Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2mUxhjBVzM4tKu4exHpsKXmnDGQ.roa
File: 2mUxhjBVzM4tKu4exHpsKXmnDGQ.roa (raw, json)
Hash identifier: c6nTqhE+LiWNEzyNylEP3R9jKSO4aOzxkjelXLE0AvY=
Subject key identifier: DA:65:31:86:30:55:CC:CE:2D:2A:EE:1E:C4:7A:6C:29:79:A7:0C:64
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1650
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2mUxhjBVzM4tKu4exHpsKXmnDGQ.roa
Signing time: Thu 05 Jun 2025 20:09:27 +0000
ROA not before: Thu 05 Jun 2025 20:09:27 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5712 (0x1650)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 20:09:27 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DA6531863055CCCE2D2AEE1EC47A6C2979A70C64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:90:ea:d7:46:e8:45:65:1f:e2:49:75:f5:e3:
1e:e4:d6:df:0f:e8:05:3e:74:c9:9f:c6:0d:89:79:
6d:16:db:89:38:17:58:c9:f7:1b:33:c6:2b:e3:89:
4d:8e:a3:51:a8:89:4b:c7:b5:8d:5f:7c:b0:7c:a4:
7f:89:ca:1b:b9:76:c1:44:91:26:47:67:81:31:8a:
55:c6:e3:32:f2:73:99:49:44:76:7c:08:e9:45:ab:
eb:f2:6c:f4:09:a9:98:cf:64:15:b5:28:7d:d8:9e:
a3:80:36:00:b7:31:fc:7d:8b:e8:62:45:72:87:54:
2b:b3:af:55:0c:64:6b:b3:fe:1c:9f:6f:9d:fd:cb:
57:5c:4d:ef:02:9b:dc:18:fa:24:5d:ee:b6:f3:79:
64:8f:f1:a6:e8:c1:19:25:5c:65:47:43:f5:ca:9f:
f2:3f:0d:9b:b7:61:a3:e2:10:53:4d:ee:2f:b7:b7:
ac:d3:5a:73:01:59:c8:63:32:e7:42:08:af:60:d6:
ad:a6:7b:9e:86:65:7d:ec:8d:7a:91:e1:26:26:a2:
08:35:3d:53:b1:5f:81:f5:1d:37:46:d4:a1:e2:ad:
3f:61:e5:9f:9e:f7:de:34:ee:b8:5e:b6:58:67:1d:
e5:98:52:a5:da:33:e0:d1:d1:54:b7:fe:6f:82:f8:
b2:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:65:31:86:30:55:CC:CE:2D:2A:EE:1E:C4:7A:6C:29:79:A7:0C:64
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2mUxhjBVzM4tKu4exHpsKXmnDGQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:fa:21:ba:36:82:90:8f:4f:fa:62:98:e7:0e:e3:4f:ec:6c:
e6:99:95:63:dd:fc:6c:d3:fc:a8:62:df:d0:39:87:9a:19:d4:
de:66:c9:06:41:30:1f:9d:1e:c4:db:94:51:a5:af:c1:08:7a:
5d:12:18:f4:1b:a1:9b:28:99:b2:00:3c:7e:e0:16:88:1b:4d:
f9:45:47:6b:6e:da:8c:64:78:f6:85:98:4f:23:73:1c:05:a4:
b2:33:dc:b1:d2:68:6a:68:a1:a6:bf:e2:71:b9:e3:49:a2:6b:
6c:f7:b9:e5:42:51:ba:ab:8f:0f:e8:27:09:bf:b4:a3:33:a0:
82:43:ae:92:0b:2c:7c:02:c8:c2:01:80:1f:64:cc:c0:5b:b9:
68:5f:0f:93:4e:49:b1:43:05:c6:da:27:86:ca:09:88:2d:f6:
91:0b:14:e5:ce:85:25:31:a7:2e:bd:bd:8b:cc:e5:cc:ed:39:
ac:bd:3d:11:51:13:ae:e9:8a:19:f0:52:9e:84:f8:64:13:9a:
87:59:a2:ef:26:7f:ca:e4:6c:45:12:63:7f:a9:9c:cf:00:bc:
c6:40:44:c1:64:5b:04:2b:1a:6b:7b:32:52:ca:e5:9a:01:a3:
da:86:5f:93:49:6d:3b:f8:6f:41:9e:37:b6:e4:8a:08:75:5b:
4f:82:f1:67
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFlAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUy
MDA5MjdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERBNjUzMTg2MzA1NUND
Q0UyRDJBRUUxRUM0N0E2QzI5NzlBNzBDNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfkOrXRuhFZR/iSXX14x7k1t8P6AU+dMmfxg2JeW0W24k4F1jJ
9xszxivjiU2Oo1GoiUvHtY1ffLB8pH+Jyhu5dsFEkSZHZ4ExilXG4zLyc5lJRHZ8
COlFq+vybPQJqZjPZBW1KH3YnqOANgC3Mfx9i+hiRXKHVCuzr1UMZGuz/hyfb539
y1dcTe8Cm9wY+iRd7rbzeWSP8abowRklXGVHQ/XKn/I/DZu3YaPiEFNN7i+3t6zT
WnMBWchjMudCCK9g1q2me56GZX3sjXqR4SYmogg1PVOxX4H1HTdG1KHirT9h5Z+e
99407rhetlhnHeWYUqXaM+DR0VS3/m+C+LKpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2mUxhjBVzM4tKu4exHpsKXmnDGQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8ybVV4aGpCVnpNNHRLdTRl
eEhwc0tYbW5ER1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIf6Ibo2gpCPT/pimOcO40/sbOaZlWPd/GzT
/Khi39A5h5oZ1N5myQZBMB+dHsTblFGlr8EIel0SGPQboZsombIAPH7gFogbTflF
R2tu2oxkePaFmE8jcxwFpLIz3LHSaGpooaa/4nG540mia2z3ueVCUbqrjw/oJwm/
tKMzoIJDrpILLHwCyMIBgB9kzMBbuWhfD5NOSbFDBcbaJ4bKCYgt9pELFOXOhSUx
py69vYvM5cztOay9PRFRE67pihnwUp6E+GQTmodZou8mf8rkbEUSY3+pnM8AvMZA
RMFkWwQrGmt7MlLK5ZoBo9qGX5NJbTv4b0GeN7bkigh1W0+C8Wc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:01:14 2025 by rpki-client