Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-DNk33EsWhhCbpxvIpqu4DY4-DY.roa
File: -DNk33EsWhhCbpxvIpqu4DY4-DY.roa (raw, json)
Hash identifier: MhtV7/YffgDtrT5p72APlsTDCZMKuHN88GoiLmINe5U=
Subject key identifier: F8:33:64:DF:71:2C:5A:18:42:6E:9C:6F:22:9A:AE:E0:36:38:F8:36
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 033C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-DNk33EsWhhCbpxvIpqu4DY4-DY.roa
Signing time: Sun 11 May 2025 09:38:17 +0000
ROA not before: Sun 11 May 2025 09:38:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 828 (0x33c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 09:38:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F83364DF712C5A18426E9C6F229AAEE03638F836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:80:6d:5a:8d:07:c7:99:b4:c3:7c:f6:02:
21:3e:bf:13:51:86:cc:c1:e1:83:f5:6f:35:2c:6d:
3d:ec:bf:13:ae:25:9a:0e:8c:03:2b:35:74:2b:d3:
b8:3c:59:ce:f6:09:af:c0:91:5b:66:99:11:c7:31:
37:a0:31:c3:55:b4:6b:55:ca:15:f6:95:6c:34:d1:
ed:c6:67:53:2e:94:91:bb:b1:66:73:c0:85:a5:53:
ac:48:70:87:85:74:0d:5d:e7:e9:69:e1:97:c0:04:
4a:5c:99:29:73:f4:94:77:62:ff:d4:f2:46:b6:25:
fa:44:6b:4f:4e:06:51:6c:3c:2c:b1:fd:7a:70:44:
44:85:f8:58:e4:a0:08:ee:6d:cf:63:2d:07:de:df:
56:e1:b7:14:97:0b:04:80:70:b0:6d:84:fb:ba:02:
b7:43:8e:d1:e5:dc:cd:99:54:f4:f7:f6:38:fa:16:
59:eb:3c:2c:d6:5e:84:ea:00:18:2f:87:28:54:da:
a9:10:06:ca:42:41:2e:11:e5:dc:d3:68:d2:51:06:
0b:fd:54:67:d0:bb:38:81:70:4e:4d:6f:ca:d8:83:
58:27:e1:b6:b0:f1:38:c3:c2:cc:69:52:93:e7:51:
d0:3c:54:f9:ac:2f:35:42:6c:9f:d5:22:62:d7:4b:
46:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:33:64:DF:71:2C:5A:18:42:6E:9C:6F:22:9A:AE:E0:36:38:F8:36
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-DNk33EsWhhCbpxvIpqu4DY4-DY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:0c:1b:28:64:de:43:04:04:c3:6d:aa:98:0c:e2:62:ff:e6:
3f:c5:e7:df:8d:8c:2e:d4:95:63:0a:1c:20:19:ce:f5:72:3c:
1e:9e:fb:d0:a5:89:fd:f2:c9:a6:55:b0:22:b3:a5:52:93:07:
fc:de:f7:c9:8d:13:fc:5f:84:07:f7:30:df:e2:75:ba:ca:9c:
0e:03:9e:13:28:f2:d0:00:52:5b:3c:0e:8f:4a:b1:94:5e:cf:
58:d6:4c:c7:2f:45:64:57:dd:39:a1:8c:8a:fb:bd:92:15:03:
8d:95:61:8f:f5:9e:f1:73:2b:1e:c4:29:7e:6a:4d:64:42:5a:
ed:63:3c:76:ee:28:3b:df:24:32:39:b9:11:cd:2f:9b:78:a3:
61:a5:16:e6:b8:8c:18:b6:66:7b:ef:7c:35:16:34:6d:19:56:
47:a1:c1:0f:e9:17:e3:89:e0:dc:0e:0a:c8:44:8b:be:9f:ee:
9c:57:fb:4b:11:48:aa:73:c9:02:5f:74:50:e4:d4:93:c3:1f:
19:67:0f:d2:58:39:0c:e8:67:fb:63:da:da:17:e2:ec:a3:f2:
f9:d6:fb:bd:92:cb:ee:26:30:7b:86:84:01:d7:dd:b9:69:68:
50:27:c7:40:5d:5d:25:07:d1:ed:15:ba:52:f7:7a:8c:c8:0c:
37:65:b3:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAzwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
OTM4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY4MzM2NERGNzEyQzVB
MTg0MjZFOUM2RjIyOUFBRUUwMzYzOEY4MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGw4BtWo0Hx5m0w3z2AiE+vxNRhszB4YP1bzUsbT3svxOuJZoO
jAMrNXQr07g8Wc72Ca/AkVtmmRHHMTegMcNVtGtVyhX2lWw00e3GZ1MulJG7sWZz
wIWlU6xIcIeFdA1d5+lp4ZfABEpcmSlz9JR3Yv/U8ka2JfpEa09OBlFsPCyx/Xpw
RESF+FjkoAjubc9jLQfe31bhtxSXCwSAcLBthPu6ArdDjtHl3M2ZVPT39jj6Flnr
PCzWXoTqABgvhyhU2qkQBspCQS4R5dzTaNJRBgv9VGfQuziBcE5Nb8rYg1gn4baw
8TjDwsxpUpPnUdA8VPmsLzVCbJ/VImLXS0ZzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+DNk33EsWhhCbpxvIpqu4DY4+DYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tRE5rMzNFc1doaENicHh2
SXBxdTREWTQtRFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKUMGyhk3kMEBMNtqpgM4mL/5j/F59+NjC7U
lWMKHCAZzvVyPB6e+9Clif3yyaZVsCKzpVKTB/ze98mNE/xfhAf3MN/idbrKnA4D
nhMo8tAAUls8Do9KsZRez1jWTMcvRWRX3TmhjIr7vZIVA42VYY/1nvFzKx7EKX5q
TWRCWu1jPHbuKDvfJDI5uRHNL5t4o2GlFua4jBi2ZnvvfDUWNG0ZVkehwQ/pF+OJ
4NwOCshEi76f7pxX+0sRSKpzyQJfdFDk1JPDHxlnD9JYOQzoZ/tj2toX4uyj8vnW
+72Sy+4mMHuGhAHX3blpaFAnx0BdXSUH0e0VulL3eozIDDdls40=
-----END CERTIFICATE-----
Generated at Sun May 18 04:03:21 2025 by rpki-client