Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/UPQnxM9NY9HjczO2kXk6RYtj9Xw.roa
File: UPQnxM9NY9HjczO2kXk6RYtj9Xw.roa (raw, json)
Hash identifier: /gP5uTYNwVXxXSB2J41Ct+xEShN0b9XrdHxAMgcKOuc=
Subject key identifier: 50:F4:27:C4:CF:4D:63:D1:E3:73:33:B6:91:79:3A:45:8B:63:F5:7C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06A4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UPQnxM9NY9HjczO2kXk6RYtj9Xw.roa
Signing time: Thu 15 May 2025 22:38:02 +0000
ROA not before: Thu 15 May 2025 22:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1700 (0x6a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 22:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=50F427C4CF4D63D1E37333B691793A458B63F57C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:63:68:a2:2a:98:88:e3:69:08:42:63:75:ac:
df:f4:d2:0f:89:51:6f:08:b6:21:44:d9:a2:ff:1b:
10:65:96:a7:24:1b:06:7e:f0:6a:80:59:1f:21:8d:
d1:35:1b:cb:70:f7:64:ba:6c:bf:16:91:8d:be:e2:
fb:8a:d0:2b:b7:8c:b9:83:02:7c:41:fd:2b:d0:15:
c4:cb:be:86:f8:c8:67:d2:f0:65:4f:d3:91:ad:05:
50:de:f1:90:73:8f:c0:dc:db:d2:79:8c:ff:e4:e3:
2b:2e:1e:5e:f8:a4:6d:79:b7:18:f9:40:37:b6:78:
56:0e:21:b7:1e:d8:37:3d:07:a5:20:8c:f0:7c:be:
6e:a4:54:da:d2:25:63:c7:4c:b1:c7:ad:43:36:50:
fe:65:0a:c0:e9:7c:7d:ea:7f:e0:4d:95:d7:8b:9d:
23:a7:40:3f:b7:a8:04:c5:69:89:30:fe:3c:c3:88:
17:c4:63:c6:90:b8:06:ce:a2:11:32:5a:87:54:99:
a9:18:d1:b4:b0:ba:0e:bb:c6:75:ab:17:2e:6d:20:
97:0f:67:b6:9a:10:f1:98:8b:0b:0c:30:f2:a2:6c:
17:18:ac:4e:b0:7f:97:cc:01:e6:c1:98:d6:33:6c:
1b:31:ad:bf:8e:fd:0f:63:4a:e1:af:5b:94:1a:3f:
77:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F4:27:C4:CF:4D:63:D1:E3:73:33:B6:91:79:3A:45:8B:63:F5:7C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UPQnxM9NY9HjczO2kXk6RYtj9Xw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:8d:ad:e1:df:7d:ad:c9:e9:1b:26:8a:da:22:22:5e:4b:d2:
78:a2:02:ef:15:94:fc:1b:81:13:58:c2:d9:a6:fc:bb:8a:25:
c9:12:13:5f:f7:65:a3:14:95:9e:17:8b:ed:38:0a:a7:62:63:
2e:8d:78:4d:f6:91:95:bf:7f:50:f1:3d:26:ac:93:c6:3f:0a:
a7:13:d7:c5:50:f2:98:dc:2a:5b:34:80:70:da:f4:79:9e:b0:
3c:58:b3:01:30:00:9f:08:39:67:a9:9c:d1:a1:79:2c:58:db:
0f:26:d8:9f:de:42:d0:78:9f:3a:e7:c9:65:9d:72:87:bd:fc:
f3:7e:d7:36:fc:d9:33:fa:19:2c:6b:8c:3a:bd:3f:de:b7:24:
32:3d:94:65:22:b7:b8:a9:de:b2:ca:8f:aa:db:3e:08:dc:4d:
7b:b9:fb:2a:27:d8:c2:91:dd:d4:e7:52:46:49:65:46:d9:6e:
21:b6:50:d8:aa:99:0d:56:0f:08:72:79:bf:d2:94:72:d0:1c:
64:bc:35:c0:7e:b7:d3:b7:1b:f8:10:c0:58:1b:1f:2b:0b:a2:
ab:11:a3:21:33:c5:76:17:9e:6f:35:1e:9d:6f:a8:de:9a:07:
1d:57:d1:f5:7f:7c:ce:c1:21:61:8d:5e:d4:02:c6:c1:68:c5:
92:c5:23:2b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MjM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUwRjQyN0M0Q0Y0RDYz
RDFFMzczMzNCNjkxNzkzQTQ1OEI2M0Y1N0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyY2iiKpiI42kIQmN1rN/00g+JUW8ItiFE2aL/GxBllqckGwZ+
8GqAWR8hjdE1G8tw92S6bL8WkY2+4vuK0Cu3jLmDAnxB/SvQFcTLvob4yGfS8GVP
05GtBVDe8ZBzj8Dc29J5jP/k4ysuHl74pG15txj5QDe2eFYOIbce2Dc9B6UgjPB8
vm6kVNrSJWPHTLHHrUM2UP5lCsDpfH3qf+BNldeLnSOnQD+3qATFaYkw/jzDiBfE
Y8aQuAbOohEyWodUmakY0bSwug67xnWrFy5tIJcPZ7aaEPGYiwsMMPKibBcYrE6w
f5fMAebBmNYzbBsxrb+O/Q9jSuGvW5QaP3dLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUPQnxM9NY9HjczO2kXk6RYtj9XwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VUFFueE05Tlk5SGpjek8y
a1hrNlJZdGo5WHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEyNreHffa3J6RsmitoiIl5L0niiAu8VlPwb
gRNYwtmm/LuKJckSE1/3ZaMUlZ4Xi+04CqdiYy6NeE32kZW/f1DxPSask8Y/CqcT
18VQ8pjcKls0gHDa9HmesDxYswEwAJ8IOWepnNGheSxY2w8m2J/eQtB4nzrnyWWd
coe9/PN+1zb82TP6GSxrjDq9P963JDI9lGUit7ip3rLKj6rbPgjcTXu5+yon2MKR
3dTnUkZJZUbZbiG2UNiqmQ1WDwhyeb/SlHLQHGS8NcB+t9O3G/gQwFgbHysLoqsR
oyEzxXYXnm81Hp1vqN6aBx1X0fV/fM7BIWGNXtQCxsFoxZLFIys=
-----END CERTIFICATE-----
Generated at Sun May 18 04:52:57 2025 by rpki-client