Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sTs4fZQLheba1weasLZXy1PXazo.roa
File: sTs4fZQLheba1weasLZXy1PXazo.roa (raw, json)
Hash identifier: jtGH/zgEp3eo8cWqWFE0jEagsxnbZvh984deL4dsKIA=
Subject key identifier: B1:3B:38:7D:94:0B:85:E6:DA:D7:07:9A:B0:B6:57:CB:53:D7:6B:3A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06C8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sTs4fZQLheba1weasLZXy1PXazo.roa
Signing time: Fri 16 May 2025 03:08:02 +0000
ROA not before: Fri 16 May 2025 03:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1736 (0x6c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 03:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B13B387D940B85E6DAD7079AB0B657CB53D76B3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:af:e8:71:e1:d3:a7:4c:c5:c1:1b:f1:c6:
73:a2:8d:57:5a:bf:44:f1:c5:f1:6e:6c:d6:d6:42:
cd:8a:85:f1:75:56:d8:fd:f3:55:71:8b:bc:5b:b9:
13:6f:02:41:2b:69:eb:d5:2e:6f:7e:a5:30:af:2a:
15:87:72:e3:5a:e3:35:76:70:d1:e6:08:36:ce:93:
97:b3:58:43:5f:2a:e1:e9:ee:3d:2a:97:aa:e0:17:
0b:5b:3a:60:a2:79:30:fc:09:46:9b:93:4e:a1:42:
0a:c7:df:ef:45:2c:95:6e:6e:b0:72:90:8e:1b:7d:
dd:13:52:23:04:bc:5f:f9:8d:a7:d2:6b:23:d1:f6:
68:f5:b6:4c:97:90:d9:3e:68:d0:b4:21:6a:9f:4f:
37:a9:cb:73:2e:98:72:37:54:e2:e3:49:ae:3f:ed:
14:28:ef:0b:42:9d:7e:12:a2:78:0b:27:38:4c:9a:
93:b6:45:ee:20:77:b2:c3:bc:02:38:76:af:e0:9e:
2b:d6:72:9c:d2:00:73:df:e5:d2:af:f6:72:af:ab:
e4:48:45:53:f1:c0:1c:c5:d0:4d:18:a6:41:db:20:
d5:20:79:15:e3:28:19:e0:cd:38:b6:7d:46:fc:39:
e1:4e:75:ac:0a:ee:e2:14:b9:16:af:3a:fa:1f:15:
c4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3B:38:7D:94:0B:85:E6:DA:D7:07:9A:B0:B6:57:CB:53:D7:6B:3A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sTs4fZQLheba1weasLZXy1PXazo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:27:60:0c:e4:55:c2:6a:54:cd:71:2a:44:f1:2e:28:46:44:
f4:c1:eb:6b:c3:e4:80:52:92:3f:75:e7:4f:66:0c:34:e9:63:
79:9d:41:a7:1a:1a:4a:26:30:87:14:9a:cc:54:3f:10:5c:97:
44:4a:d5:f2:67:92:5c:67:55:b1:cb:ad:28:12:a3:c3:e3:c5:
bf:46:28:84:be:67:44:ac:4c:a4:ca:50:76:d7:82:49:7d:ef:
0e:c5:e1:96:f6:2b:71:74:69:f8:a8:2e:3c:5d:b7:68:10:0e:
9e:86:93:20:9f:0c:6d:f7:04:1c:b3:b7:4d:a7:cc:0c:71:ba:
67:19:24:f3:5c:a5:83:d3:68:61:8a:19:48:b1:57:c5:b6:c8:
4c:4b:9f:cf:2f:ec:de:fb:63:7a:7f:99:25:bc:90:e8:a8:d5:
23:3b:2e:69:4e:0f:cc:6c:0e:f6:e2:6f:14:63:58:b0:77:5d:
1f:22:dd:ab:36:71:85:85:c0:7e:35:e6:5f:4a:f2:6c:d1:3b:
c0:77:a8:47:ff:f3:3d:22:af:15:2c:81:a9:b4:01:c8:80:cb:
bb:a5:8d:65:5c:5b:51:18:2e:35:cf:a0:de:a4:d3:28:e8:63:
81:bc:d6:ea:fb:72:c4:b8:5d:99:b2:d5:8a:5e:3e:d8:86:6f:
e2:56:95:e3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBsgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
MzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIxM0IzODdEOTQwQjg1
RTZEQUQ3MDc5QUIwQjY1N0NCNTNENzZCM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTCK/oceHTp0zFwRvxxnOijVdav0TxxfFubNbWQs2KhfF1Vtj9
81Vxi7xbuRNvAkEraevVLm9+pTCvKhWHcuNa4zV2cNHmCDbOk5ezWENfKuHp7j0q
l6rgFwtbOmCieTD8CUabk06hQgrH3+9FLJVubrBykI4bfd0TUiMEvF/5jafSayPR
9mj1tkyXkNk+aNC0IWqfTzepy3MumHI3VOLjSa4/7RQo7wtCnX4SongLJzhMmpO2
Re4gd7LDvAI4dq/gnivWcpzSAHPf5dKv9nKvq+RIRVPxwBzF0E0YpkHbINUgeRXj
KBngzTi2fUb8OeFOdawK7uIUuRavOvofFcQ1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsTs4fZQLheba1weasLZXy1PXazowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zVHM0ZlpRTGhlYmExd2Vh
c0xaWHkxUFhhem8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGQnYAzkVcJqVM1xKkTxLihGRPTB62vD5IBS
kj91509mDDTpY3mdQacaGkomMIcUmsxUPxBcl0RK1fJnklxnVbHLrSgSo8Pjxb9G
KIS+Z0SsTKTKUHbXgkl97w7F4Zb2K3F0afioLjxdt2gQDp6GkyCfDG33BByzt02n
zAxxumcZJPNcpYPTaGGKGUixV8W2yExLn88v7N77Y3p/mSW8kOio1SM7LmlOD8xs
DvbibxRjWLB3XR8i3as2cYWFwH415l9K8mzRO8B3qEf/8z0irxUsgam0AciAy7ul
jWVcW1EYLjXPoN6k0yjoY4G81ur7csS4XZmy1YpePtiGb+JWleM=
-----END CERTIFICATE-----
Generated at Sat May 17 22:40:16 2025 by rpki-client