Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ssWdvG58y0ao5sLccfZkTyAe3Dw.roa
File: ssWdvG58y0ao5sLccfZkTyAe3Dw.roa (raw, json)
Hash identifier: KhMIF2L50dhPa/HolXG1Njj0FR8ggm3o52P0ls2cdV8=
Subject key identifier: B2:C5:9D:BC:6E:7C:CB:46:A8:E6:C2:DC:71:F6:64:4F:20:1E:DC:3C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 041C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ssWdvG58y0ao5sLccfZkTyAe3Dw.roa
Signing time: Mon 12 May 2025 13:38:04 +0000
ROA not before: Mon 12 May 2025 13:38:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1052 (0x41c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 13:38:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B2C59DBC6E7CCB46A8E6C2DC71F6644F201EDC3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:55:ba:a4:b2:f7:f4:9a:94:3b:1c:d3:9f:ed:
5b:32:f6:31:53:0a:34:83:c8:37:f6:ff:02:66:2f:
d4:fe:c4:0e:c1:ae:b7:86:78:ce:53:8a:ea:6e:8e:
2c:fa:e8:f3:02:46:cd:fb:3e:02:c4:b7:07:ae:6a:
9e:16:91:70:91:c7:ef:69:d6:0c:cc:a0:d8:9e:a2:
ae:0e:69:09:d4:25:6d:d1:92:11:2c:7f:67:b5:c7:
a8:69:ea:13:3b:2b:09:59:79:11:68:d3:17:e6:15:
c8:b3:63:e0:49:81:15:54:6a:c5:b4:24:0a:d7:c6:
85:08:5d:3c:e8:e8:d3:6c:0a:4e:3b:05:4c:9e:23:
20:71:c8:fb:e4:3c:f6:65:a7:1d:b4:2a:81:99:55:
ba:e2:6f:97:4b:ff:76:12:12:be:b8:e5:fe:b9:28:
15:31:4d:3d:35:b7:9a:72:69:8b:26:8b:9e:64:8b:
d9:11:5f:a8:8d:e7:ac:0d:1e:87:e4:43:b3:05:dd:
b2:cc:ed:66:f5:e4:66:59:86:88:56:b3:eb:85:2a:
98:2c:c4:ad:04:43:c1:f0:b8:65:3d:cf:5d:7a:88:
11:32:49:1b:a6:5b:83:1b:a1:d9:e1:74:5d:84:22:
00:3a:bd:ef:cc:36:d0:b8:c3:23:04:bf:61:4c:d7:
8f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:C5:9D:BC:6E:7C:CB:46:A8:E6:C2:DC:71:F6:64:4F:20:1E:DC:3C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ssWdvG58y0ao5sLccfZkTyAe3Dw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:ff:6b:e8:52:35:96:93:18:a6:74:0b:2d:12:83:a0:0b:0b:
5e:01:55:47:bc:66:ec:3f:be:43:47:d5:d6:6b:a4:85:7d:66:
fb:b9:f8:8f:b9:34:12:d3:c5:e8:67:47:96:20:92:75:bf:a7:
52:57:54:6e:3d:00:47:55:c4:54:86:1e:6a:0c:ce:70:4d:e2:
9a:52:ba:79:a0:70:36:6e:43:ce:49:ab:3e:7e:b1:e6:45:5b:
73:5e:75:8d:e9:13:dd:22:ec:4f:89:d5:82:30:0a:d4:eb:25:
0c:0e:42:7a:0c:b7:d6:f5:e5:d5:b1:1c:a1:54:4c:15:6b:a3:
10:25:1f:7c:03:b6:54:68:e3:bf:09:c7:1d:bd:60:14:10:b1:
03:70:97:62:39:70:8d:8e:2c:c1:99:c9:aa:ee:03:e8:8a:d2:
74:1c:a9:6f:36:80:0e:68:ce:1f:b7:80:f2:1b:fb:e3:aa:6a:
02:36:7d:bb:a3:22:96:e7:ac:b3:71:00:f1:d2:b7:fc:05:8b:
86:86:35:68:30:fc:b5:4c:66:c1:49:7d:c9:fd:07:4d:ea:9c:
0b:e2:18:0d:f8:10:86:e7:87:a3:3e:45:70:7e:87:f3:57:16:
b3:24:ce:c4:47:01:96:b1:21:f7:99:f5:05:cb:a0:57:47:e3:
9e:db:84:95
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
MzM4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyQzU5REJDNkU3Q0NC
NDZBOEU2QzJEQzcxRjY2NDRGMjAxRURDM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Vbqksvf0mpQ7HNOf7Vsy9jFTCjSDyDf2/wJmL9T+xA7BrreG
eM5Tiupujiz66PMCRs37PgLEtweuap4WkXCRx+9p1gzMoNieoq4OaQnUJW3RkhEs
f2e1x6hp6hM7KwlZeRFo0xfmFcizY+BJgRVUasW0JArXxoUIXTzo6NNsCk47BUye
IyBxyPvkPPZlpx20KoGZVbrib5dL/3YSEr645f65KBUxTT01t5pyaYsmi55ki9kR
X6iN56wNHofkQ7MF3bLM7Wb15GZZhohWs+uFKpgsxK0EQ8HwuGU9z116iBEySRum
W4MbodnhdF2EIgA6ve/MNtC4wyMEv2FM14+9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUssWdvG58y0ao5sLccfZkTyAe3DwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zc1dkdkc1OHkwYW81c0xj
Y2Zaa1R5QWUzRHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGL/a+hSNZaTGKZ0Cy0Sg6ALC14BVUe8Zuw/
vkNH1dZrpIV9Zvu5+I+5NBLTxehnR5YgknW/p1JXVG49AEdVxFSGHmoMznBN4ppS
unmgcDZuQ85Jqz5+seZFW3NedY3pE90i7E+J1YIwCtTrJQwOQnoMt9b15dWxHKFU
TBVroxAlH3wDtlRo478Jxx29YBQQsQNwl2I5cI2OLMGZyaruA+iK0nQcqW82gA5o
zh+3gPIb++OqagI2fbujIpbnrLNxAPHSt/wFi4aGNWgw/LVMZsFJfcn9B03qnAvi
GA34EIbnh6M+RXB+h/NXFrMkzsRHAZaxIfeZ9QXLoFdH457bhJU=
-----END CERTIFICATE-----
Generated at Sun May 18 03:19:08 2025 by rpki-client