Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/50Mh0h71vhVL-UdWYyjgEoOp2pc.roa
File: 50Mh0h71vhVL-UdWYyjgEoOp2pc.roa (raw, json)
Hash identifier: 6keX/RPBTVNLhjU9pzDCB0sWU+v+uVsyTuMmmT5IiWI=
Subject key identifier: E7:43:21:D2:1E:F5:BE:15:4B:F9:47:56:63:28:E0:12:83:A9:DA:97
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08EC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/50Mh0h71vhVL-UdWYyjgEoOp2pc.roa
Signing time: Sun 18 May 2025 23:38:07 +0000
ROA not before: Sun 18 May 2025 23:38:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2284 (0x8ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 23:38:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E74321D21EF5BE154BF947566328E01283A9DA97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:53:4f:a1:7a:50:25:9a:72:61:9c:11:49:
0a:6c:34:00:2e:ff:df:09:08:6a:44:cb:b6:24:87:
c5:6d:ce:53:57:32:30:7d:9d:8f:69:99:83:de:0c:
c5:10:a7:44:f4:c2:02:ea:1b:b9:a3:7a:4e:1e:79:
50:f9:a0:33:26:82:64:f8:3b:c6:29:c0:63:6c:8e:
02:0b:b5:ae:61:93:09:f5:84:53:20:96:02:f4:0b:
f1:1f:c9:91:3a:ba:fd:a7:13:53:0c:d9:5b:2d:3b:
c5:7c:cf:c1:8e:b3:3d:fb:5e:cf:a3:d8:89:6c:0b:
38:bf:b4:fc:52:81:f6:09:c2:5c:38:34:c3:5c:58:
2c:19:dd:ed:63:0f:6e:6b:58:9c:44:ea:a2:77:08:
b4:2e:c5:a6:2f:df:0a:98:90:8f:50:57:10:ed:77:
ab:a3:94:04:e2:d4:22:89:c7:65:2c:18:57:d3:9a:
67:e2:4d:99:61:84:a8:a6:fd:4f:ab:77:55:ba:29:
b3:ef:44:df:fe:06:5d:82:c3:2a:13:6b:9c:1e:56:
71:16:6c:da:89:9c:8b:95:b9:54:44:e1:b1:d9:25:
48:0b:c1:6f:c0:61:aa:64:ee:8d:71:a0:75:90:40:
75:ec:91:ad:85:f8:70:1d:d1:ea:f3:72:e1:96:65:
ea:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:43:21:D2:1E:F5:BE:15:4B:F9:47:56:63:28:E0:12:83:A9:DA:97
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/50Mh0h71vhVL-UdWYyjgEoOp2pc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:06:8d:be:22:aa:22:96:41:e0:dd:f4:0e:3e:19:3f:db:43:
32:a6:92:0b:c5:f4:a0:52:02:28:21:7e:f1:fe:aa:28:30:c7:
59:5c:24:fa:a4:0d:c6:3d:5b:36:63:8e:59:75:7d:f3:73:82:
e9:eb:e2:99:53:1b:1b:c1:87:98:26:b8:05:f4:a2:be:92:8a:
bd:e0:02:71:27:20:a5:53:49:68:4e:20:74:aa:99:a4:54:55:
5d:80:45:78:96:d1:29:d2:68:e6:92:e6:52:e1:e1:04:84:89:
d6:22:58:5e:1f:33:92:d8:84:42:28:b7:e3:10:aa:36:7c:eb:
f5:38:2b:64:ee:a8:fb:b5:e4:64:bc:5f:04:8e:26:a7:82:f0:
22:91:73:9d:a3:89:fa:4a:0a:c0:d3:13:b1:79:5d:29:b4:2c:
07:85:a3:87:92:cd:ae:1a:4f:79:81:65:41:a6:7b:61:5c:c1:
37:83:c9:9f:34:dc:bd:32:56:48:ae:fb:98:b0:5b:cf:df:05:
c3:56:7c:b1:f0:a4:69:98:9d:df:92:a0:47:ca:37:ad:9e:09:
20:a5:94:b2:e3:6e:cd:55:19:ab:d0:72:23:81:4a:e6:1d:27:
76:08:03:27:54:e0:0b:a8:ec:81:5c:21:e9:e3:b0:29:50:af:
95:99:06:00
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgy
MzM4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU3NDMyMUQyMUVGNUJF
MTU0QkY5NDc1NjYzMjhFMDEyODNBOURBOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Y1NPoXpQJZpyYZwRSQpsNAAu/98JCGpEy7Ykh8VtzlNXMjB9
nY9pmYPeDMUQp0T0wgLqG7mjek4eeVD5oDMmgmT4O8YpwGNsjgILta5hkwn1hFMg
lgL0C/EfyZE6uv2nE1MM2VstO8V8z8GOsz37Xs+j2IlsCzi/tPxSgfYJwlw4NMNc
WCwZ3e1jD25rWJxE6qJ3CLQuxaYv3wqYkI9QVxDtd6ujlATi1CKJx2UsGFfTmmfi
TZlhhKim/U+rd1W6KbPvRN/+Bl2CwyoTa5weVnEWbNqJnIuVuVRE4bHZJUgLwW/A
Yapk7o1xoHWQQHXska2F+HAd0erzcuGWZephAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU50Mh0h71vhVL+UdWYyjgEoOp2pcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81ME1oMGg3MXZoVkwtVWRX
WXlqZ0VvT3AycGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGcGjb4iqiKWQeDd9A4+GT/bQzKmkgvF9KBS
AighfvH+qigwx1lcJPqkDcY9WzZjjll1ffNzgunr4plTGxvBh5gmuAX0or6Sir3g
AnEnIKVTSWhOIHSqmaRUVV2ARXiW0SnSaOaS5lLh4QSEidYiWF4fM5LYhEIot+MQ
qjZ86/U4K2TuqPu15GS8XwSOJqeC8CKRc52jifpKCsDTE7F5XSm0LAeFo4eSza4a
T3mBZUGme2FcwTeDyZ803L0yVkiu+5iwW8/fBcNWfLHwpGmYnd+SoEfKN62eCSCl
lLLjbs1VGavQciOBSuYdJ3YIAydU4Auo7IFcIenjsClQr5WZBgA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:00:06 2025 by rpki-client