Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xaHC0_78tyPUbtWzZABmH1adF7Y.roa
File: xaHC0_78tyPUbtWzZABmH1adF7Y.roa (raw, json)
Hash identifier: vkUJy5Hmp8k1zLWOgSuCmbPpgTS8OB8E0EmpCl7xuEA=
Subject key identifier: C5:A1:C2:D3:FE:FC:B7:23:D4:6E:D5:B3:64:00:66:1F:56:9D:17:B6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0220
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xaHC0_78tyPUbtWzZABmH1adF7Y.roa
Signing time: Fri 09 May 2025 22:07:50 +0000
ROA not before: Fri 09 May 2025 22:07:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 544 (0x220)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 22:07:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C5A1C2D3FEFCB723D46ED5B36400661F569D17B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5d:94:f6:9d:c9:f3:65:d5:b4:6c:d9:98:35:
0c:9d:b1:e9:62:9f:b4:7a:b0:c1:86:67:24:26:9d:
cd:0f:94:7a:f5:01:4f:cd:ed:d3:a1:53:b1:6b:e1:
af:58:59:91:d3:3d:ab:a0:04:0d:4a:7e:76:a1:b2:
09:93:34:ab:be:28:3a:85:76:93:b8:38:d1:61:2e:
eb:59:d5:81:57:b9:eb:6d:cf:fb:94:87:56:0f:f8:
91:3b:0a:06:3e:e8:d9:a8:fe:b0:4a:74:d9:32:04:
b0:69:61:43:c4:54:2c:d2:93:0d:6e:9c:73:83:22:
29:8d:e8:8d:b9:ca:d2:6d:9e:2b:df:ee:fd:78:e5:
aa:00:f0:53:38:a5:73:05:a3:f1:9f:30:55:ae:60:
c9:8f:be:c5:8a:92:36:c2:5d:c3:84:35:59:fc:23:
94:7b:ac:75:a7:07:2b:96:7c:5c:ab:c3:e3:a1:59:
ad:85:ae:0a:ec:a5:15:8b:51:3c:b8:01:38:c1:8d:
fd:af:7f:c8:ae:c3:ce:67:99:4f:c4:d8:23:04:b3:
fa:07:f3:34:65:e0:a9:1a:5c:71:3e:f7:16:6a:a8:
21:26:03:13:6b:09:b5:fa:07:57:02:74:5d:c9:0c:
c8:ff:19:40:57:36:a0:2e:92:ee:2d:a8:b4:2a:35:
25:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A1:C2:D3:FE:FC:B7:23:D4:6E:D5:B3:64:00:66:1F:56:9D:17:B6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xaHC0_78tyPUbtWzZABmH1adF7Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:99:26:6f:d5:ca:3d:42:b2:7c:15:0f:e3:85:8b:75:2b:50:
02:85:fb:18:20:0e:d2:0b:f8:0c:35:68:66:30:6a:6a:61:d9:
5e:9c:89:93:78:4f:be:c9:01:13:bd:0d:9b:04:a8:b8:3d:b9:
fa:65:f7:55:59:e9:b4:be:bb:03:3f:49:a4:06:01:1c:07:85:
f4:2b:83:7d:39:ac:50:ce:27:73:4c:3c:c6:0f:76:8f:6b:a4:
8c:a8:e1:73:fc:e8:62:3b:3d:e0:b4:75:77:60:a0:74:3d:c1:
17:c9:c2:8b:ec:2a:21:9f:34:1e:d3:2c:76:fd:0c:c0:b5:21:
6e:b6:78:cc:12:14:45:5b:30:ab:50:9c:5b:1f:b2:d4:6f:e8:
b2:88:58:aa:33:2e:ff:0f:ab:d4:26:f4:3f:2a:2d:98:f0:71:
6d:78:d9:b3:27:40:f9:80:4e:1e:ff:bc:4d:07:3b:0c:d8:79:
a2:1b:bd:06:a0:9b:de:90:44:97:07:66:e2:b7:b8:f8:99:32:
bd:00:bf:b1:32:ff:76:fc:79:ca:4a:aa:4e:eb:4b:4d:8e:f1:
11:bf:68:f9:be:e4:07:d9:af:30:3d:3f:57:a3:92:6c:15:16:
fe:ac:38:83:aa:da:60:43:be:5a:f7:d4:b5:d2:e5:24:78:06:
f5:66:06:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDky
MjA3NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM1QTFDMkQzRkVGQ0I3
MjNENDZFRDVCMzY0MDA2NjFGNTY5RDE3QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkXZT2ncnzZdW0bNmYNQydselin7R6sMGGZyQmnc0PlHr1AU/N
7dOhU7Fr4a9YWZHTPaugBA1KfnahsgmTNKu+KDqFdpO4ONFhLutZ1YFXuettz/uU
h1YP+JE7CgY+6Nmo/rBKdNkyBLBpYUPEVCzSkw1unHODIimN6I25ytJtnivf7v14
5aoA8FM4pXMFo/GfMFWuYMmPvsWKkjbCXcOENVn8I5R7rHWnByuWfFyrw+OhWa2F
rgrspRWLUTy4ATjBjf2vf8iuw85nmU/E2CMEs/oH8zRl4KkaXHE+9xZqqCEmAxNr
CbX6B1cCdF3JDMj/GUBXNqAuku4tqLQqNSU9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxaHC0/78tyPUbtWzZABmH1adF7YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94YUhDMF83OHR5UFVidFd6
WkFCbUgxYWRGN1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFaZJm/Vyj1CsnwVD+OFi3UrUAKF+xggDtIL
+Aw1aGYwamph2V6ciZN4T77JARO9DZsEqLg9ufpl91VZ6bS+uwM/SaQGARwHhfQr
g305rFDOJ3NMPMYPdo9rpIyo4XP86GI7PeC0dXdgoHQ9wRfJwovsKiGfNB7TLHb9
DMC1IW62eMwSFEVbMKtQnFsfstRv6LKIWKozLv8Pq9Qm9D8qLZjwcW142bMnQPmA
Th7/vE0HOwzYeaIbvQagm96QRJcHZuK3uPiZMr0Av7Ey/3b8ecpKqk7rS02O8RG/
aPm+5AfZrzA9P1ejkmwVFv6sOIOq2mBDvlr31LXS5SR4BvVmBo0=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:25 2025 by rpki-client