Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0Lt_q5JCABxnVVlHk5lp2kN0Gmk.roa
File: 0Lt_q5JCABxnVVlHk5lp2kN0Gmk.roa (raw, json)
Hash identifier: I2chTde3DrXPlINNl365zMlVTxkAxZDCZ2FaTgfhtBU=
Subject key identifier: D0:BB:7F:AB:92:42:00:1C:67:55:59:47:93:99:69:DA:43:74:1A:69
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0200
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0Lt_q5JCABxnVVlHk5lp2kN0Gmk.roa
Signing time: Fri 09 May 2025 18:08:19 +0000
ROA not before: Fri 09 May 2025 18:08:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 512 (0x200)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 18:08:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D0BB7FAB9242001C67555947939969DA43741A69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1e:45:eb:f5:a2:4f:5c:2d:79:e8:1d:ea:55:
a1:3b:6d:41:25:49:7d:28:fc:82:3e:49:2f:dd:5a:
e6:20:a8:a7:69:cf:77:5f:9f:90:a1:66:45:05:bb:
33:75:6c:2b:de:c3:8a:32:b8:64:8b:02:fc:b3:e3:
cd:2c:78:e3:17:55:64:58:5d:f4:b2:86:8c:7c:93:
e8:d3:29:da:50:87:3e:df:e5:b5:08:dc:d7:44:ca:
32:d7:f0:ec:f5:66:21:26:a1:8f:3a:c2:a5:21:2e:
87:6b:47:e4:09:32:09:f1:32:0c:fe:00:98:1a:3c:
a2:f4:3d:cc:33:5a:17:f7:72:06:47:e6:16:67:f9:
76:45:e9:98:f7:50:f3:e4:6e:c7:3f:6c:7f:a0:a2:
b8:36:ce:8d:e4:7d:cd:8d:3c:2f:d3:80:fe:e2:4d:
46:df:47:14:63:da:ab:7e:54:32:d6:07:9b:cc:c8:
a8:7b:01:98:23:e0:2e:1a:9a:5f:e4:68:3c:60:fd:
f0:3c:25:27:3d:e0:83:cf:6e:0c:82:13:bc:75:64:
a2:d0:3d:96:28:39:03:44:6c:ce:54:3f:17:f7:93:
59:c2:4f:e9:d1:c8:83:c6:d8:20:be:c8:70:a1:11:
48:19:d8:d7:dc:4e:04:c7:21:fa:91:3f:ab:ee:33:
c4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BB:7F:AB:92:42:00:1C:67:55:59:47:93:99:69:DA:43:74:1A:69
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0Lt_q5JCABxnVVlHk5lp2kN0Gmk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:38:c7:4f:31:75:dc:cd:a6:c0:30:8f:fe:60:e6:4c:1c:ba:
6a:2c:49:45:12:43:6a:5d:b0:b2:1e:7c:5c:42:42:43:da:29:
5d:50:0e:50:76:56:bc:80:fb:e4:5c:c6:d4:43:69:f8:7f:f3:
50:38:7c:b5:3c:63:6a:89:bc:7c:b2:b1:0c:96:84:c1:c7:2f:
2d:a3:30:0d:05:89:c0:19:e6:51:dd:92:a5:2e:bf:fd:7c:29:
b7:ce:05:e0:3e:de:17:b5:f6:c9:f2:41:46:a6:9e:24:4f:58:
8d:41:bc:41:b3:50:2b:e7:74:f9:b3:0b:53:85:f1:c1:b2:48:
4e:cf:03:33:b7:24:a1:33:e2:a6:e5:77:fb:91:7e:bb:23:b6:
36:18:33:7c:ec:36:67:c9:03:b3:0d:16:ca:7f:c4:f8:77:fd:
fd:29:6d:11:2c:1c:a2:5a:07:e1:ca:34:ec:d4:86:3c:ac:d0:
1b:96:11:d2:d5:d9:1c:d2:a3:3c:56:a5:4e:b1:14:ba:af:18:
b9:83:b3:e2:44:e8:17:9f:14:a9:03:6d:9e:1c:a1:5f:32:c0:
f7:c1:d3:c0:ea:81:4e:af:2e:46:3b:ce:8f:7f:f4:ef:02:9e:
fe:04:f7:7e:7a:01:5c:5c:3d:20:97:4e:9b:68:06:e3:ab:92:
e9:c2:c4:6a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAgAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
ODA4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQwQkI3RkFCOTI0MjAw
MUM2NzU1NTk0NzkzOTk2OURBNDM3NDFBNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDHkXr9aJPXC156B3qVaE7bUElSX0o/II+SS/dWuYgqKdpz3df
n5ChZkUFuzN1bCvew4oyuGSLAvyz480seOMXVWRYXfSyhox8k+jTKdpQhz7f5bUI
3NdEyjLX8Oz1ZiEmoY86wqUhLodrR+QJMgnxMgz+AJgaPKL0PcwzWhf3cgZH5hZn
+XZF6Zj3UPPkbsc/bH+gorg2zo3kfc2NPC/TgP7iTUbfRxRj2qt+VDLWB5vMyKh7
AZgj4C4aml/kaDxg/fA8JSc94IPPbgyCE7x1ZKLQPZYoOQNEbM5UPxf3k1nCT+nR
yIPG2CC+yHChEUgZ2NfcTgTHIfqRP6vuM8QjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0Lt/q5JCABxnVVlHk5lp2kN0GmkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wTHRfcTVKQ0FCeG5WVmxI
azVscDJrTjBHbWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADA4x08xddzNpsAwj/5g5kwcumosSUUSQ2pd
sLIefFxCQkPaKV1QDlB2VryA++RcxtRDafh/81A4fLU8Y2qJvHyysQyWhMHHLy2j
MA0FicAZ5lHdkqUuv/18KbfOBeA+3he19snyQUamniRPWI1BvEGzUCvndPmzC1OF
8cGySE7PAzO3JKEz4qbld/uRfrsjtjYYM3zsNmfJA7MNFsp/xPh3/f0pbREsHKJa
B+HKNOzUhjys0BuWEdLV2RzSozxWpU6xFLqvGLmDs+JE6BefFKkDbZ4coV8ywPfB
08DqgU6vLkY7zo9/9O8Cnv4E9356AVxcPSCXTptoBuOrkunCxGo=
-----END CERTIFICATE-----
Generated at Sat May 17 19:35:30 2025 by rpki-client