Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/34FdbHUZq_M8qUZEui3o_NsKHgg.roa
File: 34FdbHUZq_M8qUZEui3o_NsKHgg.roa (raw, json)
Hash identifier: csP75osKAYJXFzYd1oZ6azAjf/2y3RlxmcVfFZiZio4=
Subject key identifier: DF:81:5D:6C:75:19:AB:F3:3C:A9:46:44:BA:2D:E8:FC:DB:0A:1E:08
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0250
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/34FdbHUZq_M8qUZEui3o_NsKHgg.roa
Signing time: Sat 10 May 2025 04:08:18 +0000
ROA not before: Sat 10 May 2025 04:08:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 592 (0x250)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 04:08:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DF815D6C7519ABF33CA94644BA2DE8FCDB0A1E08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bd:36:03:ef:9a:c6:55:a0:90:d3:fd:5a:a3:
cf:e9:aa:a7:ca:a4:18:47:fd:31:9f:d0:98:c0:cd:
4f:d4:f0:fb:92:b8:f6:f5:7e:06:95:42:3d:d8:25:
7e:20:3e:c9:24:e8:1b:eb:f4:44:c1:84:83:0c:56:
b1:82:96:74:d4:ea:cb:56:e3:23:46:0b:6c:ba:25:
fd:0e:4b:06:aa:68:d3:88:0a:e0:36:ea:22:de:e1:
7f:e0:55:f5:0e:6b:c6:90:65:e3:8c:5f:20:cb:68:
a9:83:3c:7c:2f:5e:93:a8:3b:be:02:6e:ef:19:e4:
c8:62:31:67:d6:69:5e:78:eb:7a:84:27:0f:f2:47:
82:e0:4a:28:c9:02:55:dc:ea:11:d9:a9:33:4f:88:
92:3e:83:83:91:10:35:29:ae:22:5b:b3:5c:8d:5f:
ef:20:08:7d:42:7b:c8:45:a1:dc:fa:ed:0d:a0:d6:
85:c3:33:17:25:b1:b6:80:1f:70:91:a1:44:06:39:
72:5b:55:ce:52:41:20:2a:62:40:72:43:28:9e:3c:
0f:27:58:3b:0b:c5:cb:e9:32:07:48:34:29:99:89:
fe:6c:3e:55:a9:0b:11:ff:9c:42:90:1c:c0:62:9a:
3f:1b:b7:36:bf:bb:60:d6:70:40:15:0c:d7:22:ea:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:81:5D:6C:75:19:AB:F3:3C:A9:46:44:BA:2D:E8:FC:DB:0A:1E:08
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/34FdbHUZq_M8qUZEui3o_NsKHgg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:e0:9e:78:4a:4d:e7:28:df:d1:44:cd:b9:3f:78:a7:3d:d2:
c1:35:00:90:ce:f3:2d:be:63:3d:07:40:ac:f9:87:67:57:be:
d3:0b:fc:69:8d:f9:cc:f9:1d:29:c7:dc:75:75:24:10:7b:1f:
63:94:50:89:44:4f:8f:4c:fc:bb:22:25:d0:d6:0c:46:72:7f:
bd:34:93:64:8d:f3:f1:85:06:2c:f3:e5:90:e4:db:24:01:7b:
78:80:2d:dd:51:96:d1:25:fe:ec:60:21:ae:9b:19:bf:df:14:
16:36:f7:d8:c2:70:51:20:f1:16:c9:70:23:a9:d4:ef:59:59:
74:62:ad:25:6d:79:db:0d:2e:a2:cd:cc:b3:c5:43:f0:d8:f0:
fa:71:f7:4f:e2:60:7b:1c:20:c6:78:cb:f8:58:79:38:78:a9:
8d:55:f3:c3:7a:cb:48:24:40:8f:f0:3d:16:7c:9e:a2:74:f7:
41:e5:3e:66:d7:71:5f:e3:32:4b:dd:82:8f:83:ba:2a:01:7c:
26:8d:09:c1:92:2b:a7:9e:3b:fd:e1:1b:8f:16:d8:6a:89:9c:
90:43:80:5e:4a:dc:74:35:ae:ef:d7:60:30:87:7e:99:e8:3e:
fb:dc:9f:2e:1a:dd:ac:85:8e:b3:a9:f9:cc:cb:29:34:68:50:
78:6a:38:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAlAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
NDA4MThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERGODE1RDZDNzUxOUFC
RjMzQ0E5NDY0NEJBMkRFOEZDREIwQTFFMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMvTYD75rGVaCQ0/1ao8/pqqfKpBhH/TGf0JjAzU/U8PuSuPb1
fgaVQj3YJX4gPskk6Bvr9ETBhIMMVrGClnTU6stW4yNGC2y6Jf0OSwaqaNOICuA2
6iLe4X/gVfUOa8aQZeOMXyDLaKmDPHwvXpOoO74Cbu8Z5MhiMWfWaV5463qEJw/y
R4LgSijJAlXc6hHZqTNPiJI+g4OREDUpriJbs1yNX+8gCH1Ce8hFodz67Q2g1oXD
MxclsbaAH3CRoUQGOXJbVc5SQSAqYkByQyiePA8nWDsLxcvpMgdINCmZif5sPlWp
CxH/nEKQHMBimj8btza/u2DWcEAVDNci6tLfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU34FdbHUZq/M8qUZEui3o/NsKHggwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zNEZkYkhVWnFfTThxVVpF
dWkzb19Oc0tIZ2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAETgnnhKTeco39FEzbk/eKc90sE1AJDO8y2+
Yz0HQKz5h2dXvtML/GmN+cz5HSnH3HV1JBB7H2OUUIlET49M/LsiJdDWDEZyf700
k2SN8/GFBizz5ZDk2yQBe3iALd1RltEl/uxgIa6bGb/fFBY299jCcFEg8RbJcCOp
1O9ZWXRirSVtedsNLqLNzLPFQ/DY8Ppx90/iYHscIMZ4y/hYeTh4qY1V88N6y0gk
QI/wPRZ8nqJ090HlPmbXcV/jMkvdgo+DuioBfCaNCcGSK6eeO/3hG48W2GqJnJBD
gF5K3HQ1ru/XYDCHfpnoPvvcny4a3ayFjrOp+czLKTRoUHhqOOw=
-----END CERTIFICATE-----
Generated at Sat May 17 21:27:25 2025 by rpki-client