Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/M0cWiD4uMtXNSc8CqORfv-bhDYU.roa
File: M0cWiD4uMtXNSc8CqORfv-bhDYU.roa (raw, json)
Hash identifier: 5GJFX2MwTZPeXvbE0yVHN2seLvpWwbS6TL6MhvEfSVY=
Subject key identifier: 33:47:16:88:3E:2E:32:D5:CD:49:CF:02:A8:E4:5F:BF:E6:E1:0D:85
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0680
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M0cWiD4uMtXNSc8CqORfv-bhDYU.roa
Signing time: Thu 15 May 2025 18:08:04 +0000
ROA not before: Thu 15 May 2025 18:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1664 (0x680)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 18:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=334716883E2E32D5CD49CF02A8E45FBFE6E10D85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:70:38:06:c2:7f:17:15:01:71:6a:d3:a2:07:
85:f8:dc:f7:59:c4:67:0c:2b:15:48:35:cf:7d:df:
f9:2d:43:3a:07:af:40:78:28:38:95:5e:1c:6f:be:
9f:87:cd:f5:d1:b0:00:54:2b:ac:8c:79:76:f7:53:
89:8a:d1:3f:91:cd:d8:2f:c7:05:f5:e4:66:39:cc:
1a:17:57:31:91:00:51:44:27:57:76:8f:9f:e8:0f:
72:e1:9d:e4:ea:b3:81:cf:f1:b9:de:01:07:4f:d8:
2a:23:04:67:93:d7:5a:10:43:9e:60:76:d3:56:33:
c8:90:d5:c7:06:d0:df:c5:49:ef:ee:e3:d3:25:c7:
4f:b9:1c:d5:ab:fb:14:c6:47:c5:f7:85:70:05:3b:
1b:3b:ea:55:f5:7e:57:b6:69:7a:c9:99:7f:12:01:
65:e4:41:18:e4:b8:67:08:e9:3e:22:8a:15:5d:62:
b2:b8:47:27:fe:8b:ba:82:f7:0a:1e:9e:c9:39:0b:
a8:62:e3:e6:39:30:99:33:49:ec:5f:31:7b:ea:80:
92:da:4f:cc:12:fa:e1:14:8a:0d:6a:b1:32:98:4a:
03:a8:2f:75:72:d0:68:1e:63:ea:8f:60:26:12:3d:
b2:7c:c7:e9:d0:cc:27:9f:c3:b8:48:2c:54:46:6b:
ce:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:47:16:88:3E:2E:32:D5:CD:49:CF:02:A8:E4:5F:BF:E6:E1:0D:85
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M0cWiD4uMtXNSc8CqORfv-bhDYU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:8d:5b:6e:13:8e:c9:85:3f:ae:4a:18:6d:f3:54:cc:d1:51:
6e:ec:16:99:5e:d3:ca:58:23:0d:80:c7:0b:90:00:f6:da:c2:
57:fc:8b:bd:59:03:dd:ae:c6:f1:d7:46:6a:ba:f8:99:88:e3:
03:7d:19:51:ea:b1:de:63:6f:09:ce:64:cb:a0:7a:fd:49:f7:
d3:5d:cc:6c:99:3d:1d:27:24:12:f5:d2:82:5a:b7:b7:30:2c:
33:a5:10:b5:0a:f2:65:bd:c1:0c:b5:ae:86:ea:f4:e5:2d:07:
02:58:3e:ae:7e:6d:aa:5b:f6:ac:20:93:34:8f:5c:76:ee:7d:
38:d8:91:05:48:b4:c1:00:88:c3:46:5c:d7:b8:04:a9:e3:f3:
87:0e:c2:92:dd:5b:09:7a:58:d1:1a:db:ce:ac:a7:85:ba:e2:
55:b8:ca:d6:0a:0d:fa:45:4a:1f:cb:b0:60:f7:35:f6:4b:b4:
7e:c8:e4:35:7f:9e:f3:f8:ea:77:d9:b7:54:01:57:bd:d6:ad:
a4:62:6a:0e:cc:f9:cd:32:23:15:ad:f2:48:a4:9a:db:ed:2b:
62:70:9f:7f:2d:23:28:72:2a:16:b4:56:98:b5:56:b1:46:8b:
bf:14:d3:72:6c:09:3c:50:8f:75:31:a6:c6:ca:e8:53:99:5d:
15:38:8d:15
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
ODA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMzNDcxNjg4M0UyRTMy
RDVDRDQ5Q0YwMkE4RTQ1RkJGRTZFMTBEODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEcDgGwn8XFQFxatOiB4X43PdZxGcMKxVINc993/ktQzoHr0B4
KDiVXhxvvp+HzfXRsABUK6yMeXb3U4mK0T+RzdgvxwX15GY5zBoXVzGRAFFEJ1d2
j5/oD3LhneTqs4HP8bneAQdP2CojBGeT11oQQ55gdtNWM8iQ1ccG0N/FSe/u49Ml
x0+5HNWr+xTGR8X3hXAFOxs76lX1fle2aXrJmX8SAWXkQRjkuGcI6T4iihVdYrK4
Ryf+i7qC9woensk5C6hi4+Y5MJkzSexfMXvqgJLaT8wS+uEUig1qsTKYSgOoL3Vy
0GgeY+qPYCYSPbJ8x+nQzCefw7hILFRGa87XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUM0cWiD4uMtXNSc8CqORfv+bhDYUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NMGNXaUQ0dU10WE5TYzhD
cU9SZnYtYmhEWVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAyNW24TjsmFP65KGG3zVMzRUW7sFple08pY
Iw2AxwuQAPbawlf8i71ZA92uxvHXRmq6+JmI4wN9GVHqsd5jbwnOZMugev1J99Nd
zGyZPR0nJBL10oJat7cwLDOlELUK8mW9wQy1robq9OUtBwJYPq5+bapb9qwgkzSP
XHbufTjYkQVItMEAiMNGXNe4BKnj84cOwpLdWwl6WNEa286sp4W64lW4ytYKDfpF
Sh/LsGD3NfZLtH7I5DV/nvP46nfZt1QBV73WraRiag7M+c0yIxWt8kikmtvtK2Jw
n38tIyhyKha0Vpi1VrFGi78U03JsCTxQj3UxpsbK6FOZXRU4jRU=
-----END CERTIFICATE-----
Generated at Sat May 17 19:45:23 2025 by rpki-client