Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PpA8bigYbJXVQ2iyaqvbMb0PWXY.roa
File: PpA8bigYbJXVQ2iyaqvbMb0PWXY.roa (raw, json)
Hash identifier: b4kodlbv953et553+BTBlw3gP2KHWZCPWtkggSvQIB4=
Subject key identifier: 3E:90:3C:6E:28:18:6C:95:D5:43:68:B2:6A:AB:DB:31:BD:0F:59:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: C4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PpA8bigYbJXVQ2iyaqvbMb0PWXY.roa
Signing time: Thu 08 May 2025 02:45:20 +0000
ROA not before: Thu 08 May 2025 02:45:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196 (0xc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 02:45:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3E903C6E28186C95D54368B26AABDB31BD0F5976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:68:1d:35:cb:d8:34:ed:24:ac:dd:96:99:f6:
6e:d9:a0:ff:2a:b4:2d:b6:6a:58:6a:1b:2f:15:d6:
3e:6c:98:6a:54:6e:0b:28:12:fe:14:65:77:d2:d9:
5a:a2:31:30:0f:0b:5e:35:51:e5:28:7d:b4:a1:a3:
62:a6:aa:58:78:88:bc:dc:e1:08:17:74:a3:2e:88:
ce:7c:ef:5d:49:ef:ba:a7:29:42:6c:da:0f:fa:89:
41:45:40:a5:e5:be:67:2f:37:d9:f9:fc:67:ae:a0:
61:38:3d:da:96:ec:24:91:3d:0f:18:a5:9a:4d:78:
e7:42:ce:6d:79:19:87:ae:da:47:90:e9:fc:78:8b:
31:aa:75:43:e1:e7:38:18:c7:c2:a8:2a:ca:f1:5f:
53:9a:f4:cf:a2:f8:3d:03:f3:6b:7f:36:36:12:6b:
72:67:26:07:f2:63:ef:e9:74:45:45:ea:c9:ac:80:
18:dc:e0:a5:dd:5c:ca:13:4d:d4:21:02:50:b1:dd:
d0:c7:1a:53:f5:00:58:fb:e8:e4:c5:63:68:cc:14:
ee:95:37:50:5f:70:e7:94:af:11:db:75:d3:62:9c:
52:9a:fd:64:77:8f:4b:76:08:97:70:5e:f0:76:52:
d1:b4:c3:fd:c2:cb:c9:e6:74:d3:73:af:d9:ab:0d:
e0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:90:3C:6E:28:18:6C:95:D5:43:68:B2:6A:AB:DB:31:BD:0F:59:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PpA8bigYbJXVQ2iyaqvbMb0PWXY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:ac:b9:79:85:dc:66:96:12:05:98:3c:ed:20:28:34:91:b0:
f8:25:c4:cf:be:6f:5c:c7:a7:8e:a0:5f:df:78:ed:51:b4:65:
aa:a6:ec:2a:07:86:09:9c:a6:4c:62:1f:e6:83:35:7e:68:01:
a0:c3:15:0e:33:a0:4f:c9:6e:94:66:9d:b9:51:90:87:a3:b1:
90:70:77:83:13:11:f0:e0:9c:78:3e:97:a0:97:11:16:7f:fc:
17:52:87:bc:e9:b0:7d:d3:f8:54:66:1b:ac:10:36:03:55:54:
0a:82:d5:70:32:85:38:bb:c6:9c:34:ca:ca:88:e1:e3:9b:78:
e5:7e:80:86:4c:66:9d:7c:0a:c3:09:18:68:7d:7b:b7:f4:5b:
b1:82:e1:df:04:b9:70:d0:e5:ec:95:ce:2f:93:6e:b7:16:cd:
4f:77:d6:31:8f:9d:cd:f6:a3:59:9f:be:8e:b6:d2:e1:2b:49:
1d:e3:29:5d:b0:1e:e7:82:2e:4d:7f:f7:6c:5b:05:23:89:2e:
a3:17:98:df:45:a7:b3:91:95:3a:bc:3c:df:64:dd:c1:52:74:
2b:8a:f7:cc:ff:1e:dd:69:47:5f:76:b3:12:1f:8d:f8:0c:fa:
e9:ec:69:67:61:8b:7a:3a:b4:3b:89:72:18:15:dc:3f:92:69:
b4:be:e3:5d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
MjQ1MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNFOTAzQzZFMjgxODZD
OTVENTQzNjhCMjZBQUJEQjMxQkQwRjU5NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfaB01y9g07SSs3ZaZ9m7ZoP8qtC22alhqGy8V1j5smGpUbgso
Ev4UZXfS2VqiMTAPC141UeUofbSho2Kmqlh4iLzc4QgXdKMuiM58711J77qnKUJs
2g/6iUFFQKXlvmcvN9n5/GeuoGE4PdqW7CSRPQ8YpZpNeOdCzm15GYeu2keQ6fx4
izGqdUPh5zgYx8KoKsrxX1Oa9M+i+D0D82t/NjYSa3JnJgfyY+/pdEVF6smsgBjc
4KXdXMoTTdQhAlCx3dDHGlP1AFj76OTFY2jMFO6VN1BfcOeUrxHbddNinFKa/WR3
j0t2CJdwXvB2UtG0w/3Cy8nmdNNzr9mrDeBXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPpA8bigYbJXVQ2iyaqvbMb0PWXYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QcEE4YmlnWWJKWFZRMml5
YXF2Yk1iMFBXWFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAACsuXmF3GaWEgWYPO0gKDSRsPglxM++b1zH
p46gX9947VG0Zaqm7CoHhgmcpkxiH+aDNX5oAaDDFQ4zoE/JbpRmnblRkIejsZBw
d4MTEfDgnHg+l6CXERZ//BdSh7zpsH3T+FRmG6wQNgNVVAqC1XAyhTi7xpw0ysqI
4eObeOV+gIZMZp18CsMJGGh9e7f0W7GC4d8EuXDQ5eyVzi+TbrcWzU931jGPnc32
o1mfvo620uErSR3jKV2wHueCLk1/92xbBSOJLqMXmN9Fp7ORlTq8PN9k3cFSdCuK
98z/Ht1pR192sxIfjfgM+unsaWdhi3o6tDuJchgV3D+SabS+410=
-----END CERTIFICATE-----
Generated at Sun May 18 02:05:20 2025 by rpki-client