Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_iBYJuwLNiqMmfib-ax-tZU37Zg.roa
File: _iBYJuwLNiqMmfib-ax-tZU37Zg.roa (raw, json)
Hash identifier: +3JlGT2gi6AG509VVnBCu6MRLcI9HhKzBKUD1t8d6s8=
Subject key identifier: FE:20:58:26:EC:0B:36:2A:8C:99:F8:9B:F9:AC:7E:B5:95:37:ED:98
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04BC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_iBYJuwLNiqMmfib-ax-tZU37Zg.roa
Signing time: Tue 13 May 2025 09:37:58 +0000
ROA not before: Tue 13 May 2025 09:37:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1212 (0x4bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 09:37:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FE205826EC0B362A8C99F89BF9AC7EB59537ED98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:bc:2f:80:55:c4:b8:0a:ac:f7:47:1b:bd:0f:
52:e7:ba:43:b6:2a:34:45:fd:19:7b:eb:54:67:65:
c5:98:6a:a4:5d:cd:ae:92:24:45:7c:71:0a:5d:d9:
23:e8:a5:2e:b3:2d:e0:e0:8c:43:63:28:01:0d:ab:
f0:c8:60:29:f1:33:e6:ea:ee:99:55:cb:5a:9b:55:
7b:16:11:ae:94:63:49:b1:7f:46:09:cf:4c:f6:d6:
43:55:ff:20:0d:ca:68:8a:c1:15:8d:46:e2:9f:4c:
5b:5d:a5:7d:70:c6:de:81:94:11:48:86:1a:a9:bf:
f1:03:2d:30:25:97:8a:9b:97:20:aa:67:81:c5:69:
28:6e:57:e6:0d:08:2a:eb:11:eb:2a:16:b0:19:91:
d4:c0:a0:35:81:62:f7:7c:5c:34:11:21:6e:58:a4:
96:91:b0:eb:95:e5:0c:e2:e4:dc:75:5f:93:b1:29:
d3:6c:a2:48:2a:02:b3:94:dc:5c:1d:5e:4e:a5:1a:
8f:08:f0:11:ec:ed:1c:32:ac:42:85:22:7f:b8:34:
09:04:15:72:47:a7:a7:6d:6c:19:af:b0:41:b3:eb:
38:6a:e2:8e:be:48:be:2c:a9:9a:bb:c6:b8:7a:9c:
15:cc:44:9f:1f:e6:fc:b3:e7:6c:96:f4:64:0f:96:
2f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:20:58:26:EC:0B:36:2A:8C:99:F8:9B:F9:AC:7E:B5:95:37:ED:98
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_iBYJuwLNiqMmfib-ax-tZU37Zg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:20:9f:3e:ac:16:a9:7f:88:f1:f1:c8:1b:f5:6d:f6:62:8d:
fa:a2:10:c0:5d:a8:5f:7d:09:f2:55:fa:07:8f:24:c4:26:24:
17:c4:80:cc:74:69:d4:37:27:05:fc:a6:1d:ff:f8:01:46:91:
0d:21:0f:c3:21:3a:06:14:21:56:51:66:b0:15:c3:b0:70:34:
7a:27:57:1e:e5:97:a7:fc:4e:9e:bd:9d:69:72:2a:b2:69:4e:
69:9a:d4:9c:d7:eb:f0:e7:12:2f:50:89:f5:0f:e7:3b:0b:59:
77:d7:53:e7:42:d6:de:f3:f4:c5:20:94:4f:47:e1:a2:65:04:
a0:22:2f:6d:f2:05:46:5d:a3:35:54:b4:a4:bc:a2:11:cc:e0:
19:72:4f:34:e5:86:86:8a:c9:ca:4b:04:ad:a1:09:14:f2:aa:
c4:5e:5e:0d:6f:84:ef:3d:66:de:88:d1:7c:1e:22:65:9f:8b:
4b:78:ae:b8:12:45:05:ba:8b:ce:89:d5:95:b9:57:55:5f:8d:
e5:b6:07:3d:69:24:9d:60:85:cb:88:59:18:29:3e:66:14:6d:
e6:57:47:68:fa:9f:4b:b2:67:48:e4:47:12:30:ea:50:ec:9f:
f7:21:14:94:5a:19:ba:5e:f9:49:8f:71:42:82:6e:fc:ae:d1:
c0:77:61:b8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
OTM3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZFMjA1ODI2RUMwQjM2
MkE4Qzk5Rjg5QkY5QUM3RUI1OTUzN0VEOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgvC+AVcS4Cqz3Rxu9D1LnukO2KjRF/Rl761RnZcWYaqRdza6S
JEV8cQpd2SPopS6zLeDgjENjKAENq/DIYCnxM+bq7plVy1qbVXsWEa6UY0mxf0YJ
z0z21kNV/yANymiKwRWNRuKfTFtdpX1wxt6BlBFIhhqpv/EDLTAll4qblyCqZ4HF
aShuV+YNCCrrEesqFrAZkdTAoDWBYvd8XDQRIW5YpJaRsOuV5Qzi5Nx1X5OxKdNs
okgqArOU3FwdXk6lGo8I8BHs7RwyrEKFIn+4NAkEFXJHp6dtbBmvsEGz6zhq4o6+
SL4sqZq7xrh6nBXMRJ8f5vyz52yW9GQPli+FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/iBYJuwLNiqMmfib+ax+tZU37ZgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9faUJZSnV3TE5pcU1tZmli
LWF4LXRaVTM3Wmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGcgnz6sFql/iPHxyBv1bfZijfqiEMBdqF99
CfJV+gePJMQmJBfEgMx0adQ3JwX8ph3/+AFGkQ0hD8MhOgYUIVZRZrAVw7BwNHon
Vx7ll6f8Tp69nWlyKrJpTmma1JzX6/DnEi9QifUP5zsLWXfXU+dC1t7z9MUglE9H
4aJlBKAiL23yBUZdozVUtKS8ohHM4BlyTzTlhoaKycpLBK2hCRTyqsReXg1vhO89
Zt6I0XweImWfi0t4rrgSRQW6i86J1ZW5V1VfjeW2Bz1pJJ1ghcuIWRgpPmYUbeZX
R2j6n0uyZ0jkRxIw6lDsn/chFJRaGbpe+UmPcUKCbvyu0cB3Ybg=
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:07 2025 by rpki-client