Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cEOd8lzkFQeESE9cudloUZPzWbs.roa
File: cEOd8lzkFQeESE9cudloUZPzWbs.roa (raw, json)
Hash identifier: 7Bf+LLvKjtZcH01etqmzoWRy4uudcwrhnB5tDRMrCl4=
Subject key identifier: 70:43:9D:F2:5C:E4:15:07:84:48:4F:5C:B9:D9:68:51:93:F3:59:BB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05C4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cEOd8lzkFQeESE9cudloUZPzWbs.roa
Signing time: Wed 14 May 2025 18:38:01 +0000
ROA not before: Wed 14 May 2025 18:38:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1476 (0x5c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 18:38:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=70439DF25CE4150784484F5CB9D9685193F359BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ed:1d:60:f9:18:33:32:d0:f3:8f:18:df:bd:
ed:90:b3:22:58:14:45:84:14:61:02:40:a3:20:77:
b3:52:74:eb:49:f6:af:f0:f5:7a:74:a2:c5:09:ce:
b2:d7:29:32:e5:b5:7f:27:c7:78:02:dc:2b:38:72:
3e:2e:ff:5a:4f:a4:00:fd:d2:14:b3:4e:79:fd:bb:
1c:50:6d:49:36:3b:a9:a6:04:ff:d4:8f:67:2f:a0:
ec:92:e2:e4:83:7f:c8:73:f7:d8:5d:50:3a:2b:d7:
0b:de:70:e8:ef:a3:22:b3:07:c9:21:97:3f:84:1e:
41:a3:81:07:b9:a4:b0:41:b7:50:1f:22:a4:b2:9c:
eb:46:26:1b:d4:75:8b:ba:c5:69:54:ec:42:26:a0:
f2:26:d8:c5:b3:20:ed:fc:bd:d4:c8:54:cb:be:ff:
5c:29:83:c4:28:1c:3f:bf:12:9a:49:1c:91:ff:91:
6f:e1:6c:de:d8:47:df:3d:3d:77:59:3e:92:fb:5b:
65:f1:33:6c:b0:a3:55:f1:94:75:2d:9f:4b:32:d4:
30:8a:f5:45:64:23:77:54:d0:de:c9:19:b5:2e:2d:
4d:14:45:84:d1:eb:c3:ed:55:54:4d:96:f8:33:39:
a7:b3:ff:e3:8b:a7:30:35:38:a1:3c:52:22:59:01:
bf:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:43:9D:F2:5C:E4:15:07:84:48:4F:5C:B9:D9:68:51:93:F3:59:BB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cEOd8lzkFQeESE9cudloUZPzWbs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:5b:b0:25:ef:29:b9:71:16:e9:5d:9e:9b:94:d3:74:9d:08:
ce:33:c3:99:d1:28:81:e0:5c:60:b7:98:3d:a4:b7:ac:a7:a6:
57:8b:59:13:68:c9:c1:7b:ba:ec:ee:8f:80:e1:b0:8c:b6:51:
fa:da:6b:41:45:da:2f:96:c7:bb:9f:55:b2:5d:ce:5c:d3:c3:
be:be:b2:39:67:21:2e:e8:2f:e8:44:26:03:4a:5c:3c:a5:9e:
50:5e:ec:a8:b9:05:65:95:b8:67:2b:79:0d:6a:64:1f:2f:b1:
88:57:3d:1f:0a:16:7f:c1:19:cb:64:90:b7:02:b9:f2:ae:05:
12:9e:b0:a5:5c:4d:0f:5f:8c:4e:fa:76:63:5a:ed:a8:c3:98:
84:a3:d4:e5:d5:34:66:e6:f7:5e:0f:17:7f:23:6d:86:fa:6b:
66:c9:b1:f6:98:12:5f:3b:7d:fb:63:c4:88:59:5d:e8:8d:b0:
35:ea:28:49:82:e8:63:36:11:ee:dc:dc:0f:36:5e:1d:05:b6:
97:9f:23:bf:9c:16:89:6b:15:4b:45:60:5a:72:87:fa:c6:36:
0b:ff:21:62:45:46:55:21:0e:f8:a5:9c:df:88:89:53:b7:29:
ef:61:94:a4:27:43:3d:37:cb:21:88:3d:bc:74:61:8a:e7:e1:
a6:3d:9d:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBcQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
ODM4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcwNDM5REYyNUNFNDE1
MDc4NDQ4NEY1Q0I5RDk2ODUxOTNGMzU5QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCS7R1g+RgzMtDzjxjfve2QsyJYFEWEFGECQKMgd7NSdOtJ9q/w
9Xp0osUJzrLXKTLltX8nx3gC3Cs4cj4u/1pPpAD90hSzTnn9uxxQbUk2O6mmBP/U
j2cvoOyS4uSDf8hz99hdUDor1wvecOjvoyKzB8khlz+EHkGjgQe5pLBBt1AfIqSy
nOtGJhvUdYu6xWlU7EImoPIm2MWzIO38vdTIVMu+/1wpg8QoHD+/EppJHJH/kW/h
bN7YR989PXdZPpL7W2XxM2ywo1XxlHUtn0sy1DCK9UVkI3dU0N7JGbUuLU0URYTR
68PtVVRNlvgzOaez/+OLpzA1OKE8UiJZAb/NAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcEOd8lzkFQeESE9cudloUZPzWbswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jRU9kOGx6a0ZRZUVTRTlj
dWRsb1VaUHpXYnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACNbsCXvKblxFuldnpuU03SdCM4zw5nRKIHg
XGC3mD2kt6ynpleLWRNoycF7uuzuj4DhsIy2Ufraa0FF2i+Wx7ufVbJdzlzTw76+
sjlnIS7oL+hEJgNKXDylnlBe7Ki5BWWVuGcreQ1qZB8vsYhXPR8KFn/BGctkkLcC
ufKuBRKesKVcTQ9fjE76dmNa7ajDmISj1OXVNGbm914PF38jbYb6a2bJsfaYEl87
fftjxIhZXeiNsDXqKEmC6GM2Ee7c3A82Xh0FtpefI7+cFolrFUtFYFpyh/rGNgv/
IWJFRlUhDvilnN+IiVO3Ke9hlKQnQz03yyGIPbx0YYrn4aY9nWA=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:14 2025 by rpki-client