Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5ORyPOvAZX4RkfbEagw8aNiWTa8.roa
File: 5ORyPOvAZX4RkfbEagw8aNiWTa8.roa (raw, json)
Hash identifier: t05S897VoUpsk2SO+O7MASIFJflXpCeYOYgsNoYWRl4=
Subject key identifier: E4:E4:72:3C:EB:C0:65:7E:11:91:F6:C4:6A:0C:3C:68:D8:96:4D:AF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0660
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5ORyPOvAZX4RkfbEagw8aNiWTa8.roa
Signing time: Thu 15 May 2025 14:08:02 +0000
ROA not before: Thu 15 May 2025 14:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1632 (0x660)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 14:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E4E4723CEBC0657E1191F6C46A0C3C68D8964DAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:96:1d:04:7a:d5:c4:52:ef:04:8c:6f:51:92:
3b:e2:c3:2a:72:f6:b9:51:42:25:6b:0b:48:d1:85:
2c:21:0b:ee:f9:8b:f1:b7:e2:45:d9:1b:68:8f:8e:
4f:ce:59:bf:0c:2b:b3:13:9c:c2:10:2f:88:ec:70:
24:1b:c6:64:4d:da:d6:a7:36:98:19:b4:86:a8:bc:
eb:66:02:09:ac:bb:96:3d:0b:f2:35:6c:f2:81:70:
4a:f9:fb:9e:2c:e6:a4:e7:4e:4e:09:59:d4:a1:d5:
93:c2:ab:66:f0:bc:4d:ee:aa:fa:9d:40:14:77:4f:
6b:af:e8:dc:4e:79:00:7c:e6:a6:28:89:cf:e7:27:
8b:ff:54:22:21:6f:2f:f0:d9:b2:3e:36:b5:56:a5:
f1:3b:81:ec:5e:92:5e:2d:c3:be:55:d6:b2:c8:31:
e3:a7:78:07:54:a7:05:55:7c:8e:54:ef:15:8f:8f:
dc:d6:f4:9b:06:8e:37:f1:00:9c:d1:4b:63:e0:dc:
fc:b5:bc:30:8e:d7:88:d0:a3:1a:cf:88:52:d2:35:
80:71:07:69:a4:c9:33:98:b6:ba:21:e6:93:bf:51:
69:e0:68:20:af:a7:ee:ed:d3:27:15:83:d0:fd:e1:
b7:10:8c:43:81:91:9d:94:32:d3:06:7d:d3:ed:39:
4d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E4:72:3C:EB:C0:65:7E:11:91:F6:C4:6A:0C:3C:68:D8:96:4D:AF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5ORyPOvAZX4RkfbEagw8aNiWTa8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:e4:ea:86:38:ac:02:4e:a9:70:6f:d5:d4:bd:95:d9:25:a7:
27:65:ac:f3:67:b5:e3:aa:39:78:db:f0:c8:23:ec:b9:b2:75:
c8:0c:7c:2d:21:69:0f:6d:36:e2:e8:93:47:bd:65:cc:8e:26:
46:de:0c:a4:db:74:1a:b5:51:50:fd:36:ae:5c:f7:cc:04:eb:
84:1a:c4:98:8a:1c:d9:6d:6e:0d:d6:07:f8:a3:9d:88:7b:00:
d4:27:c8:98:23:d0:a4:00:db:8a:e6:9c:31:a2:9d:69:8b:a0:
ea:8e:79:37:c1:44:c5:0f:fa:3f:77:d8:fe:d4:e6:3c:50:5e:
ab:6e:54:6e:50:15:1a:86:1a:7c:3a:ce:de:51:81:11:68:37:
32:97:b4:17:e9:e6:57:a7:57:ba:a4:f9:2e:8b:cb:33:d4:c8:
ee:ae:f8:bf:bf:e4:37:31:7e:18:7e:87:68:f3:9f:2f:39:a4:
37:0e:c9:67:9e:dc:53:75:0c:a5:5e:1e:a1:91:8c:ec:35:9f:
37:55:48:92:a7:3a:67:c7:95:0a:f3:4e:d2:80:d1:aa:a2:ae:
08:b1:b0:92:a6:32:ea:40:ac:44:85:6c:44:e9:06:dd:fe:07:
1f:a7:42:27:a3:2f:9a:8b:49:ff:b4:77:9e:a5:c7:66:c7:78:
bd:2a:76:a2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBmAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
NDA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU0RTQ3MjNDRUJDMDY1
N0UxMTkxRjZDNDZBMEMzQzY4RDg5NjREQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVlh0EetXEUu8EjG9Rkjviwypy9rlRQiVrC0jRhSwhC+75i/G3
4kXZG2iPjk/OWb8MK7MTnMIQL4jscCQbxmRN2tanNpgZtIaovOtmAgmsu5Y9C/I1
bPKBcEr5+54s5qTnTk4JWdSh1ZPCq2bwvE3uqvqdQBR3T2uv6NxOeQB85qYoic/n
J4v/VCIhby/w2bI+NrVWpfE7gexekl4tw75V1rLIMeOneAdUpwVVfI5U7xWPj9zW
9JsGjjfxAJzRS2Pg3Py1vDCO14jQoxrPiFLSNYBxB2mkyTOYtroh5pO/UWngaCCv
p+7t0ycVg9D94bcQjEOBkZ2UMtMGfdPtOU0/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5ORyPOvAZX4RkfbEagw8aNiWTa8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81T1J5UE92QVpYNFJrZmJF
YWd3OGFOaVdUYTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIXk6oY4rAJOqXBv1dS9ldklpydlrPNnteOq
OXjb8Mgj7LmydcgMfC0haQ9tNuLok0e9ZcyOJkbeDKTbdBq1UVD9Nq5c98wE64Qa
xJiKHNltbg3WB/ijnYh7ANQnyJgj0KQA24rmnDGinWmLoOqOeTfBRMUP+j932P7U
5jxQXqtuVG5QFRqGGnw6zt5RgRFoNzKXtBfp5lenV7qk+S6LyzPUyO6u+L+/5Dcx
fhh+h2jzny85pDcOyWee3FN1DKVeHqGRjOw1nzdVSJKnOmfHlQrzTtKA0aqirgix
sJKmMupArESFbETpBt3+Bx+nQiejL5qLSf+0d56lx2bHeL0qdqI=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:10:20 2025 by rpki-client