Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5L1mpteeOBJ6-qWJv76PJ2RU08g.roa
File: 5L1mpteeOBJ6-qWJv76PJ2RU08g.roa (raw, json)
Hash identifier: I7a1TiSW2PRXnuD0mB4PFOoM03hDEkNzGMfOhjA8SOc=
Subject key identifier: E4:BD:66:A6:D7:9E:38:12:7A:FA:A5:89:BF:BE:8F:27:64:54:D3:C8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DE0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5L1mpteeOBJ6-qWJv76PJ2RU08g.roa
Signing time: Sun 25 May 2025 14:08:35 +0000
ROA not before: Sun 25 May 2025 14:08:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3552 (0xde0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 14:08:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E4BD66A6D79E38127AFAA589BFBE8F276454D3C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:62:3a:21:bf:6b:8a:ae:73:4e:e7:07:36:
88:ec:01:19:83:db:41:fa:e5:37:7b:1b:98:95:c3:
88:bc:d3:87:7b:ba:88:b9:02:ed:aa:d4:d8:fe:32:
96:c7:82:34:7a:e3:4c:63:a7:40:cd:b6:66:cf:20:
60:3d:1a:1c:91:97:b5:4f:69:55:ba:48:15:d9:a5:
af:88:4f:54:24:9e:76:60:87:d0:b0:7c:c2:14:1d:
db:10:2b:7a:a5:48:29:09:47:de:dd:fb:fe:2b:93:
7f:bb:6a:56:0f:45:62:f1:4b:95:14:3e:c8:c6:7e:
a7:8b:b0:e2:1d:68:90:9d:c1:f2:eb:3b:a1:c3:12:
4f:db:d6:79:e8:3f:28:b4:4f:da:d8:cf:40:55:d3:
8e:de:ae:9f:19:64:b5:64:1b:62:36:46:68:4e:ea:
84:3c:14:e8:ec:7d:bd:9f:d9:b5:d4:30:63:1d:a1:
c6:1a:34:0b:30:78:2e:d5:1f:a8:b4:da:9a:83:ac:
63:76:81:71:69:c6:b0:9b:18:df:4a:c9:80:23:22:
c6:e2:76:63:2d:65:1b:03:dc:0f:a4:37:6e:db:2a:
e3:d2:2f:9b:fb:9f:eb:29:4b:56:6c:06:fc:0c:93:
b9:9f:62:30:fd:11:07:66:af:30:45:f1:21:5b:c0:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BD:66:A6:D7:9E:38:12:7A:FA:A5:89:BF:BE:8F:27:64:54:D3:C8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5L1mpteeOBJ6-qWJv76PJ2RU08g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:af:dc:01:97:7f:49:e3:e2:6c:7b:b5:37:48:0c:88:33:58:
10:5c:73:be:5b:e1:0c:be:2b:41:c3:1a:57:70:07:42:66:14:
16:54:e6:b9:a4:ba:f3:d8:38:07:7f:15:73:38:03:c7:12:ee:
9d:e1:d2:f6:bd:79:ee:5c:31:f2:23:5d:4e:90:8f:eb:28:16:
93:f1:59:2d:64:f8:4f:3b:dd:96:66:f3:7b:72:e4:69:7a:24:
81:50:b4:8f:e3:7c:17:9d:49:af:d8:34:b5:15:39:e4:22:b9:
5c:06:7b:b0:47:3b:a9:a1:9f:5e:00:e5:76:ee:f6:8c:88:89:
38:6e:4f:44:52:92:95:9e:55:36:07:af:85:2e:77:73:a4:50:
e6:98:fd:82:4a:22:8e:cf:3d:d7:67:df:66:8e:05:6a:96:6e:
7b:a5:ac:b7:aa:c8:cd:93:21:1b:2d:b6:9c:87:75:bd:65:03:
3b:64:3e:6b:ca:bf:53:7d:df:fe:00:c7:2a:16:cc:97:4a:62:
8a:6a:91:85:1b:14:04:07:7a:07:b3:f4:41:9d:11:b5:cb:96:
cf:43:86:37:ef:85:7b:10:f8:95:e4:7a:4f:db:a1:ed:9e:9a:
72:10:fe:d1:b6:bc:ba:ca:a8:cb:d3:b1:53:cb:7a:7a:2e:49:
22:44:bb:f9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDeAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUx
NDA4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU0QkQ2NkE2RDc5RTM4
MTI3QUZBQTU4OUJGQkU4RjI3NjQ1NEQzQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5EmI6Ib9riq5zTucHNojsARmD20H65Td7G5iVw4i804d7uoi5
Au2q1Nj+MpbHgjR640xjp0DNtmbPIGA9GhyRl7VPaVW6SBXZpa+IT1QknnZgh9Cw
fMIUHdsQK3qlSCkJR97d+/4rk3+7alYPRWLxS5UUPsjGfqeLsOIdaJCdwfLrO6HD
Ek/b1nnoPyi0T9rYz0BV047erp8ZZLVkG2I2RmhO6oQ8FOjsfb2f2bXUMGMdocYa
NAsweC7VH6i02pqDrGN2gXFpxrCbGN9KyYAjIsbidmMtZRsD3A+kN27bKuPSL5v7
n+spS1ZsBvwMk7mfYjD9EQdmrzBF8SFbwBJ/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5L1mpteeOBJ6+qWJv76PJ2RU08gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81TDFtcHRlZU9CSjYtcVdK
djc2UEoyUlUwOGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAA6v3AGXf0nj4mx7tTdIDIgzWBBcc75b4Qy+
K0HDGldwB0JmFBZU5rmkuvPYOAd/FXM4A8cS7p3h0va9ee5cMfIjXU6Qj+soFpPx
WS1k+E873ZZm83ty5Gl6JIFQtI/jfBedSa/YNLUVOeQiuVwGe7BHO6mhn14A5Xbu
9oyIiThuT0RSkpWeVTYHr4Uud3OkUOaY/YJKIo7PPddn32aOBWqWbnulrLeqyM2T
IRsttpyHdb1lAztkPmvKv1N93/4AxyoWzJdKYopqkYUbFAQHegez9EGdEbXLls9D
hjfvhXsQ+JXkek/boe2emnIQ/tG2vLrKqMvTsVPLenouSSJEu/k=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:55:59 2025 by rpki-client