Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7Xg77PFH9WdK1BlIdj6jzvU-ML0.roa
File: 7Xg77PFH9WdK1BlIdj6jzvU-ML0.roa (raw, json)
Hash identifier: 4HpKhJERbyecBXavDI9B/aUUxL7rc6nvmz7U+eMigg0=
Subject key identifier: ED:78:3B:EC:F1:47:F5:67:4A:D4:19:48:76:3E:A3:CE:F5:3E:30:BD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07EC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7Xg77PFH9WdK1BlIdj6jzvU-ML0.roa
Signing time: Sat 17 May 2025 15:38:08 +0000
ROA not before: Sat 17 May 2025 15:38:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2028 (0x7ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 15:38:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=ED783BECF147F5674AD41948763EA3CEF53E30BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a3:67:34:61:f1:80:1b:56:02:00:05:63:f3:
24:0d:e2:aa:5a:d6:66:18:53:04:3a:c0:d8:24:74:
5b:21:79:ea:a4:a1:06:3d:bb:65:1a:fa:cd:55:39:
e1:af:1d:a9:8d:70:e5:2f:3e:f9:dd:e4:66:46:ad:
96:1f:71:3d:4b:28:63:9a:1a:96:e3:d1:fe:47:2b:
99:a8:e5:86:7c:06:5a:6a:d2:67:8f:0a:6f:33:17:
cd:a2:4d:83:48:94:09:7d:a8:05:83:64:b7:82:be:
97:22:02:c0:25:5b:3e:ba:29:73:3d:50:20:68:42:
ea:62:8f:7c:96:4b:3f:64:53:0e:73:83:fb:31:33:
dd:eb:65:24:2b:15:b4:37:b9:f2:fb:ac:b5:47:33:
39:ca:92:79:01:ab:2e:50:2c:e6:bb:e1:c8:8c:e1:
8d:d6:6e:3a:19:e1:fd:74:39:1e:9f:bd:2b:1d:ad:
0f:56:67:f2:13:8e:47:70:59:76:69:c3:ee:17:c9:
7a:b3:90:c2:28:21:63:bf:55:9f:d8:8d:32:e6:f7:
2d:9e:76:85:6a:ea:56:e3:82:9a:39:be:06:f1:30:
67:39:f2:4e:93:79:ab:95:16:17:ce:39:e1:3d:aa:
ed:83:5a:af:d9:3a:8e:91:82:4d:b2:fa:a2:a9:6c:
10:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:78:3B:EC:F1:47:F5:67:4A:D4:19:48:76:3E:A3:CE:F5:3E:30:BD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7Xg77PFH9WdK1BlIdj6jzvU-ML0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:01:2a:35:4d:02:a5:a5:e4:bd:47:b1:b6:22:e6:17:06:d3:
19:3c:b6:0a:e6:f5:4a:6d:d9:56:9b:82:ab:4e:57:b1:14:8c:
ed:22:c6:42:2b:88:29:87:e7:9b:3b:e5:44:f6:5a:b3:e2:35:
79:ec:49:f8:40:77:b2:c9:b5:37:28:99:5d:a5:0d:8e:1e:d2:
f4:d2:47:46:a8:8b:8e:14:c9:2b:cc:b5:11:5e:ad:61:ec:8f:
11:e2:6e:00:6a:c0:0b:74:36:ff:a1:cf:c8:2f:c6:dc:07:69:
d1:c4:51:aa:1e:36:9c:08:78:79:5d:5a:ee:bf:9f:9c:6a:dc:
5e:88:86:7d:78:f6:ca:38:99:92:c7:ed:39:72:33:d0:79:38:
4e:6a:dd:24:c2:2a:10:eb:92:bd:09:80:f2:03:77:9a:95:21:
07:82:08:ea:33:c4:d3:88:90:32:a1:f8:54:46:63:cf:c9:1c:
84:94:00:c6:24:24:ef:89:6b:1e:17:2f:25:88:0b:46:65:91:
1f:d0:34:90:a5:07:03:a2:20:89:ec:10:e6:85:75:47:2b:5a:
03:13:e8:66:b2:23:f2:1d:f0:bd:33:5b:53:6b:01:db:59:5f:
d4:cf:e4:ce:02:06:1d:88:d5:eb:5f:6d:7c:c2:58:81:68:d5:
1e:5d:99:f0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB+wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
NTM4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVENzgzQkVDRjE0N0Y1
Njc0QUQ0MTk0ODc2M0VBM0NFRjUzRTMwQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0o2c0YfGAG1YCAAVj8yQN4qpa1mYYUwQ6wNgkdFsheeqkoQY9
u2Ua+s1VOeGvHamNcOUvPvnd5GZGrZYfcT1LKGOaGpbj0f5HK5mo5YZ8Blpq0meP
Cm8zF82iTYNIlAl9qAWDZLeCvpciAsAlWz66KXM9UCBoQupij3yWSz9kUw5zg/sx
M93rZSQrFbQ3ufL7rLVHMznKknkBqy5QLOa74ciM4Y3WbjoZ4f10OR6fvSsdrQ9W
Z/ITjkdwWXZpw+4XyXqzkMIoIWO/VZ/YjTLm9y2edoVq6lbjgpo5vgbxMGc58k6T
eauVFhfOOeE9qu2DWq/ZOo6Rgk2y+qKpbBDhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7Xg77PFH9WdK1BlIdj6jzvU+ML0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83WGc3N1BGSDlXZEsxQmxJ
ZGo2anp2VS1NTDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAQBKjVNAqWl5L1HsbYi5hcG0xk8tgrm9Upt
2VabgqtOV7EUjO0ixkIriCmH55s75UT2WrPiNXnsSfhAd7LJtTcomV2lDY4e0vTS
R0aoi44UySvMtRFerWHsjxHibgBqwAt0Nv+hz8gvxtwHadHEUaoeNpwIeHldWu6/
n5xq3F6Ihn149so4mZLH7TlyM9B5OE5q3STCKhDrkr0JgPIDd5qVIQeCCOozxNOI
kDKh+FRGY8/JHISUAMYkJO+Jax4XLyWIC0ZlkR/QNJClBwOiIInsEOaFdUcrWgMT
6GayI/Id8L0zW1NrAdtZX9TP5M4CBh2I1etfbXzCWIFo1R5dmfA=
-----END CERTIFICATE-----
Generated at Sun May 18 03:07:29 2025 by rpki-client