Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5vxBXQi7RDwnzRmqS72urGhW4k0.roa
File: 5vxBXQi7RDwnzRmqS72urGhW4k0.roa (raw, json)
Hash identifier: eHheeNWNrY6bLQqU8MlLARW/Q41g6KKqWAHGTKRsla0=
Subject key identifier: E6:FC:41:5D:08:BB:44:3C:27:CD:19:AA:4B:BD:AE:AC:68:56:E2:4D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0560
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5vxBXQi7RDwnzRmqS72urGhW4k0.roa
Signing time: Wed 14 May 2025 06:08:52 +0000
ROA not before: Wed 14 May 2025 06:08:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1376 (0x560)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 06:08:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E6FC415D08BB443C27CD19AA4BBDAEAC6856E24D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d6:67:ab:16:3a:31:c0:82:94:4e:8b:c5:80:
c5:f9:45:a1:19:47:e5:63:47:03:23:53:7e:51:a8:
69:08:0e:02:de:6e:75:ad:ff:e3:2e:9e:46:8a:af:
85:9f:23:d0:68:3c:28:ab:bc:28:90:ee:97:09:1a:
aa:64:b6:04:14:de:09:96:dd:20:5b:c1:41:7c:5c:
93:4f:b9:dc:9a:2e:75:59:53:30:09:a9:28:bf:34:
29:43:a0:5f:82:fd:dc:ff:2d:ab:e0:36:4f:93:eb:
53:51:21:c7:56:40:5c:96:7a:9b:af:73:45:b8:12:
4b:ee:77:5b:1b:d9:e5:24:36:c3:20:b4:7e:84:c5:
31:ca:2c:8e:7d:ac:f6:d7:ed:7e:75:ea:c6:5d:5b:
69:15:0a:10:f1:a7:75:2f:cb:e4:5e:91:05:8e:69:
ab:db:1c:1f:d3:57:f0:43:01:ac:8f:b5:71:4c:de:
24:4d:a8:82:83:a0:bc:8e:f3:d9:90:60:28:ab:ea:
df:fd:8c:a3:d3:0b:d4:7b:cc:54:f9:0f:67:49:a1:
cb:cc:da:4d:93:05:7b:65:b3:c0:e8:95:ce:b9:31:
dc:d8:5c:0b:f0:e3:cd:db:66:70:e4:a7:c0:ca:15:
86:9f:4e:1b:7a:ad:c0:cd:46:ee:e4:dc:48:c0:98:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:FC:41:5D:08:BB:44:3C:27:CD:19:AA:4B:BD:AE:AC:68:56:E2:4D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5vxBXQi7RDwnzRmqS72urGhW4k0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:04:ec:00:a5:2f:4c:c0:5a:67:09:27:f2:4d:2b:78:be:90:
0e:36:eb:ec:ad:b0:77:b0:40:df:e9:51:c2:dd:4a:f9:58:f6:
64:93:dc:c7:8d:24:81:06:85:db:e4:6d:ae:e1:45:55:6a:0d:
9f:87:c1:ed:dc:20:84:eb:9a:36:ad:2a:d1:8e:96:e2:8b:bd:
1f:11:79:13:d7:84:80:1c:c2:c4:c8:fc:5a:2a:98:ec:a5:12:
76:3b:36:65:29:40:62:18:c4:2d:7e:df:6b:5f:b3:a9:45:1f:
45:83:64:ae:22:d1:5c:94:9a:36:a7:c3:66:47:aa:05:fb:02:
12:00:08:97:53:a0:ff:4c:7b:4c:79:23:b1:9c:b6:87:00:53:
01:d5:27:d5:fd:f5:92:54:bd:03:c6:12:9e:e8:75:f0:af:28:
27:bd:34:ff:66:e5:e9:4e:d6:45:e8:5e:05:05:bb:ce:16:80:
6a:5d:37:f1:fa:83:61:64:0e:ff:69:3a:30:53:10:b4:a9:f3:
fe:a9:a3:e8:ef:a5:f5:c5:0e:10:fb:90:63:47:a7:e4:73:b8:
53:34:ad:4d:8f:c4:f0:9f:94:84:41:bc:7e:99:a3:24:d9:ab:
5b:d4:c3:26:8b:f8:3d:14:9c:9e:6a:36:f7:1e:30:40:43:69:
4a:37:cd:9d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NjA4NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU2RkM0MTVEMDhCQjQ0
M0MyN0NEMTlBQTRCQkRBRUFDNjg1NkUyNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC91merFjoxwIKUTovFgMX5RaEZR+VjRwMjU35RqGkIDgLebnWt
/+MunkaKr4WfI9BoPCirvCiQ7pcJGqpktgQU3gmW3SBbwUF8XJNPudyaLnVZUzAJ
qSi/NClDoF+C/dz/LavgNk+T61NRIcdWQFyWepuvc0W4Ekvud1sb2eUkNsMgtH6E
xTHKLI59rPbX7X516sZdW2kVChDxp3Uvy+RekQWOaavbHB/TV/BDAayPtXFM3iRN
qIKDoLyO89mQYCir6t/9jKPTC9R7zFT5D2dJocvM2k2TBXtls8Dolc65MdzYXAvw
483bZnDkp8DKFYafTht6rcDNRu7k3EjAmNFJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5vxBXQi7RDwnzRmqS72urGhW4k0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81dnhCWFFpN1JEd256Um1x
UzcydXJHaFc0azAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAE0E7AClL0zAWmcJJ/JNK3i+kA426+ytsHew
QN/pUcLdSvlY9mST3MeNJIEGhdvkba7hRVVqDZ+Hwe3cIITrmjatKtGOluKLvR8R
eRPXhIAcwsTI/FoqmOylEnY7NmUpQGIYxC1+32tfs6lFH0WDZK4i0VyUmjanw2ZH
qgX7AhIACJdToP9Me0x5I7GctocAUwHVJ9X99ZJUvQPGEp7odfCvKCe9NP9m5elO
1kXoXgUFu84WgGpdN/H6g2FkDv9pOjBTELSp8/6po+jvpfXFDhD7kGNHp+RzuFM0
rU2PxPCflIRBvH6ZoyTZq1vUwyaL+D0UnJ5qNvceMEBDaUo3zZ0=
-----END CERTIFICATE-----
Generated at Sat May 17 21:27:21 2025 by rpki-client