2b:8e:76:47:ef:ed:33:c5:50:a9:41:a1:65:
c8:93:ee:8c:33:08:bb:62:f2:3d:bc:0d:c9:ff:b6:
a7:4c:d8:d2:00:39:af:ed:39:8c:55:e3:c1:12:f5:
20:4e:c1:79:31:d8:4e:7d:12:d4:68:ea:a7:1f:74:
ad:63:f3:d9:05:9e:a0:ab:8a:50:44:8a:f9:8a:bd:
7d:cc:d0:55:20:a6:cb:c7:4e:6f:8e:8e:9f:3f:04:
aa:d0:99:72:6e:84:f5:c8:2d:89:2e:47:9d:30:87:
c3:ac:1d:83:16:82:c8:2a:0f:ae:1f:5c:8a:70:a0:
f9:9b:cc:2e:07:80:37:24:c8:b6:97:1c:3b:b8:ba:
ca:5b:3d:18:82:99:bc:4f:6a:c1:f4:7e:89:f2:b2:
e5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:AD:CB:E0:D5:1B:45:4A:F5:A2:CE:A7:48:6B:A6:40:49:4B:C0:23
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pa3L4NUbRUr1os6nSGumQElLwCM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:e5:9a:d4:12:63:c1:24:7e:30:11:40:b7:ab:3e:36:42:96:
cc:b7:82:c6:81:6a:f0:e9:77:15:ce:c8:73:99:b8:08:41:93:
ef:f9:18:83:dd:a9:66:f3:04:ea:1e:74:d7:e0:15:ff:4f:59:
c0:86:92:f4:e9:c8:53:87:1b:14:4e:9e:64:21:0f:38:a7:ea:
c4:ad:f6:f2:fc:b2:09:b5:0a:12:62:de:57:f3:bc:d5:17:b6:
4d:6b:ab:68:fd:f9:55:7d:08:51:e4:f8:71:28:05:03:35:e0:
ec:23:48:00:b4:db:53:14:27:34:f7:b0:75:8a:3c:bf:de:01:
c5:20:f8:41:17:9e:70:91:1b:bb:17:fc:11:ec:e7:62:ce:9d:
98:84:05:c9:12:4a:17:0c:03:c7:44:f3:70:f8:d8:75:e8:52:
15:8a:c3:8d:5a:2c:80:69:d6:81:42:27:bb:20:b9:b7:b1:be:
40:d2:de:02:96:12:ce:87:a7:b4:8c:fe:03:cf:32:21:e5:a6:
24:de:a8:67:e1:61:08:e6:11:a2:26:42:d9:ad:7a:d2:3d:5c:
93:f8:4e:c5:35:df:be:3a:eb:e5:61:a6:d3:49:0f:ee:d5:74:
93:0d:c8:69:da:bf:14:69:93:53:49:ca:cb:5f:95:39:a0:55:
26:b3:5f:e6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
MzM5MzdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE1QURDQkUwRDUxQjQ1
NEFGNUEyQ0VBNzQ4NkJBNjQwNDk0QkMwMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQtpuy7ISIsZWw4VWwQD1wXJmHyPItslLhBxiTxH7i/WlhlbRh
Wesz0JyAtoBO+ixalOJmdPNtAY9Fz0qYfI3elKv3aV7pvRWuM4pFPGWTHkfIV6+d
KkbYQL4H8FnfurZohtmHIx2vNlVaK452R+/tM8VQqUGhZciT7owzCLti8j28Dcn/
tqdM2NIAOa/tOYxV48ES9SBOwXkx2E59EtRo6qcfdK1j89kFnqCrilBEivmKvX3M
0FUgpsvHTm+Ojp8/BKrQmXJuhPXILYkuR50wh8OsHYMWgsgqD64fXIpwoPmbzC4H
gDckyLaXHDu4uspbPRiCmbxPasH0fonysuX/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpa3L4NUbRUr1os6nSGumQElLwCMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wYTNMNE5VYlJVcjFvczZu
U0d1bVFFbEx3Q00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADHlmtQSY8EkfjARQLerPjZClsy3gsaBavDp
dxXOyHOZuAhBk+/5GIPdqWbzBOoedNfgFf9PWcCGkvTpyFOHGxROnmQhDzin6sSt
9vL8sgm1ChJi3lfzvNUXtk1rq2j9+VV9CFHk+HEoBQM14OwjSAC021MUJzT3sHWK
PL/eAcUg+EEXnnCRG7sX/BHs52LOnZiEBckSShcMA8dE83D42HXoUhWKw41aLIBp
1oFCJ7sgubexvkDS3gKWEs6Hp7SM/gPPMiHlpiTeqGfhYQjmEaImQtmtetI9XJP4
TsU137466+VhptNJD+7VdJMNyGnavxRpk1NJystflTmgVSazX+Y=
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:41:48 2025 by rpki-client