Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5h1kNxhtJlGj1iPTPJMzPT_ljw4.roa
File: 5h1kNxhtJlGj1iPTPJMzPT_ljw4.roa (raw, json)
Hash identifier: JSS9SW1EdaxFdhhRj9gDDqg4LpaXYWQYxC8tZDJK7QU=
Subject key identifier: E6:1D:64:37:18:6D:26:51:A3:D6:23:D3:3C:93:33:3D:3F:E5:8F:0E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0654
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5h1kNxhtJlGj1iPTPJMzPT_ljw4.roa
Signing time: Thu 15 May 2025 12:38:02 +0000
ROA not before: Thu 15 May 2025 12:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1620 (0x654)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 12:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E61D6437186D2651A3D623D33C93333D3FE58F0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:58:7a:3b:a4:ca:5b:cd:fb:5f:05:44:e0:
9c:79:2e:0f:19:c1:2a:ab:64:d5:cb:35:1b:b9:ea:
ed:d4:40:85:55:46:d3:b7:d6:63:5c:41:4e:1e:3a:
18:17:b3:88:c1:97:9e:72:ce:32:b5:e4:2a:1d:0f:
c5:0e:3c:4a:c4:c9:a8:67:22:41:c5:7a:c7:e6:c4:
a2:d9:77:d8:a1:4e:7f:4b:b2:5f:51:6e:90:1c:52:
96:4c:3b:d3:2b:dd:c7:55:c0:e7:39:0e:aa:34:36:
d3:d1:94:46:0c:fb:ce:61:69:8f:a5:5b:6a:41:ae:
cb:51:bf:42:73:87:58:da:80:cd:7d:ab:0d:2e:b9:
45:18:e7:13:ac:2f:09:95:3e:4a:b4:8b:9b:12:2b:
d6:eb:f9:d3:62:ee:97:80:6d:a0:67:b6:86:02:96:
60:85:0a:f2:cf:e4:7d:f9:9a:ca:4b:77:e9:af:f6:
c5:95:04:6f:86:93:15:f8:f7:b8:84:f7:3d:cc:86:
f5:44:ba:a9:1f:78:54:63:32:89:a4:13:55:b6:8c:
a5:8f:fc:2c:ce:a8:d2:34:f8:97:80:05:46:62:d1:
75:b4:d4:0b:30:4d:2e:7b:6d:3d:7b:0e:92:81:4a:
1d:6f:ef:2e:d2:63:60:d0:be:00:48:d1:3f:74:3a:
a5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:1D:64:37:18:6D:26:51:A3:D6:23:D3:3C:93:33:3D:3F:E5:8F:0E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5h1kNxhtJlGj1iPTPJMzPT_ljw4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:06:87:0d:44:06:a7:0a:f4:b5:06:b8:84:f2:6b:51:f9:12:
6a:a6:86:39:06:0d:53:db:7d:a9:6f:cd:bd:db:cc:6a:0c:82:
3a:44:0d:71:87:bb:cb:3e:17:f7:77:6d:61:5d:53:cd:ee:c5:
af:f1:ac:71:94:f3:a6:a8:a9:3b:05:28:29:ac:fa:e5:40:c8:
2e:6d:94:fa:c8:71:93:49:c2:7c:02:51:71:08:04:da:02:59:
42:c1:8a:eb:a6:33:17:0c:3c:3f:2a:5d:69:56:33:2a:13:c8:
c4:5f:bd:7a:bd:b8:37:2d:63:58:2f:2a:44:7c:01:c9:68:be:
11:9f:ca:fb:d9:1a:d9:7b:2d:4c:08:38:a0:d6:29:0e:30:46:
a3:1c:01:30:ee:e2:49:44:02:5b:43:85:30:bf:ac:7e:a3:99:
a2:09:e5:ed:4a:bf:3a:ec:35:f5:17:1f:1a:cf:ef:ca:64:de:
ab:ca:83:2d:f0:6e:99:89:7d:e6:3c:20:62:ca:79:15:51:c8:
12:ec:c0:56:50:95:85:22:23:80:49:40:04:05:0c:db:e4:db:
fe:15:29:b8:42:77:d0:26:82:a4:20:b0:7f:e8:5a:c7:ac:2b:
a9:81:d2:8c:03:e5:9c:b4:86:0e:dd:9f:58:31:02:e2:ce:37:
1f:d8:9c:cc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
MjM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU2MUQ2NDM3MTg2RDI2
NTFBM0Q2MjNEMzNDOTMzMzNEM0ZFNThGMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEJ1h6O6TKW837XwVE4Jx5Lg8ZwSqrZNXLNRu56u3UQIVVRtO3
1mNcQU4eOhgXs4jBl55yzjK15CodD8UOPErEyahnIkHFesfmxKLZd9ihTn9Lsl9R
bpAcUpZMO9Mr3cdVwOc5Dqo0NtPRlEYM+85haY+lW2pBrstRv0Jzh1jagM19qw0u
uUUY5xOsLwmVPkq0i5sSK9br+dNi7peAbaBntoYClmCFCvLP5H35mspLd+mv9sWV
BG+GkxX497iE9z3MhvVEuqkfeFRjMomkE1W2jKWP/CzOqNI0+JeABUZi0XW01Asw
TS57bT17DpKBSh1v7y7SY2DQvgBI0T90OqUxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5h1kNxhtJlGj1iPTPJMzPT/ljw4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81aDFrTnhodEpsR2oxaVBU
UEpNelBUX2xqdzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFkGhw1EBqcK9LUGuITya1H5EmqmhjkGDVPb
falvzb3bzGoMgjpEDXGHu8s+F/d3bWFdU83uxa/xrHGU86aoqTsFKCms+uVAyC5t
lPrIcZNJwnwCUXEIBNoCWULBiuumMxcMPD8qXWlWMyoTyMRfvXq9uDctY1gvKkR8
AclovhGfyvvZGtl7LUwIOKDWKQ4wRqMcATDu4klEAltDhTC/rH6jmaIJ5e1Kvzrs
NfUXHxrP78pk3qvKgy3wbpmJfeY8IGLKeRVRyBLswFZQlYUiI4BJQAQFDNvk2/4V
KbhCd9AmgqQgsH/oWsesK6mB0owD5Zy0hg7dn1gxAuLONx/YnMw=
-----END CERTIFICATE-----
Generated at Sun May 18 03:19:54 2025 by rpki-client