Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/M6E0EZ_ki1ycN0mv5JsDU78uq8g.roa
File: M6E0EZ_ki1ycN0mv5JsDU78uq8g.roa (raw, json)
Hash identifier: 3zjJaNrER+EezFMoIs5jqZOixsYIa6ljYAKGEEVuqyo=
Subject key identifier: 33:A1:34:11:9F:E4:8B:5C:9C:37:49:AF:E4:9B:03:53:BF:2E:AB:C8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0858
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M6E0EZ_ki1ycN0mv5JsDU78uq8g.roa
Signing time: Sun 18 May 2025 05:08:09 +0000
ROA not before: Sun 18 May 2025 05:08:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2136 (0x858)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 05:08:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=33A134119FE48B5C9C3749AFE49B0353BF2EABC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d7:b4:77:09:d9:50:8d:b2:a5:e2:2f:97:b2:
60:fa:1d:e7:11:27:82:35:79:f9:5a:5e:74:0f:a8:
8a:aa:9c:fc:c4:64:d6:f5:d5:e2:a1:4c:de:f6:e8:
9c:df:9f:aa:83:bc:0b:f3:fe:d2:20:74:bf:87:3a:
d7:67:9d:de:51:60:44:dd:49:56:7c:2f:ad:bf:fe:
c6:90:c7:fe:d9:e8:57:64:c0:49:1f:50:00:d6:4b:
cf:ae:01:b5:8d:83:10:5b:82:96:78:d2:e5:15:0a:
bc:b4:c6:79:52:2f:62:26:5f:d5:54:b1:32:a5:16:
9c:ba:d0:67:17:90:8b:3a:28:ff:65:9a:0f:dd:44:
87:3e:ff:f9:2f:c4:1b:44:9e:3b:77:b0:cb:5f:31:
b0:cb:9f:cc:d4:ba:e7:aa:ef:1d:5e:38:8f:64:4d:
dc:f8:bf:02:c1:61:46:e5:ab:1d:62:1f:59:a4:71:
6a:15:1a:fc:da:ad:19:e1:9f:03:a5:38:68:8c:18:
14:fa:b7:7d:4a:b0:21:45:d4:43:70:3c:b8:23:22:
0c:3a:07:dc:3f:35:ae:31:79:63:69:01:da:8c:e7:
60:83:fd:9e:e2:6c:20:2e:af:46:37:2a:53:c8:85:
80:27:7a:04:c7:09:a8:d9:b7:c3:54:cd:71:52:ab:
61:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A1:34:11:9F:E4:8B:5C:9C:37:49:AF:E4:9B:03:53:BF:2E:AB:C8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M6E0EZ_ki1ycN0mv5JsDU78uq8g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:c7:d3:7f:94:b3:f1:89:ef:f5:a9:7b:42:fd:dd:64:20:e4:
c6:51:80:1e:f6:58:6c:6c:5a:db:cf:0a:f0:56:ed:c1:25:aa:
0e:30:3c:9c:f9:55:21:1e:0b:a0:c5:91:27:fe:f0:b0:a4:01:
9d:b7:cb:21:57:15:f3:2a:db:b3:7f:95:17:52:9b:13:bf:08:
38:74:20:d8:fc:db:38:66:c2:c3:68:d8:f9:9f:6e:79:78:54:
c8:c3:1d:30:c9:ef:2b:70:dd:e9:12:58:0e:14:a2:68:cb:11:
d0:1a:a0:77:28:42:2d:a3:b3:c6:c6:db:03:ff:0a:37:56:b0:
c4:92:67:00:00:2d:99:d7:e1:22:a8:f4:38:44:77:e1:cd:06:
22:83:b4:25:b6:e8:64:ad:b9:85:a7:f0:bc:68:21:2a:5d:a8:
d1:38:52:66:1a:42:85:02:26:33:cd:34:87:bd:3a:d4:bd:43:
9b:32:0c:2b:cf:6f:6f:79:03:82:76:e0:aa:d6:4f:53:ed:00:
11:0e:de:71:9f:d8:64:4d:74:7e:88:7d:9b:2a:38:23:7f:c5:
f3:b4:71:cc:c3:94:a7:69:72:cd:c9:36:96:8b:b0:b9:dd:d3:
5f:d1:e5:2c:3e:fc:13:e7:56:b8:a5:6f:0e:a0:eb:f3:5e:c9:
69:74:47:b0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
NTA4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMzQTEzNDExOUZFNDhC
NUM5QzM3NDlBRkU0OUIwMzUzQkYyRUFCQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDw17R3CdlQjbKl4i+XsmD6HecRJ4I1eflaXnQPqIqqnPzEZNb1
1eKhTN726Jzfn6qDvAvz/tIgdL+HOtdnnd5RYETdSVZ8L62//saQx/7Z6FdkwEkf
UADWS8+uAbWNgxBbgpZ40uUVCry0xnlSL2ImX9VUsTKlFpy60GcXkIs6KP9lmg/d
RIc+//kvxBtEnjt3sMtfMbDLn8zUuueq7x1eOI9kTdz4vwLBYUblqx1iH1mkcWoV
GvzarRnhnwOlOGiMGBT6t31KsCFF1ENwPLgjIgw6B9w/Na4xeWNpAdqM52CD/Z7i
bCAur0Y3KlPIhYAnegTHCajZt8NUzXFSq2HZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUM6E0EZ/ki1ycN0mv5JsDU78uq8gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NNkUwRVpfa2kxeWNOMG12
NUpzRFU3OHVxOGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJnH03+Us/GJ7/Wpe0L93WQg5MZRgB72WGxs
WtvPCvBW7cElqg4wPJz5VSEeC6DFkSf+8LCkAZ23yyFXFfMq27N/lRdSmxO/CDh0
INj82zhmwsNo2Pmfbnl4VMjDHTDJ7ytw3ekSWA4UomjLEdAaoHcoQi2js8bG2wP/
CjdWsMSSZwAALZnX4SKo9DhEd+HNBiKDtCW26GStuYWn8LxoISpdqNE4UmYaQoUC
JjPNNIe9OtS9Q5syDCvPb295A4J24KrWT1PtABEO3nGf2GRNdH6IfZsqOCN/xfO0
cczDlKdpcs3JNpaLsLnd01/R5Sw+/BPnVrilbw6g6/NeyWl0R7A=
-----END CERTIFICATE-----
Generated at Sun May 18 23:12:47 2025 by rpki-client