Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kVsV4GZljTJ7dCSHMohX0uax36c.roa
File: kVsV4GZljTJ7dCSHMohX0uax36c.roa (raw, json)
Hash identifier: LFNCnujb36+v4SlowfX3uiapKLov5KlpWvPFR91IORU=
Subject key identifier: 91:5B:15:E0:66:65:8D:32:7B:74:24:87:32:88:57:D2:E6:B1:DF:A7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0EB0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kVsV4GZljTJ7dCSHMohX0uax36c.roa
Signing time: Mon 26 May 2025 16:09:03 +0000
ROA not before: Mon 26 May 2025 16:09:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3760 (0xeb0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 16:09:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=915B15E066658D327B742487328857D2E6B1DFA7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ec:13:ce:64:3e:42:29:76:7e:fc:45:22:06:
5b:e1:ad:54:17:23:b6:24:e9:d5:ad:31:e1:91:e1:
36:83:c6:13:a2:a8:25:1f:70:b7:8b:0d:31:0e:d3:
4b:b2:bf:c9:96:d0:fd:db:6a:9a:35:fa:2c:46:1f:
97:ec:25:9c:e9:94:38:b7:5f:2f:60:0c:a2:29:95:
04:68:6f:2a:e2:e3:1f:a4:c8:55:ca:24:70:15:24:
5f:93:86:d2:63:87:88:11:68:8a:7a:18:85:7c:b1:
dc:be:65:f6:bd:f2:41:e2:d8:ee:a5:2b:af:32:54:
53:c1:e2:69:55:98:97:c7:12:be:18:cb:01:72:47:
2b:67:a9:3f:20:48:a5:5e:bd:0f:d7:d3:ff:a8:6e:
3a:e6:6e:b8:1a:8f:38:eb:89:36:f5:5f:6c:8f:ac:
8d:c7:f1:07:21:ae:5b:c2:6a:c5:c7:c0:a5:14:af:
d9:30:ad:2a:40:15:58:12:c1:55:f0:f5:e1:1e:f0:
ee:0c:ea:ed:d5:8b:54:3f:4d:59:e6:82:68:42:15:
dd:59:69:89:be:d6:b5:6d:c2:b4:60:fe:03:82:86:
dc:7a:8d:3e:ca:18:b1:b7:47:5e:84:e4:b0:6b:c0:
f9:b2:41:83:01:c1:ad:b5:a9:dd:32:f6:0a:b3:ed:
e7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5B:15:E0:66:65:8D:32:7B:74:24:87:32:88:57:D2:E6:B1:DF:A7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kVsV4GZljTJ7dCSHMohX0uax36c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:f9:21:e2:92:c8:44:d6:29:05:0d:43:52:f2:3a:c9:d4:09:
de:d9:8f:af:9c:6e:b1:50:86:d7:ef:99:8b:45:22:f2:93:6e:
b8:72:cd:ce:73:4f:95:15:13:21:af:64:12:ed:ed:55:eb:7c:
06:29:27:41:d9:fa:0d:e2:1c:12:41:e3:7e:4e:41:11:84:75:
82:e1:29:1c:47:43:16:e4:f3:a1:f2:a8:97:2b:fa:d7:8c:73:
06:e4:46:2b:50:5b:5b:2c:1f:a6:ec:c6:62:96:e3:a9:ad:9c:
c2:93:8d:c1:06:68:0a:9d:63:c3:87:f3:42:05:6e:49:46:89:
9f:ae:c7:7b:fc:35:8e:32:ac:b4:80:5b:ee:8f:a2:6c:75:c5:
f1:cb:7f:e7:3b:08:8e:69:46:36:f0:75:93:8a:fe:cc:6c:9b:
30:06:50:37:08:4f:87:69:77:ea:93:cc:29:c6:06:03:1d:80:
7c:5b:06:f9:00:1e:98:e8:95:da:54:3f:0a:e1:14:ef:4b:05:
63:7a:a2:b0:12:39:a3:b0:b0:6e:c8:9f:42:16:2b:09:bf:3e:
c3:2f:1d:3b:be:46:b5:f1:28:8e:ea:db:48:fe:fc:53:e3:67:
ef:0c:e9:94:86:66:f3:23:63:5c:14:dd:57:5b:de:34:e8:09:
9b:ed:8f:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDrAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYx
NjA5MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkxNUIxNUUwNjY2NThE
MzI3Qjc0MjQ4NzMyODg1N0QyRTZCMURGQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY7BPOZD5CKXZ+/EUiBlvhrVQXI7Yk6dWtMeGR4TaDxhOiqCUf
cLeLDTEO00uyv8mW0P3bapo1+ixGH5fsJZzplDi3Xy9gDKIplQRobyri4x+kyFXK
JHAVJF+ThtJjh4gRaIp6GIV8sdy+Zfa98kHi2O6lK68yVFPB4mlVmJfHEr4YywFy
RytnqT8gSKVevQ/X0/+objrmbrgajzjriTb1X2yPrI3H8QchrlvCasXHwKUUr9kw
rSpAFVgSwVXw9eEe8O4M6u3Vi1Q/TVnmgmhCFd1ZaYm+1rVtwrRg/gOChtx6jT7K
GLG3R16E5LBrwPmyQYMBwa21qd0y9gqz7efHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkVsV4GZljTJ7dCSHMohX0uax36cwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rVnNWNEdabGpUSjdkQ1NI
TW9oWDB1YXgzNmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEj5IeKSyETWKQUNQ1LyOsnUCd7Zj6+cbrFQ
htfvmYtFIvKTbrhyzc5zT5UVEyGvZBLt7VXrfAYpJ0HZ+g3iHBJB435OQRGEdYLh
KRxHQxbk86HyqJcr+teMcwbkRitQW1ssH6bsxmKW46mtnMKTjcEGaAqdY8OH80IF
bklGiZ+ux3v8NY4yrLSAW+6Pomx1xfHLf+c7CI5pRjbwdZOK/sxsmzAGUDcIT4dp
d+qTzCnGBgMdgHxbBvkAHpjoldpUPwrhFO9LBWN6orASOaOwsG7In0IWKwm/PsMv
HTu+RrXxKI7q20j+/FPjZ+8M6ZSGZvMjY1wU3Vdb3jToCZvtj/o=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:34 2025 by rpki-client