Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RmrAs5oyuW2QLOqm06kjTb8NmYA.roa
File: RmrAs5oyuW2QLOqm06kjTb8NmYA.roa (raw, json)
Hash identifier: uG5EW5kUKKqi7IZIl56rfpf6r6EHKeMiw82prFA8rMM=
Subject key identifier: 46:6A:C0:B3:9A:32:B9:6D:90:2C:EA:A6:D3:A9:23:4D:BF:0D:99:80
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05A0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RmrAs5oyuW2QLOqm06kjTb8NmYA.roa
Signing time: Wed 14 May 2025 14:08:03 +0000
ROA not before: Wed 14 May 2025 14:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1440 (0x5a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 14:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=466AC0B39A32B96D902CEAA6D3A9234DBF0D9980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8a:f8:16:9a:0b:88:fc:e9:61:03:72:e5:75:
2f:24:67:f0:01:3b:dd:66:96:a0:0f:e1:00:15:8b:
60:c0:2a:ff:06:52:42:52:5c:8a:e2:25:d0:60:14:
36:5a:38:bd:b7:9b:06:fe:d3:fe:56:0f:23:88:fb:
09:b9:1d:50:c9:12:51:b4:24:9f:56:9e:7d:23:3e:
45:82:e1:65:1c:00:51:e7:48:68:75:c4:a8:64:40:
8c:d7:94:83:7a:d6:9a:40:46:6d:08:00:d6:95:3c:
09:42:f9:98:50:2a:38:f9:f6:af:bf:ee:c0:85:45:
19:be:cd:ac:44:e7:15:c4:5b:1e:f5:fe:61:90:85:
e2:88:4e:a0:45:77:95:8c:9d:a3:b5:e3:f7:e6:86:
62:3d:ad:7c:4a:b7:47:cb:d4:35:6a:29:6f:27:20:
98:14:4c:bf:0f:e4:41:03:d7:45:13:c1:c3:7e:d5:
12:52:9b:6a:b8:e3:73:15:bd:19:a3:20:c0:69:01:
d7:98:6b:8b:c2:53:8c:3c:d2:00:04:3c:7f:26:59:
ad:86:21:ac:b4:1b:da:08:ea:d7:4a:e5:33:6c:1f:
60:26:37:57:9d:3c:9d:02:27:1b:fb:e7:e2:9d:96:
d1:d9:79:ec:61:fc:e6:b9:cb:61:04:71:52:a8:7d:
04:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6A:C0:B3:9A:32:B9:6D:90:2C:EA:A6:D3:A9:23:4D:BF:0D:99:80
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RmrAs5oyuW2QLOqm06kjTb8NmYA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:62:b8:4c:38:34:69:ef:db:99:eb:f0:1a:78:3a:c1:1b:05:
50:2e:22:83:f6:bd:46:8d:06:00:69:f6:a0:30:4a:11:70:09:
10:9c:b3:df:fc:8b:3e:3b:7d:54:4c:5b:bd:53:91:e2:5c:91:
93:d7:bf:b3:30:12:2c:90:44:b4:c8:5b:26:14:20:ca:a0:3a:
5a:64:75:d7:b9:87:78:bc:f0:6b:82:22:01:1c:97:61:05:eb:
a2:29:91:5e:34:95:6e:19:8e:fb:bd:9c:9a:2a:22:71:ec:c5:
55:dd:e5:ce:a6:c1:84:70:52:3d:94:2d:7d:d9:0b:e2:bc:ed:
85:da:08:32:cd:2b:10:f4:5a:09:a7:ed:b2:5a:12:cf:cf:37:
42:4e:b8:86:b9:d0:22:da:86:1e:e1:fc:e5:08:35:3e:ae:95:
58:67:41:6a:3b:ed:ec:ce:10:58:d6:1b:92:4c:eb:e0:94:db:
cf:41:51:89:2d:5b:e4:e8:bb:c4:ba:3b:70:38:5d:49:a8:8f:
48:b8:0f:c9:1e:04:fe:c0:a2:e6:3e:09:62:e8:f1:cb:47:9e:
4c:4c:b5:88:11:26:fa:5f:57:8c:de:2c:e7:50:7e:6c:8b:12:
a5:3c:aa:33:81:6b:35:e5:62:6a:25:fb:52:93:24:d7:33:69:
d1:92:c8:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
NDA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ2NkFDMEIzOUEzMkI5
NkQ5MDJDRUFBNkQzQTkyMzREQkYwRDk5ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8ivgWmguI/OlhA3LldS8kZ/ABO91mlqAP4QAVi2DAKv8GUkJS
XIriJdBgFDZaOL23mwb+0/5WDyOI+wm5HVDJElG0JJ9Wnn0jPkWC4WUcAFHnSGh1
xKhkQIzXlIN61ppARm0IANaVPAlC+ZhQKjj59q+/7sCFRRm+zaxE5xXEWx71/mGQ
heKITqBFd5WMnaO14/fmhmI9rXxKt0fL1DVqKW8nIJgUTL8P5EED10UTwcN+1RJS
m2q443MVvRmjIMBpAdeYa4vCU4w80gAEPH8mWa2GIay0G9oI6tdK5TNsH2AmN1ed
PJ0CJxv75+KdltHZeexh/Oa5y2EEcVKofQR/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURmrAs5oyuW2QLOqm06kjTb8NmYAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SbXJBczVveXVXMlFMT3Ft
MDZralRiOE5tWUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJBiuEw4NGnv25nr8Bp4OsEbBVAuIoP2vUaN
BgBp9qAwShFwCRCcs9/8iz47fVRMW71TkeJckZPXv7MwEiyQRLTIWyYUIMqgOlpk
dde5h3i88GuCIgEcl2EF66IpkV40lW4Zjvu9nJoqInHsxVXd5c6mwYRwUj2ULX3Z
C+K87YXaCDLNKxD0Wgmn7bJaEs/PN0JOuIa50CLahh7h/OUINT6ulVhnQWo77ezO
EFjWG5JM6+CU289BUYktW+Tou8S6O3A4XUmoj0i4D8keBP7AouY+CWLo8ctHnkxM
tYgRJvpfV4zeLOdQfmyLEqU8qjOBazXlYmol+1KTJNczadGSyOw=
-----END CERTIFICATE-----
Generated at Sat May 17 19:58:38 2025 by rpki-client