Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ze4WopRovYu7rz3yRC4YJRzbV68.roa
File: ze4WopRovYu7rz3yRC4YJRzbV68.roa (raw, json)
Hash identifier: UhrEJPieSs26hcmj85BFLmqsugjK4z8IupAl+Hxs0m8=
Subject key identifier: CD:EE:16:A2:94:68:BD:8B:BB:AF:3D:F2:44:2E:18:25:1C:DB:57:AF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 154C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ze4WopRovYu7rz3yRC4YJRzbV68.roa
Signing time: Wed 04 Jun 2025 11:39:20 +0000
ROA not before: Wed 04 Jun 2025 11:39:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5452 (0x154c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 11:39:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CDEE16A29468BD8BBBAF3DF2442E18251CDB57AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7d:79:ad:97:f6:d1:35:7e:1f:86:26:86:0e:
7f:fb:a5:db:4d:2a:ed:30:d2:03:cd:4e:b2:24:41:
ea:b9:f4:0b:36:58:40:f1:e2:91:79:14:a6:c9:f4:
c5:73:92:e8:70:b3:7a:0e:9c:4d:16:5e:40:3a:43:
ae:fd:67:eb:7c:5b:2d:ad:4b:1b:8d:9e:0e:13:bc:
1c:36:0d:35:0b:3e:92:26:a3:56:29:5b:38:b7:28:
e6:d4:71:64:16:7e:b7:4c:8c:4f:27:0e:fc:32:f3:
cd:c5:45:7d:17:ba:5f:96:c5:7a:5e:64:98:15:aa:
90:43:73:08:93:7c:bb:fb:59:dc:25:f8:d1:a3:93:
06:41:51:7e:85:08:75:85:d3:c8:31:34:53:6c:9c:
71:85:8f:b0:30:a7:0a:26:ba:d1:da:e3:bc:36:13:
84:6e:d2:54:f8:2a:25:80:a7:19:b0:64:b0:8d:cc:
d0:b0:a3:79:6c:34:59:d7:61:ea:61:71:4a:a8:aa:
d5:c9:b7:71:6d:77:63:6d:0d:da:49:a3:b7:8d:2e:
48:04:4f:0f:04:1c:91:9a:97:8e:d6:47:67:ac:50:
c3:df:8a:85:7c:61:5a:d0:87:7d:81:8a:ea:76:45:
2b:79:f9:b9:8c:0c:0d:ee:87:6a:41:40:75:d9:10:
9f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:EE:16:A2:94:68:BD:8B:BB:AF:3D:F2:44:2E:18:25:1C:DB:57:AF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ze4WopRovYu7rz3yRC4YJRzbV68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:f4:7f:38:be:7c:75:94:09:3c:88:d9:61:f1:4c:3c:05:42:
98:e8:90:d2:e7:fb:61:c3:bd:8a:29:37:92:57:5e:77:af:5a:
95:f1:5d:46:1f:0d:a5:91:70:b8:df:c6:1c:14:b9:33:22:f1:
31:93:88:5f:00:e4:60:03:90:43:76:e5:61:67:e4:3e:21:1f:
f2:da:50:52:90:bb:7c:60:61:6f:29:c6:e0:ef:a0:83:0b:a5:
a1:ab:e5:38:b5:13:1d:b9:78:e3:55:c6:d7:08:c8:3d:ab:1b:
76:11:49:22:4a:04:6a:a5:fb:d5:1d:11:66:40:c7:e1:e8:51:
ef:a6:a2:77:5c:ee:d3:91:73:32:c1:9a:44:f3:88:4b:34:19:
00:81:7e:c4:af:81:74:71:fc:59:e4:7d:09:9d:2e:92:35:64:
3c:81:52:dd:70:09:26:54:53:68:e5:55:f2:b0:8c:9c:3a:62:
4d:f9:ec:52:f7:89:c8:a7:17:53:99:d7:07:cd:ef:34:45:c7:
1b:6f:0f:2e:22:db:ac:76:a2:9c:d7:78:b6:58:a6:ac:42:37:
f2:7b:02:79:ff:cb:d7:47:d9:1d:55:f8:41:c3:ee:07:80:39:
a1:71:b2:ed:79:2c:5f:52:71:82:ca:93:57:19:31:31:b3:75:
44:f4:ae:70
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFUwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQx
MTM5MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENERUUxNkEyOTQ2OEJE
OEJCQkFGM0RGMjQ0MkUxODI1MUNEQjU3QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+fXmtl/bRNX4fhiaGDn/7pdtNKu0w0gPNTrIkQeq59As2WEDx
4pF5FKbJ9MVzkuhws3oOnE0WXkA6Q679Z+t8Wy2tSxuNng4TvBw2DTULPpImo1Yp
Wzi3KObUcWQWfrdMjE8nDvwy883FRX0Xul+WxXpeZJgVqpBDcwiTfLv7Wdwl+NGj
kwZBUX6FCHWF08gxNFNsnHGFj7AwpwomutHa47w2E4Ru0lT4KiWApxmwZLCNzNCw
o3lsNFnXYephcUqoqtXJt3Ftd2NtDdpJo7eNLkgETw8EHJGal47WR2esUMPfioV8
YVrQh32Biup2RSt5+bmMDA3uh2pBQHXZEJ9JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUze4WopRovYu7rz3yRC4YJRzbV68wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96ZTRXb3BSb3ZZdTdyejN5
UkM0WUpSemJWNjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAC30fzi+fHWUCTyI2WHxTDwFQpjokNLn+2HD
vYopN5JXXnevWpXxXUYfDaWRcLjfxhwUuTMi8TGTiF8A5GADkEN25WFn5D4hH/La
UFKQu3xgYW8pxuDvoIMLpaGr5Ti1Ex25eONVxtcIyD2rG3YRSSJKBGql+9UdEWZA
x+HoUe+mondc7tORczLBmkTziEs0GQCBfsSvgXRx/FnkfQmdLpI1ZDyBUt1wCSZU
U2jlVfKwjJw6Yk357FL3icinF1OZ1wfN7zRFxxtvDy4i26x2opzXeLZYpqxCN/J7
Ann/y9dH2R1V+EHD7geAOaFxsu15LF9ScYLKk1cZMTGzdUT0rnA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:20:00 2025 by rpki-client