Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nmzE5IHkZyvP_VCZBVe8aDIRz64.roa
File: nmzE5IHkZyvP_VCZBVe8aDIRz64.roa (raw, json)
Hash identifier: U48zatNch9OQXPDWlSTzvOWU2czBYE+t3OWAPsLvqq8=
Subject key identifier: 9E:6C:C4:E4:81:E4:67:2B:CF:FD:50:99:05:57:BC:68:32:11:CF:AE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0784
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nmzE5IHkZyvP_VCZBVe8aDIRz64.roa
Signing time: Sat 17 May 2025 02:38:07 +0000
ROA not before: Sat 17 May 2025 02:38:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1924 (0x784)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 02:38:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9E6CC4E481E4672BCFFD50990557BC683211CFAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9b:31:73:bf:99:72:34:d4:a1:3e:e8:48:96:
76:a3:94:d9:f2:ac:9f:cc:79:fa:66:8f:30:b8:80:
54:fe:e3:f9:8d:cf:98:a4:92:02:ef:c7:cb:73:61:
7e:55:ab:ff:77:ec:67:1e:25:7b:32:c7:7f:e0:fc:
ea:bf:9d:6c:93:8b:2b:20:30:0c:56:a2:42:d2:f4:
5d:6a:f7:9a:22:3d:c0:f4:c6:ed:1a:3c:cd:8c:f7:
2f:db:99:44:ac:38:0d:a0:34:cf:6a:71:c5:d6:1d:
44:eb:61:ee:b5:ad:f8:ae:04:7c:2f:e3:e5:22:f6:
48:ba:64:ed:f6:3b:80:8f:e9:93:5a:4f:f7:f6:da:
1a:be:03:f5:c0:ef:4f:9b:4b:8c:d2:fa:f6:87:24:
d9:d9:da:8d:3e:89:74:7d:5d:46:53:6f:5e:86:51:
5c:70:f2:0e:af:71:fc:17:de:39:b9:e4:9c:0b:69:
10:65:02:50:f8:a7:62:6a:e6:ef:9a:40:bf:f4:cd:
04:d5:69:f8:91:3a:22:94:04:2b:51:9b:4c:c6:45:
bc:f3:e2:e8:71:e2:cb:6a:ea:8f:5d:88:d0:ff:ce:
27:c9:89:4b:b6:94:02:62:1f:fe:7d:76:c4:5a:65:
28:63:c9:3a:d7:f4:f1:6e:74:f7:fa:3c:9b:9e:4e:
5a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:6C:C4:E4:81:E4:67:2B:CF:FD:50:99:05:57:BC:68:32:11:CF:AE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nmzE5IHkZyvP_VCZBVe8aDIRz64.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:37:32:cb:1d:b7:ae:d3:c8:66:31:b8:a7:0b:41:b3:4b:f0:
2b:7a:26:a5:af:b4:52:77:e9:49:a7:fe:ac:3d:d2:9d:c6:9f:
8f:8f:28:19:d1:38:56:d0:fa:78:e9:8f:d2:ae:83:68:a5:56:
21:d6:87:85:36:70:bf:ff:d5:9c:46:e4:58:c4:0a:8b:ff:72:
f0:cd:5e:eb:35:c0:48:95:eb:be:cc:0f:08:2a:fd:f9:cc:8f:
a9:c7:b9:1b:de:1b:bd:8a:11:81:c6:f9:04:15:e3:2d:01:0e:
da:5d:52:d5:43:5c:f5:2f:39:aa:29:16:00:d6:a4:9e:1c:83:
ae:45:b6:28:b4:da:bb:d5:83:41:f8:2a:73:3d:b8:01:3b:20:
53:69:8a:fc:d3:19:fa:3f:f6:35:b7:75:2b:6a:3d:52:97:ac:
59:82:f5:77:0d:37:01:62:b0:7a:f4:dd:bb:84:d9:28:b3:ca:
16:cd:ad:7f:12:79:ab:91:38:91:2e:d0:ce:4d:ad:02:c6:b1:
0d:63:af:24:ae:05:9e:ad:f0:d6:ce:83:b5:cd:3b:59:f2:1c:
36:8a:65:89:a9:83:a0:f3:77:94:3e:94:4e:e4:68:d9:c0:3b:
3d:08:57:4e:c7:d4:c9:e9:a4:bf:11:5a:ae:64:10:1a:67:26:
15:cf:26:70
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB4QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
MjM4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlFNkNDNEU0ODFFNDY3
MkJDRkZENTA5OTA1NTdCQzY4MzIxMUNGQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRmzFzv5lyNNShPuhIlnajlNnyrJ/MefpmjzC4gFT+4/mNz5ik
kgLvx8tzYX5Vq/937GceJXsyx3/g/Oq/nWyTiysgMAxWokLS9F1q95oiPcD0xu0a
PM2M9y/bmUSsOA2gNM9qccXWHUTrYe61rfiuBHwv4+Ui9ki6ZO32O4CP6ZNaT/f2
2hq+A/XA70+bS4zS+vaHJNnZ2o0+iXR9XUZTb16GUVxw8g6vcfwX3jm55JwLaRBl
AlD4p2Jq5u+aQL/0zQTVafiROiKUBCtRm0zGRbzz4uhx4stq6o9diND/zifJiUu2
lAJiH/59dsRaZShjyTrX9PFudPf6PJueTlpxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnmzE5IHkZyvP/VCZBVe8aDIRz64wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ubXpFNUlIa1p5dlBfVkNa
QlZlOGFESVJ6NjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKk3Mssdt67TyGYxuKcLQbNL8Ct6JqWvtFJ3
6Umn/qw90p3Gn4+PKBnROFbQ+njpj9Kug2ilViHWh4U2cL//1ZxG5FjECov/cvDN
Xus1wEiV677MDwgq/fnMj6nHuRveG72KEYHG+QQV4y0BDtpdUtVDXPUvOaopFgDW
pJ4cg65Ftii02rvVg0H4KnM9uAE7IFNpivzTGfo/9jW3dStqPVKXrFmC9XcNNwFi
sHr03buE2SizyhbNrX8SeauROJEu0M5NrQLGsQ1jrySuBZ6t8NbOg7XNO1nyHDaK
ZYmpg6Dzd5Q+lE7kaNnAOz0IV07H1MnppL8RWq5kEBpnJhXPJnA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:06 2025 by rpki-client