Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/E2Ful6fW9WYafb9zjbkQCdWsYO8.roa
File: E2Ful6fW9WYafb9zjbkQCdWsYO8.roa (raw, json)
Hash identifier: GXxsY+Rb06DRJ+fYd/067PcL7mE/Jd57Lq9AXdW9WTw=
Subject key identifier: 13:61:6E:97:A7:D6:F5:66:1A:7D:BF:73:8D:B9:10:09:D5:AC:60:EF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 044C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E2Ful6fW9WYafb9zjbkQCdWsYO8.roa
Signing time: Mon 12 May 2025 19:38:45 +0000
ROA not before: Mon 12 May 2025 19:38:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1100 (0x44c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 19:38:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=13616E97A7D6F5661A7DBF738DB91009D5AC60EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:45:25:d3:51:cb:8d:b0:ae:25:8a:82:c9:de:
6f:a3:56:d1:bf:83:e2:49:48:51:4a:a9:8d:e2:86:
97:8f:c7:86:53:66:5b:f1:19:44:5c:45:5d:c4:77:
16:a1:98:7e:e8:c0:c5:d4:7a:1e:03:77:24:cd:57:
1f:48:35:3d:85:e7:e3:4a:2a:6e:9d:68:b3:dc:78:
09:a2:84:d5:74:c6:66:c3:ad:59:5a:24:dd:9c:e0:
fd:cd:47:71:70:3a:f5:eb:7b:60:8c:b2:2b:28:5f:
23:da:86:75:54:a0:c6:23:30:3b:2b:b9:48:0d:8a:
72:6b:e2:40:cb:89:bc:b5:52:66:fb:dd:39:a9:12:
64:0a:2f:19:02:00:08:44:cc:cd:87:c9:c2:c8:79:
3e:5d:6b:28:db:bf:7c:df:8d:58:7d:56:d5:54:5e:
fe:61:2b:5c:63:ce:be:ad:28:3f:1e:29:a3:85:80:
31:a6:a2:92:33:a8:b3:8d:a5:8d:88:76:bd:80:59:
4c:a5:2a:59:52:15:48:b6:49:be:ab:22:8f:72:54:
10:8a:35:be:4c:1b:75:fa:19:79:fd:9a:ed:50:8d:
c4:7e:d1:7a:9a:9f:0f:3d:b5:4a:b0:59:5d:c6:34:
21:b0:22:b6:88:c1:7b:f8:ec:56:f0:95:e8:3b:10:
50:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:61:6E:97:A7:D6:F5:66:1A:7D:BF:73:8D:B9:10:09:D5:AC:60:EF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E2Ful6fW9WYafb9zjbkQCdWsYO8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6c:3a:71:89:e0:5c:64:2f:01:4f:b1:c8:0e:34:33:c4:63:40:
23:8c:0e:b4:c4:cd:06:81:62:b8:25:19:ec:cd:28:1d:c1:2a:
9c:ea:f1:f9:f3:1c:e3:d4:ed:a0:cc:94:a4:46:5b:4d:66:4e:
d5:e4:ab:b0:39:d5:a3:bd:39:21:2c:70:10:6a:50:b4:76:76:
fd:54:45:c4:e8:4f:6f:6c:74:37:04:ef:5a:a5:b0:09:6d:51:
96:81:f6:56:0e:0d:c9:55:c0:5c:1c:09:dd:40:93:c6:17:38:
d9:35:1c:a7:43:6e:af:9c:a5:58:61:7e:0d:ec:5a:e2:7a:57:
2b:39:58:c7:da:fc:37:c9:96:ac:f1:7f:c9:55:ce:11:39:1c:
a5:fd:1a:62:97:dd:57:d3:f5:8f:76:96:ab:e9:81:97:8a:f7:
67:bc:21:32:3a:e4:ae:b5:2b:e9:36:72:c9:3f:dc:25:e5:97:
bd:3a:75:c4:50:7b:4f:7b:f8:41:45:f6:d4:c2:23:6b:91:f0:
4e:20:b9:db:3a:41:3e:1c:1b:79:28:5d:d8:da:36:8e:db:3b:
87:66:87:5a:b0:3f:a8:71:1b:59:c7:eb:20:47:dc:11:47:50:
b4:87:38:99:c4:88:d9:75:15:8b:05:35:f5:d6:08:62:1a:6f:
9c:99:4a:c9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
OTM4NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEzNjE2RTk3QTdENkY1
NjYxQTdEQkY3MzhEQjkxMDA5RDVBQzYwRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyRSXTUcuNsK4lioLJ3m+jVtG/g+JJSFFKqY3ihpePx4ZTZlvx
GURcRV3EdxahmH7owMXUeh4DdyTNVx9INT2F5+NKKm6daLPceAmihNV0xmbDrVla
JN2c4P3NR3FwOvXre2CMsisoXyPahnVUoMYjMDsruUgNinJr4kDLiby1Umb73Tmp
EmQKLxkCAAhEzM2HycLIeT5dayjbv3zfjVh9VtVUXv5hK1xjzr6tKD8eKaOFgDGm
opIzqLONpY2Idr2AWUylKllSFUi2Sb6rIo9yVBCKNb5MG3X6GXn9mu1QjcR+0Xqa
nw89tUqwWV3GNCGwIraIwXv47Fbwleg7EFAHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUE2Ful6fW9WYafb9zjbkQCdWsYO8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FMkZ1bDZmVzlXWWFmYjl6
amJrUUNkV3NZTzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGw6cYngXGQvAU+xyA40M8RjQCOMDrTEzQaB
YrglGezNKB3BKpzq8fnzHOPU7aDMlKRGW01mTtXkq7A51aO9OSEscBBqULR2dv1U
RcToT29sdDcE71qlsAltUZaB9lYODclVwFwcCd1Ak8YXONk1HKdDbq+cpVhhfg3s
WuJ6Vys5WMfa/DfJlqzxf8lVzhE5HKX9GmKX3VfT9Y92lqvpgZeK92e8ITI65K61
K+k2csk/3CXll706dcRQe097+EFF9tTCI2uR8E4guds6QT4cG3koXdjaNo7bO4dm
h1qwP6hxG1nH6yBH3BFHULSHOJnEiNl1FYsFNfXWCGIab5yZSsk=
-----END CERTIFICATE-----
Generated at Sun May 18 01:53:21 2025 by rpki-client