Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5nmcx6cnR-RPVV5D3uSrRuAyyc8.roa
File: 5nmcx6cnR-RPVV5D3uSrRuAyyc8.roa (raw, json)
Hash identifier: GrGG1ivPaDiDaKfbCfdlRQIfnLBEAb6loRId3UGxLHc=
Subject key identifier: E6:79:9C:C7:A7:27:47:E4:4F:55:5E:43:DE:E4:AB:46:E0:32:C9:CF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03B0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5nmcx6cnR-RPVV5D3uSrRuAyyc8.roa
Signing time: Mon 12 May 2025 00:08:14 +0000
ROA not before: Mon 12 May 2025 00:08:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 944 (0x3b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 00:08:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E6799CC7A72747E44F555E43DEE4AB46E032C9CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1c:eb:bf:3a:f7:95:74:e9:89:23:8a:2f:17:
18:f0:26:86:07:08:b4:1b:58:7e:3d:6e:b7:06:4f:
14:66:38:f1:d4:a1:3e:dd:ab:df:9c:ab:02:4a:3c:
62:d6:74:4a:37:8a:c7:76:e5:39:33:9e:d3:5e:0a:
ea:ae:31:c3:88:ef:44:e0:47:d0:17:93:0f:58:99:
03:51:b5:ab:ae:cc:c5:22:85:a2:66:47:03:62:2f:
69:9f:68:df:18:d2:3e:9e:d7:8c:19:a3:d8:8c:29:
cd:8a:ad:7a:7a:8c:13:c7:f8:ea:49:95:48:f4:c8:
29:21:14:b4:e9:17:3a:0e:aa:e6:35:39:8d:7c:ec:
fb:19:ff:52:99:0a:48:19:ae:27:a4:c5:5c:6f:69:
dc:1b:0b:b7:b8:33:c5:68:d5:e7:c8:b1:8f:67:1d:
72:75:06:fa:7e:f5:91:3e:72:2a:54:c7:2b:5a:30:
79:be:95:db:bd:94:10:d4:34:d1:0e:39:17:62:fa:
ed:6b:be:4b:b3:52:84:ee:75:77:21:26:0d:61:31:
d9:a2:1e:a8:ac:0e:3f:a2:44:62:e5:2e:4b:b8:97:
72:80:37:53:fe:1f:aa:76:28:90:05:aa:b4:c2:f8:
68:73:a2:02:2f:b5:d3:49:aa:ba:9b:b8:27:73:09:
14:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:79:9C:C7:A7:27:47:E4:4F:55:5E:43:DE:E4:AB:46:E0:32:C9:CF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5nmcx6cnR-RPVV5D3uSrRuAyyc8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:a7:63:d8:18:8c:1d:c1:ff:f9:b2:f4:03:07:b9:63:18:06:
0a:6b:7c:ff:1f:a2:69:75:48:fc:f2:b8:b1:07:ad:18:21:c2:
62:23:a2:8e:a0:33:46:76:25:76:f2:12:e0:ad:6b:bc:31:47:
09:61:f3:69:d1:41:35:8e:a1:2f:fe:f0:a7:db:20:fa:84:36:
13:d6:8b:4a:e2:aa:c5:9c:b6:b3:c8:0d:aa:68:03:ec:82:ac:
07:69:aa:18:55:0b:8b:a1:0c:a7:ba:33:98:72:16:e6:bd:57:
10:23:6d:7f:d1:c2:05:c7:cd:60:12:af:46:1f:29:22:5b:81:
f0:47:27:fb:8f:ba:05:cf:64:2d:f0:36:a4:7a:ab:54:89:77:
bf:51:68:74:12:f0:d8:b0:2a:f1:4d:db:68:40:18:6d:08:9b:
c3:30:5e:e2:c0:2a:5d:44:62:4a:74:60:48:54:ed:a6:dc:8a:
f2:f1:0d:2d:0c:bb:d8:f7:dd:81:fe:ea:4d:b3:05:be:c2:36:
84:de:a0:25:64:23:3f:af:27:18:da:f3:d9:08:99:97:78:c1:
4b:ae:8c:d0:d2:57:fc:db:16:e4:9f:03:5a:ec:68:0f:4a:e3:
14:25:41:f7:4a:5a:e9:de:cd:24:8b:e6:66:24:44:a3:00:10:
c9:16:e7:3e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA7AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
MDA4MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU2Nzk5Q0M3QTcyNzQ3
RTQ0RjU1NUU0M0RFRTRBQjQ2RTAzMkM5Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9HOu/OveVdOmJI4ovFxjwJoYHCLQbWH49brcGTxRmOPHUoT7d
q9+cqwJKPGLWdEo3isd25TkzntNeCuquMcOI70TgR9AXkw9YmQNRtauuzMUihaJm
RwNiL2mfaN8Y0j6e14wZo9iMKc2KrXp6jBPH+OpJlUj0yCkhFLTpFzoOquY1OY18
7PsZ/1KZCkgZriekxVxvadwbC7e4M8Vo1efIsY9nHXJ1Bvp+9ZE+cipUxytaMHm+
ldu9lBDUNNEOORdi+u1rvkuzUoTudXchJg1hMdmiHqisDj+iRGLlLku4l3KAN1P+
H6p2KJAFqrTC+GhzogIvtdNJqrqbuCdzCRR/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5nmcx6cnR+RPVV5D3uSrRuAyyc8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81bm1jeDZjblItUlBWVjVE
M3VTclJ1QXl5Yzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADynY9gYjB3B//my9AMHuWMYBgprfP8foml1
SPzyuLEHrRghwmIjoo6gM0Z2JXbyEuCta7wxRwlh82nRQTWOoS/+8KfbIPqENhPW
i0riqsWctrPIDapoA+yCrAdpqhhVC4uhDKe6M5hyFua9VxAjbX/RwgXHzWASr0Yf
KSJbgfBHJ/uPugXPZC3wNqR6q1SJd79RaHQS8NiwKvFN22hAGG0Im8MwXuLAKl1E
Ykp0YEhU7abcivLxDS0Mu9j33YH+6k2zBb7CNoTeoCVkIz+vJxja89kImZd4wUuu
jNDSV/zbFuSfA1rsaA9K4xQlQfdKWunezSSL5mYkRKMAEMkW5z4=
-----END CERTIFICATE-----
Generated at Sun May 18 00:51:18 2025 by rpki-client