Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6tdtgwCWUjiTcXk5WfINnm7cQ1E.roa
File: 6tdtgwCWUjiTcXk5WfINnm7cQ1E.roa (raw, json)
Hash identifier: 3y2ctiAYd+g0ITNpAuFKpzUzvP5lf67hLYFEkrj/llo=
Subject key identifier: EA:D7:6D:83:00:96:52:38:93:71:79:39:59:F2:0D:9E:6E:DC:43:51
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06D0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6tdtgwCWUjiTcXk5WfINnm7cQ1E.roa
Signing time: Fri 16 May 2025 04:08:02 +0000
ROA not before: Fri 16 May 2025 04:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1744 (0x6d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 04:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EAD76D83009652389371793959F20D9E6EDC4351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e1:f4:72:8a:d3:c7:87:7f:d6:18:6d:cd:64:
bc:1b:e8:d4:a0:23:ba:98:9b:ae:42:30:c4:bb:3d:
79:47:88:2b:98:f8:e7:40:06:cd:a1:59:99:53:24:
02:70:69:d6:1a:f7:49:57:8e:18:db:2f:17:86:49:
ef:42:59:3a:16:63:e4:9e:69:f7:18:a5:72:68:7a:
74:2d:fc:40:8b:22:19:46:2b:0f:d0:4d:15:82:af:
14:c6:1c:0d:d6:ca:46:c5:de:b2:18:46:bf:98:36:
df:bb:e5:cb:fc:76:e9:92:05:ec:f4:f8:7c:c9:e5:
0f:cd:43:bc:57:ef:05:69:43:c4:0f:33:60:ca:dd:
aa:9c:4e:b2:be:a3:35:6b:f6:fc:2d:ab:fc:26:19:
77:f1:6a:45:83:6d:53:85:ba:39:b4:bd:38:61:99:
c0:82:0a:02:bf:cc:9b:17:20:57:c9:db:e1:b4:20:
19:6b:f3:bc:0f:47:81:55:4e:03:cc:db:bb:66:b7:
43:dd:df:78:be:c0:22:3c:6f:db:be:0d:c0:bf:cc:
54:58:f3:bc:1c:60:b6:b6:42:7e:92:10:1e:fc:6f:
3f:4b:68:37:eb:df:0f:e8:19:dc:41:b1:05:c0:f0:
b5:f0:b9:7d:0b:62:17:90:2a:97:5a:a2:c9:53:6e:
07:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D7:6D:83:00:96:52:38:93:71:79:39:59:F2:0D:9E:6E:DC:43:51
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6tdtgwCWUjiTcXk5WfINnm7cQ1E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:fe:03:81:99:9c:70:b7:1e:d9:23:03:fa:e0:29:d5:39:d6:
0c:9e:05:df:d0:d2:47:d4:21:91:0b:db:6c:7b:48:3d:83:1a:
5f:34:da:5e:03:70:bb:24:6f:b6:11:cd:15:8c:2b:7d:80:9c:
f4:f1:f8:9a:a7:45:32:ba:5a:b4:02:e5:2a:e6:93:25:7b:eb:
e8:c3:65:a4:91:1d:e5:b5:17:50:56:2b:e4:24:55:74:fd:a7:
07:13:3b:0f:27:56:06:63:bc:88:c2:e3:25:52:90:51:53:cb:
39:78:f1:74:86:a0:73:5a:b1:fa:14:e7:cb:e3:52:8c:2f:87:
77:18:ea:dc:94:0d:be:b7:36:bd:58:45:7d:72:54:1f:60:81:
b3:31:80:ac:9f:91:6e:1b:84:33:18:d2:59:b4:5a:4d:18:9f:
0f:78:45:04:57:e4:0b:fc:dc:6b:4a:d7:5e:24:51:7d:7e:10:
e4:13:dd:7d:0d:f3:da:e1:52:24:15:8b:81:72:63:49:0f:64:
1a:aa:ac:c5:bf:80:f3:65:e8:f0:69:68:0b:b4:90:2f:0d:dc:
d5:f7:e2:02:8b:f4:2f:b7:c7:d1:95:d1:2d:ee:f1:8a:29:b9:
35:32:4c:ff:ac:86:0f:5a:3b:11:de:f7:2a:92:20:c9:78:41:
4f:60:d6:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
NDA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVBRDc2RDgzMDA5NjUy
Mzg5MzcxNzkzOTU5RjIwRDlFNkVEQzQzNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT4fRyitPHh3/WGG3NZLwb6NSgI7qYm65CMMS7PXlHiCuY+OdA
Bs2hWZlTJAJwadYa90lXjhjbLxeGSe9CWToWY+SeafcYpXJoenQt/ECLIhlGKw/Q
TRWCrxTGHA3WykbF3rIYRr+YNt+75cv8dumSBez0+HzJ5Q/NQ7xX7wVpQ8QPM2DK
3aqcTrK+ozVr9vwtq/wmGXfxakWDbVOFujm0vThhmcCCCgK/zJsXIFfJ2+G0IBlr
87wPR4FVTgPM27tmt0Pd33i+wCI8b9u+DcC/zFRY87wcYLa2Qn6SEB78bz9LaDfr
3w/oGdxBsQXA8LXwuX0LYheQKpdaoslTbgcBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6tdtgwCWUjiTcXk5WfINnm7cQ1EwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82dGR0Z3dDV1VqaVRjWGs1
V2ZJTm5tN2NRMUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAF7+A4GZnHC3HtkjA/rgKdU51gyeBd/Q0kfU
IZEL22x7SD2DGl802l4DcLskb7YRzRWMK32AnPTx+JqnRTK6WrQC5SrmkyV76+jD
ZaSRHeW1F1BWK+QkVXT9pwcTOw8nVgZjvIjC4yVSkFFTyzl48XSGoHNasfoU58vj
Uowvh3cY6tyUDb63Nr1YRX1yVB9ggbMxgKyfkW4bhDMY0lm0Wk0Ynw94RQRX5Av8
3GtK114kUX1+EOQT3X0N89rhUiQVi4FyY0kPZBqqrMW/gPNl6PBpaAu0kC8N3NX3
4gKL9C+3x9GV0S3u8YopuTUyTP+shg9aOxHe9yqSIMl4QU9g1kk=
-----END CERTIFICATE-----
Generated at Sat May 17 23:39:36 2025 by rpki-client