Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/20RDnPKfLVzzVtA0opgC2Ue_x60.roa
File: 20RDnPKfLVzzVtA0opgC2Ue_x60.roa (raw, json)
Hash identifier: TbIMb2XIIDrhCCKFtfed1LXExYRb1s7okh7TQVFuuFE=
Subject key identifier: DB:44:43:9C:F2:9F:2D:5C:F3:56:D0:34:A2:98:02:D9:47:BF:C7:AD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 035C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/20RDnPKfLVzzVtA0opgC2Ue_x60.roa
Signing time: Sun 11 May 2025 13:37:52 +0000
ROA not before: Sun 11 May 2025 13:37:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 860 (0x35c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 13:37:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DB44439CF29F2D5CF356D034A29802D947BFC7AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c1:09:ba:13:24:e3:01:9c:54:32:3e:7f:e5:
f0:3a:69:2e:a4:c2:be:76:b9:3e:d8:49:49:3e:86:
10:34:d4:c4:a0:07:1c:9f:bb:3b:dc:6d:b3:5c:5f:
0d:5d:ec:13:46:58:66:39:1d:07:bf:b9:4d:9f:0f:
be:37:bd:6a:f5:ff:c4:6e:c3:eb:60:73:61:4f:08:
5b:6b:91:02:08:77:d8:a4:41:ed:b5:fd:6a:93:f3:
e0:95:06:a9:54:4c:be:68:0f:05:79:43:a6:c0:0a:
62:ab:b8:ab:60:81:c9:16:29:c5:b8:9a:a5:2e:21:
43:6d:4a:cf:2a:cd:3c:e9:5a:0c:d4:71:0c:35:61:
ca:ae:07:69:a8:4b:e9:be:8f:af:71:e4:40:90:96:
8c:c5:f0:92:b7:6b:c9:6e:23:fc:ba:81:43:2f:d5:
7a:b3:04:e7:15:b3:59:5d:dd:bc:d6:9e:b8:42:d7:
16:28:ad:ee:8e:58:3f:58:10:2e:b5:f7:8a:db:80:
31:a4:51:f3:5b:dd:bf:82:32:db:af:93:37:62:bc:
0f:4a:68:a5:a0:0d:0e:95:cc:f8:66:d3:e9:62:37:
80:00:85:97:99:35:d6:af:ab:29:3f:8e:ec:84:e0:
5e:1d:6e:8d:83:c5:8d:4c:50:36:39:ac:2b:a9:1e:
23:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:44:43:9C:F2:9F:2D:5C:F3:56:D0:34:A2:98:02:D9:47:BF:C7:AD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/20RDnPKfLVzzVtA0opgC2Ue_x60.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:2c:8f:a0:22:b3:ab:86:d8:4c:76:a7:2b:9a:21:8b:d0:4f:
12:f0:55:d4:b8:df:79:3b:97:0c:b8:85:b2:75:df:d5:68:63:
c2:1c:1b:ff:20:a4:9f:93:13:35:06:1a:de:f2:49:af:a4:c1:
06:c9:c7:5c:af:4f:6c:5f:8e:82:14:79:fc:1d:90:c7:3f:22:
9e:82:c1:3b:27:27:c5:b0:6f:33:7a:09:73:b9:fa:cb:fd:c5:
0e:91:af:2a:3d:0f:27:85:f5:3d:13:7e:ce:c2:89:9c:30:a9:
7c:54:69:aa:36:a0:b9:f7:67:21:8f:99:1a:a0:20:5d:a1:c8:
3a:16:df:51:70:82:e1:36:2b:fe:fa:a8:2a:59:e0:12:3f:57:
ed:1b:b6:7a:9b:e1:6e:42:a2:4b:1c:f0:8d:7d:ed:74:d1:54:
f8:9e:72:af:09:0a:95:b3:0e:39:9c:fa:a0:b4:97:c5:4f:f3:
92:87:c3:2f:e7:52:2f:c5:aa:f2:7b:e7:4d:f5:b1:79:97:a7:
ce:e8:de:88:98:0e:4b:38:6c:7e:9e:97:fd:1a:94:b7:9f:be:
36:f3:9a:7e:2f:f4:03:1a:14:9f:2b:18:47:9f:04:0c:a5:48:
43:8b:69:f6:2c:71:65:af:88:b4:a5:51:1c:dd:3f:39:f0:89:
c2:f2:c0:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MzM3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERCNDQ0MzlDRjI5RjJE
NUNGMzU2RDAzNEEyOTgwMkQ5NDdCRkM3QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHwQm6EyTjAZxUMj5/5fA6aS6kwr52uT7YSUk+hhA01MSgBxyf
uzvcbbNcXw1d7BNGWGY5HQe/uU2fD743vWr1/8Ruw+tgc2FPCFtrkQIId9ikQe21
/WqT8+CVBqlUTL5oDwV5Q6bACmKruKtggckWKcW4mqUuIUNtSs8qzTzpWgzUcQw1
YcquB2moS+m+j69x5ECQlozF8JK3a8luI/y6gUMv1XqzBOcVs1ld3bzWnrhC1xYo
re6OWD9YEC6194rbgDGkUfNb3b+CMtuvkzdivA9KaKWgDQ6VzPhm0+liN4AAhZeZ
Ndavqyk/juyE4F4dbo2DxY1MUDY5rCupHiPlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU20RDnPKfLVzzVtA0opgC2Ue/x60wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yMFJEblBLZkxWenpWdEEw
b3BnQzJVZV94NjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEEsj6Ais6uG2Ex2pyuaIYvQTxLwVdS433k7
lwy4hbJ139VoY8IcG/8gpJ+TEzUGGt7ySa+kwQbJx1yvT2xfjoIUefwdkMc/Ip6C
wTsnJ8WwbzN6CXO5+sv9xQ6Rryo9DyeF9T0Tfs7CiZwwqXxUaao2oLn3ZyGPmRqg
IF2hyDoW31FwguE2K/76qCpZ4BI/V+0btnqb4W5Coksc8I197XTRVPiecq8JCpWz
Djmc+qC0l8VP85KHwy/nUi/FqvJ75031sXmXp87o3oiYDks4bH6el/0alLefvjbz
mn4v9AMaFJ8rGEefBAylSEOLafYscWWviLSlURzdPznwicLywAk=
-----END CERTIFICATE-----
Generated at Mon May 19 08:46:01 2025 by rpki-client