Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VJbBoWRH7lE0rySbPY_wxrnBt_M.roa
File: VJbBoWRH7lE0rySbPY_wxrnBt_M.roa (raw, json)
Hash identifier: 2w60x/L434owNcbO75Bx3WNHuIeVy8m9dLOFATQdV7g=
Subject key identifier: 54:96:C1:A1:64:47:EE:51:34:AF:24:9B:3D:8F:F0:C6:B9:C1:B7:F3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 017C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VJbBoWRH7lE0rySbPY_wxrnBt_M.roa
Signing time: Fri 09 May 2025 01:37:45 +0000
ROA not before: Fri 09 May 2025 01:37:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 380 (0x17c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 01:37:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5496C1A16447EE5134AF249B3D8FF0C6B9C1B7F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f7:50:2c:f1:a1:8c:84:cb:13:1a:19:c9:3d:
b2:42:9d:9b:48:fc:16:6d:40:d1:e1:11:f7:c4:99:
87:0f:b4:32:7e:a5:38:ee:5f:cc:0a:95:e0:b1:3c:
7c:02:10:eb:47:de:fb:76:5b:62:c3:c4:7c:19:5e:
6b:0b:b2:b9:30:07:5f:fc:d2:cb:70:db:d5:4b:ce:
e3:9d:56:11:07:d9:bc:b4:35:ae:77:53:b6:8d:ee:
ba:35:ea:67:9e:bb:5f:1b:89:e2:9c:ce:51:50:63:
05:25:7f:da:3a:9f:4b:89:ba:bc:47:5e:21:d2:58:
da:25:19:cc:4a:e2:cd:5d:9f:cb:f7:37:59:3d:ae:
3a:83:bd:e5:c5:4e:e6:6f:9a:2e:ed:ee:04:fb:fd:
ee:57:41:ab:d8:aa:cd:44:5c:cd:b2:6f:0f:08:e6:
84:36:21:93:69:87:e7:d2:54:e5:36:ae:c8:85:75:
ed:cc:49:85:1e:95:2d:76:03:60:e4:7c:f3:34:a4:
0e:07:07:02:b3:b4:b9:16:ee:c6:73:3b:56:e0:be:
80:ba:f7:03:6d:09:3d:65:79:dc:d8:53:2e:e7:6e:
80:cf:fc:97:24:88:63:e7:69:3c:2d:66:14:ff:e7:
4f:b9:b3:2b:00:2d:f6:3f:b2:2e:60:0c:8b:44:14:
43:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:96:C1:A1:64:47:EE:51:34:AF:24:9B:3D:8F:F0:C6:B9:C1:B7:F3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VJbBoWRH7lE0rySbPY_wxrnBt_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:a7:6f:29:61:1f:86:a2:df:b3:12:c9:e9:89:36:bb:ac:48:
79:ce:77:2b:91:01:60:bd:32:6e:c1:bd:a5:7a:07:23:0e:54:
7a:4f:aa:f9:17:fc:2f:4e:ff:84:94:5f:ae:79:a5:b4:e3:ee:
c0:ce:cd:ee:b0:ee:b3:2e:18:e4:c6:a1:44:9c:b7:a3:61:ee:
af:be:0f:27:fe:39:a0:b9:c8:84:5b:7f:c8:26:d1:5a:37:8a:
a4:7d:fb:9b:42:5a:fc:c1:49:4b:7f:d4:70:d0:cc:6b:fc:0b:
7e:6e:29:3d:e4:21:bd:df:ea:1e:44:c8:b4:2e:af:2c:c8:fd:
66:15:d9:63:82:3a:ab:7c:b6:4c:52:9e:45:fb:b9:37:be:63:
23:28:28:86:5d:31:90:9e:05:0a:9c:74:21:d0:60:73:58:38:
bb:7f:b2:9a:31:2f:16:ae:11:cc:69:4f:70:48:9d:dd:eb:27:
1d:ee:1b:e9:53:e6:90:f4:49:17:de:89:cd:8e:f0:2d:6e:9f:
77:8b:0d:01:5f:a6:25:b5:2d:1f:c1:e7:4c:f5:e2:09:3f:ab:
82:8b:6d:88:45:63:05:55:cd:87:d5:2a:44:78:b6:d4:7e:03:
87:84:a8:4d:23:c9:da:8e:95:58:4d:39:a9:cc:f4:ed:d8:71:
58:4d:81:ab
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAXwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
MTM3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0OTZDMUExNjQ0N0VF
NTEzNEFGMjQ5QjNEOEZGMEM2QjlDMUI3RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC191As8aGMhMsTGhnJPbJCnZtI/BZtQNHhEffEmYcPtDJ+pTju
X8wKleCxPHwCEOtH3vt2W2LDxHwZXmsLsrkwB1/80stw29VLzuOdVhEH2by0Na53
U7aN7ro16meeu18bieKczlFQYwUlf9o6n0uJurxHXiHSWNolGcxK4s1dn8v3N1k9
rjqDveXFTuZvmi7t7gT7/e5XQavYqs1EXM2ybw8I5oQ2IZNph+fSVOU2rsiFde3M
SYUelS12A2DkfPM0pA4HBwKztLkW7sZzO1bgvoC69wNtCT1ledzYUy7nboDP/Jck
iGPnaTwtZhT/50+5sysALfY/si5gDItEFEPtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVJbBoWRH7lE0rySbPY/wxrnBt/MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WSmJCb1dSSDdsRTByeVNi
UFlfd3hybkJ0X00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJOnbylhH4ai37MSyemJNrusSHnOdyuRAWC9
Mm7BvaV6ByMOVHpPqvkX/C9O/4SUX655pbTj7sDOze6w7rMuGOTGoUSct6Nh7q++
Dyf+OaC5yIRbf8gm0Vo3iqR9+5tCWvzBSUt/1HDQzGv8C35uKT3kIb3f6h5EyLQu
ryzI/WYV2WOCOqt8tkxSnkX7uTe+YyMoKIZdMZCeBQqcdCHQYHNYOLt/spoxLxau
EcxpT3BInd3rJx3uG+lT5pD0SRfeic2O8C1un3eLDQFfpiW1LR/B50z14gk/q4KL
bYhFYwVVzYfVKkR4ttR+A4eEqE0jydqOlVhNOanM9O3YcVhNgas=
-----END CERTIFICATE-----
Generated at Sat May 17 23:34:15 2025 by rpki-client