Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JW-Y3peI5do4G5qe1UxLg90vG8I.roa
File: JW-Y3peI5do4G5qe1UxLg90vG8I.roa (raw, json)
Hash identifier: PDBmT2piAAUWT3wavnM++6zINFnrg6WpMyiQnHfLAPo=
Subject key identifier: 25:6F:98:DE:97:88:E5:DA:38:1B:9A:9E:D5:4C:4B:83:DD:2F:1B:C2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 060C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JW-Y3peI5do4G5qe1UxLg90vG8I.roa
Signing time: Thu 15 May 2025 03:38:01 +0000
ROA not before: Thu 15 May 2025 03:38:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1548 (0x60c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 03:38:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=256F98DE9788E5DA381B9A9ED54C4B83DD2F1BC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0b:b3:3b:7b:a7:e3:f1:53:3c:ca:57:ba:13:
84:5b:36:44:dd:9e:2f:9d:34:53:f5:28:7d:03:ba:
a8:f7:6b:90:8b:a2:bf:d1:87:d4:8c:aa:81:4f:36:
f4:1d:bb:e2:00:9c:2d:1b:dc:cb:cb:20:65:a8:cd:
62:d2:69:e1:4c:73:78:0e:48:19:4d:35:50:7d:8a:
ad:9c:c8:42:9a:d7:1c:01:50:75:15:8b:b5:4b:16:
a2:86:82:a5:dd:0c:7d:44:b7:fa:66:d6:ad:cb:c1:
d7:01:26:fe:eb:60:d1:8b:cd:49:fd:93:52:a1:bf:
c5:21:b4:69:ab:40:78:44:d6:8a:c5:34:ba:00:fe:
65:d2:82:99:11:60:64:9f:80:52:a5:a1:3c:bf:fc:
59:f7:1f:b0:86:77:84:f1:fb:af:2b:5d:c5:44:6c:
e7:ce:c5:27:db:dc:ff:b8:57:2d:4a:2f:a5:c9:cf:
8c:0a:c3:af:2b:01:b2:ca:dd:58:93:ed:bb:10:58:
e9:e9:35:ed:38:c2:b4:00:af:73:98:b0:30:d4:a6:
7e:c9:4b:a7:37:80:3d:45:57:ec:b1:65:45:10:72:
bf:fe:45:9f:17:c3:b8:8f:29:76:e4:65:9d:06:3a:
18:76:9c:3b:23:27:32:ad:86:66:7f:a7:bb:02:ef:
83:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:6F:98:DE:97:88:E5:DA:38:1B:9A:9E:D5:4C:4B:83:DD:2F:1B:C2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JW-Y3peI5do4G5qe1UxLg90vG8I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:cb:dd:b1:ff:ce:31:3a:1e:41:da:c0:f7:73:68:0e:68:10:
c1:de:74:46:36:ee:05:84:81:c0:5c:91:dc:21:20:a3:b7:b1:
d7:ca:d1:d2:e1:a2:c5:e1:3f:05:4c:7a:df:e7:fb:a7:34:1c:
e8:03:7d:3e:47:8a:9e:fd:e6:06:ac:90:8c:a5:03:7e:e8:b8:
42:c5:fc:dc:9c:e6:80:94:12:d0:ef:ee:4c:c6:2e:ff:32:89:
d4:27:1f:40:81:70:f1:2d:7a:d4:de:d9:0e:a6:d9:2a:8f:56:
db:e7:99:20:15:66:f1:f5:49:b5:88:8e:ad:91:16:d7:9f:88:
9e:36:60:c4:26:e8:be:9f:29:2a:f7:d0:42:86:72:d9:1c:a0:
2b:f9:e5:3d:4f:6c:8a:0c:30:ad:7b:53:62:7f:d5:ca:14:31:
1e:15:b0:f1:bd:0c:98:a1:1b:e5:32:5e:fe:da:21:e8:ef:b1:
ea:b2:ac:22:55:a3:e3:bb:1f:6c:2b:e7:d9:d5:f6:22:06:1b:
8f:c5:e6:00:1a:55:e1:c0:2d:88:4f:ec:40:d2:7c:d2:b9:5f:
b2:ca:6e:13:d1:90:59:d7:df:19:9b:73:98:ee:32:8b:d0:1f:
0c:1d:27:fd:5a:45:20:c6:9d:9a:fc:a0:26:48:d0:72:db:97:
f8:59:8e:a3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MzM4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI1NkY5OERFOTc4OEU1
REEzODFCOUE5RUQ1NEM0QjgzREQyRjFCQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhC7M7e6fj8VM8yle6E4RbNkTdni+dNFP1KH0Duqj3a5CLor/R
h9SMqoFPNvQdu+IAnC0b3MvLIGWozWLSaeFMc3gOSBlNNVB9iq2cyEKa1xwBUHUV
i7VLFqKGgqXdDH1Et/pm1q3LwdcBJv7rYNGLzUn9k1Khv8UhtGmrQHhE1orFNLoA
/mXSgpkRYGSfgFKloTy//Fn3H7CGd4Tx+68rXcVEbOfOxSfb3P+4Vy1KL6XJz4wK
w68rAbLK3ViT7bsQWOnpNe04wrQAr3OYsDDUpn7JS6c3gD1FV+yxZUUQcr/+RZ8X
w7iPKXbkZZ0GOhh2nDsjJzKthmZ/p7sC74PfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJW+Y3peI5do4G5qe1UxLg90vG8IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KVy1ZM3BlSTVkbzRHNXFl
MVV4TGc5MHZHOEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ7L3bH/zjE6HkHawPdzaA5oEMHedEY27gWE
gcBckdwhIKO3sdfK0dLhosXhPwVMet/n+6c0HOgDfT5Hip795gaskIylA37ouELF
/Nyc5oCUEtDv7kzGLv8yidQnH0CBcPEtetTe2Q6m2SqPVtvnmSAVZvH1SbWIjq2R
FtefiJ42YMQm6L6fKSr30EKGctkcoCv55T1PbIoMMK17U2J/1coUMR4VsPG9DJih
G+UyXv7aIejvseqyrCJVo+O7H2wr59nV9iIGG4/F5gAaVeHALYhP7EDSfNK5X7LK
bhPRkFnX3xmbc5juMovQHwwdJ/1aRSDGnZr8oCZI0HLbl/hZjqM=
-----END CERTIFICATE-----
Generated at Sun May 18 03:06:28 2025 by rpki-client