Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jZkcL2zcKPRz-_Lz_JB59PuxwRI.roa
File: jZkcL2zcKPRz-_Lz_JB59PuxwRI.roa (raw, json)
Hash identifier: 2SKwIcd+pARU0Q+QQn1bIauA7tVGW7/UQERpNFyeyu0=
Subject key identifier: 8D:99:1C:2F:6C:DC:28:F4:73:FB:F2:F3:FC:90:79:F4:FB:B1:C1:12
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: CC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jZkcL2zcKPRz-_Lz_JB59PuxwRI.roa
Signing time: Thu 08 May 2025 03:37:40 +0000
ROA not before: Thu 08 May 2025 03:37:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 204 (0xcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 03:37:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8D991C2F6CDC28F473FBF2F3FC9079F4FBB1C112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:29:8b:26:f3:72:d7:e3:a2:3b:02:4c:a9:
0d:74:b7:93:02:ed:79:03:f9:5f:85:df:1c:d7:76:
b3:a3:78:01:78:14:1a:f3:1a:2c:a9:85:0c:00:b5:
6e:9e:ee:36:0c:71:bc:69:d9:f3:28:fb:13:e7:fe:
f0:b6:21:3e:d6:43:0b:ab:e7:62:29:0c:7a:0e:df:
7f:cb:20:a9:47:48:09:30:be:0f:4b:1c:3d:1f:43:
18:3a:31:52:a3:9b:43:2a:25:25:99:b6:3f:52:09:
af:24:f3:b6:9e:26:62:8b:d5:57:25:6b:1e:68:f9:
1a:29:60:ba:35:d6:9e:6c:6b:65:0c:3f:ff:d0:f4:
29:c9:68:ef:2e:44:43:f7:80:78:46:69:d3:24:e5:
85:09:2b:3a:6d:4e:02:b6:b8:f1:5c:ae:f2:0c:b4:
e0:8a:87:48:ee:ee:72:2b:bb:9a:85:f7:c1:86:4b:
c7:76:77:6b:5f:04:a5:60:f5:9e:2b:6c:a2:ea:6f:
26:08:78:7f:2c:e6:38:1e:ea:86:2d:a8:3b:62:09:
91:6d:67:de:f2:79:23:15:d7:94:d6:d9:89:e0:01:
3b:03:22:96:ee:63:67:c8:99:f0:3f:41:ee:a5:11:
43:0d:51:88:14:38:d9:e6:1a:fb:4e:4b:a1:e9:28:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:99:1C:2F:6C:DC:28:F4:73:FB:F2:F3:FC:90:79:F4:FB:B1:C1:12
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jZkcL2zcKPRz-_Lz_JB59PuxwRI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:6a:ef:d9:26:5b:43:16:ee:45:f3:a7:9e:75:a9:23:e3:5a:
cc:59:da:9b:eb:30:d3:39:6f:3a:e8:9d:b8:22:7e:ef:a8:9d:
02:71:e4:34:82:9c:da:9c:53:cc:54:81:47:12:bb:4b:a4:52:
a4:4f:1b:88:5a:6f:e6:24:4a:d8:99:1c:40:36:0f:9f:88:43:
3b:5f:4c:66:a2:4f:cf:ad:b8:81:3f:d2:88:b8:e4:fd:a4:00:
68:0e:3c:2c:8f:5c:e3:24:3a:8a:60:54:01:fa:e4:20:cf:74:
fa:45:07:92:f6:8c:ce:91:c3:f8:e8:8f:d3:11:0e:a7:60:43:
68:d0:3f:8e:6a:a3:bf:14:56:5b:45:c6:61:a3:30:81:d9:39:
c1:20:60:e5:db:8a:69:d7:e6:0e:98:89:c5:0e:37:41:2b:17:
fb:a3:63:5d:4b:57:3f:69:43:f7:06:46:d4:5e:2a:a0:86:58:
26:2f:20:6b:c3:8a:da:3f:2b:19:e1:52:7b:d1:88:d7:19:10:
f7:45:89:a5:37:89:ff:c9:e6:18:30:38:b1:62:cf:39:08:24:
3c:1f:44:fe:fa:6b:6c:74:18:74:a0:05:7e:a3:ee:01:22:f3:
db:c0:c9:46:bf:7b:0a:82:b3:47:d9:55:3a:17:3a:71:13:36:
cd:af:d5:94
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAMwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
MzM3NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhEOTkxQzJGNkNEQzI4
RjQ3M0ZCRjJGM0ZDOTA3OUY0RkJCMUMxMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7DSmLJvNy1+OiOwJMqQ10t5MC7XkD+V+F3xzXdrOjeAF4FBrz
GiyphQwAtW6e7jYMcbxp2fMo+xPn/vC2IT7WQwur52IpDHoO33/LIKlHSAkwvg9L
HD0fQxg6MVKjm0MqJSWZtj9SCa8k87aeJmKL1Vclax5o+RopYLo11p5sa2UMP//Q
9CnJaO8uREP3gHhGadMk5YUJKzptTgK2uPFcrvIMtOCKh0ju7nIru5qF98GGS8d2
d2tfBKVg9Z4rbKLqbyYIeH8s5jge6oYtqDtiCZFtZ97yeSMV15TW2YngATsDIpbu
Y2fImfA/Qe6lEUMNUYgUONnmGvtOS6HpKB3NAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjZkcL2zcKPRz+/Lz/JB59PuxwRIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qWmtjTDJ6Y0tQUnotX0x6
X0pCNTlQdXh3Ukkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHtq79kmW0MW7kXzp551qSPjWsxZ2pvrMNM5
bzronbgifu+onQJx5DSCnNqcU8xUgUcSu0ukUqRPG4hab+YkStiZHEA2D5+IQztf
TGaiT8+tuIE/0oi45P2kAGgOPCyPXOMkOopgVAH65CDPdPpFB5L2jM6Rw/joj9MR
DqdgQ2jQP45qo78UVltFxmGjMIHZOcEgYOXbimnX5g6YicUON0ErF/ujY11LVz9p
Q/cGRtReKqCGWCYvIGvDito/KxnhUnvRiNcZEPdFiaU3if/J5hgwOLFizzkIJDwf
RP76a2x0GHSgBX6j7gEi89vAyUa/ewqCs0fZVToXOnETNs2v1ZQ=
-----END CERTIFICATE-----
Generated at Sat May 17 22:39:16 2025 by rpki-client