Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/g034ku34Crj4A-9f09Yl5UjWtuc.roa
File: g034ku34Crj4A-9f09Yl5UjWtuc.roa (raw, json)
Hash identifier: UHawdX2krEzWt/LT2mnJJbXIYp/vAMqP6/6kp6ZZqRU=
Subject key identifier: 83:4D:F8:92:ED:F8:0A:B8:F8:03:EF:5F:D3:D6:25:E5:48:D6:B6:E7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05F4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g034ku34Crj4A-9f09Yl5UjWtuc.roa
Signing time: Thu 15 May 2025 00:38:29 +0000
ROA not before: Thu 15 May 2025 00:38:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1524 (0x5f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 00:38:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=834DF892EDF80AB8F803EF5FD3D625E548D6B6E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:9d:b4:5b:c5:c8:72:2f:33:a9:95:1b:25:
85:be:6b:c4:74:de:19:ba:bc:5e:d0:d4:56:4e:39:
ae:7a:e1:36:7d:68:69:1d:4c:6e:c4:53:8c:0f:48:
60:0a:6a:ed:0b:0a:f4:e7:93:14:03:79:54:09:49:
aa:81:01:6f:e0:70:fe:b6:da:da:c7:1b:19:81:b4:
29:28:00:1f:af:8a:0f:94:79:7e:c5:56:a1:b2:73:
2f:7d:2d:aa:28:3a:30:e9:c8:d0:85:ba:19:22:d5:
47:67:6e:c9:81:37:23:e9:ea:13:dd:0f:90:4a:7e:
79:89:4a:e4:32:b3:3b:9b:93:7b:bd:e3:33:98:c3:
9f:f3:97:b5:01:de:ee:46:dc:1c:f0:78:7d:6d:3c:
76:aa:30:67:3c:ad:cf:4d:b7:83:8e:5a:05:ff:e0:
4a:89:ca:54:02:e7:c3:ee:82:da:70:34:4a:22:72:
b6:64:11:82:9e:c1:a6:b8:85:f2:7a:06:ea:8c:f8:
47:de:50:63:4a:4c:4e:c4:a0:8b:95:35:90:5f:e2:
d9:7d:2a:82:25:8c:df:17:bc:f0:98:41:7f:2d:3d:
6a:57:4b:11:22:31:40:2a:83:be:aa:c3:03:2e:8e:
b9:7d:41:26:3b:eb:01:f7:c1:79:ea:70:33:da:a8:
83:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4D:F8:92:ED:F8:0A:B8:F8:03:EF:5F:D3:D6:25:E5:48:D6:B6:E7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g034ku34Crj4A-9f09Yl5UjWtuc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:4c:ad:b3:57:da:8f:e5:d2:7d:99:e8:52:d2:e9:ad:1a:21:
42:da:db:61:34:16:b2:ca:45:76:44:8c:02:02:60:73:0f:cc:
97:fd:ee:e0:92:17:ba:04:87:a7:c7:9c:b7:12:e7:40:6d:73:
9d:3e:5d:5e:41:e4:26:41:67:1e:4d:f7:02:e6:52:2f:98:13:
7f:ba:0a:13:3f:4e:b6:c2:35:d1:b9:e3:fc:3b:c3:a9:4f:67:
22:7d:6b:01:8d:25:ef:25:bd:aa:b3:e9:69:69:6e:93:6c:af:
e3:7e:a6:b1:af:61:a0:a3:8a:40:94:88:8e:21:f1:44:7a:46:
36:2f:0e:5b:be:49:7e:30:a6:59:75:24:f5:66:6b:dc:a1:20:
3a:d7:b6:f7:33:82:58:a1:64:ab:c9:f0:b4:fa:d1:c2:7b:91:
26:8b:09:c1:99:fa:6a:1c:e8:13:1b:fe:82:c1:f6:95:7e:16:
c6:f2:17:50:3d:9f:88:be:be:30:c6:fd:2a:55:3d:40:d4:d7:
a6:8f:b0:60:80:f2:7c:69:76:de:13:fb:f0:db:f7:ba:56:24:
0e:48:94:81:62:0b:6a:48:2e:ff:eb:44:c7:8f:62:38:50:de:
db:a2:27:53:ee:a2:6e:e3:3d:ce:68:24:2c:db:fc:35:78:7b:
d1:a7:42:a3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MDM4MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgzNERGODkyRURGODBB
QjhGODAzRUY1RkQzRDYyNUU1NDhENkI2RTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsB520W8XIci8zqZUbJYW+a8R03hm6vF7Q1FZOOa564TZ9aGkd
TG7EU4wPSGAKau0LCvTnkxQDeVQJSaqBAW/gcP622trHGxmBtCkoAB+vig+UeX7F
VqGycy99LaooOjDpyNCFuhki1UdnbsmBNyPp6hPdD5BKfnmJSuQyszubk3u94zOY
w5/zl7UB3u5G3BzweH1tPHaqMGc8rc9Nt4OOWgX/4EqJylQC58PugtpwNEoicrZk
EYKewaa4hfJ6BuqM+EfeUGNKTE7EoIuVNZBf4tl9KoIljN8XvPCYQX8tPWpXSxEi
MUAqg76qwwMujrl9QSY76wH3wXnqcDPaqIPrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUg034ku34Crj4A+9f09Yl5UjWtucwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nMDM0a3UzNENyajRBLTlm
MDlZbDVVald0dWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIBMrbNX2o/l0n2Z6FLS6a0aIULa22E0FrLK
RXZEjAICYHMPzJf97uCSF7oEh6fHnLcS50Btc50+XV5B5CZBZx5N9wLmUi+YE3+6
ChM/TrbCNdG54/w7w6lPZyJ9awGNJe8lvaqz6WlpbpNsr+N+prGvYaCjikCUiI4h
8UR6RjYvDlu+SX4wpll1JPVma9yhIDrXtvczglihZKvJ8LT60cJ7kSaLCcGZ+moc
6BMb/oLB9pV+FsbyF1A9n4i+vjDG/SpVPUDU16aPsGCA8nxpdt4T+/Db97pWJA5I
lIFiC2pILv/rRMePYjhQ3tuiJ1Puom7jPc5oJCzb/DV4e9GnQqM=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:12 2025 by rpki-client