Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5IYrVbzkbvCYCoQIZVepbIiDrrQ.roa
File: 5IYrVbzkbvCYCoQIZVepbIiDrrQ.roa (raw, json)
Hash identifier: kmUoMeAZnG8+JXr+yKTGxFKzxsKsBgHcH7VCHaitd54=
Subject key identifier: E4:86:2B:55:BC:E4:6E:F0:98:0A:84:08:65:57:A9:6C:88:83:AE:B4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1400
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5IYrVbzkbvCYCoQIZVepbIiDrrQ.roa
Signing time: Mon 02 Jun 2025 18:09:24 +0000
ROA not before: Mon 02 Jun 2025 18:09:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5120 (0x1400)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 18:09:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E4862B55BCE46EF0980A84086557A96C8883AEB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f3:03:76:82:84:95:d0:8b:98:55:5d:1d:2f:
c2:d4:ce:d1:6e:8f:90:f8:4a:ab:53:62:5c:44:3d:
66:6c:32:36:40:53:e9:5d:3d:a9:74:c5:d7:0e:4f:
7d:5b:d4:8b:04:f4:df:3b:55:34:9d:4d:5b:39:e5:
63:bb:ea:08:b8:1d:d9:6e:ea:e3:4b:a0:1c:65:a2:
b0:a8:cd:49:c8:54:ed:b8:14:41:38:ce:55:17:8a:
3a:f3:cf:11:98:34:e8:c2:5a:4f:6f:bd:50:05:f8:
37:86:ac:5f:97:10:1f:c6:b4:9d:71:0e:e4:af:82:
50:09:35:9f:af:cd:cd:79:ed:b6:2a:18:17:98:1e:
41:8c:ce:c8:1d:4b:ab:b5:4f:b6:37:bb:d3:8d:86:
16:21:72:4a:5a:05:b2:20:b5:0f:81:15:e8:34:0f:
2b:9a:7f:fe:fb:ee:ea:c6:5a:df:33:57:7c:a6:76:
31:fb:d4:a7:85:8d:9a:e1:84:72:ab:e8:c4:07:6e:
58:20:b1:94:75:f9:bc:75:d8:3b:82:c1:e2:80:b2:
f2:f1:23:44:ba:22:90:f4:dc:95:9e:ae:d0:06:42:
88:78:03:69:e2:62:15:da:98:c5:8b:a9:f7:36:9c:
fc:db:bb:68:04:2f:ea:cd:e2:61:2f:4f:54:de:87:
ff:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:86:2B:55:BC:E4:6E:F0:98:0A:84:08:65:57:A9:6C:88:83:AE:B4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5IYrVbzkbvCYCoQIZVepbIiDrrQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:f4:71:c6:33:d4:a9:18:4f:7d:bc:1b:28:d8:b6:d0:2b:13:
4f:14:8e:dc:fc:0e:e9:f1:a4:e3:65:1a:91:7a:1c:93:04:d9:
7e:23:00:b4:55:77:86:33:08:b3:7d:cd:5b:22:7c:c1:6f:13:
a3:e5:40:96:57:7c:de:02:aa:95:74:b3:7d:2c:bd:ab:e1:70:
78:55:d9:17:2e:1c:c1:e6:78:82:06:84:20:c4:b5:cc:66:6c:
f9:ee:c5:43:54:66:de:22:21:95:be:39:25:cd:15:f7:b6:01:
8d:8b:60:c4:ae:ce:c8:07:d1:ae:c5:1c:c9:4e:ae:a2:77:ff:
23:79:49:c0:d4:ee:7f:e7:2b:a2:ad:a3:c0:92:25:2f:82:2e:
77:c7:0c:81:32:1e:e9:7f:86:d1:a1:a8:44:15:e9:b4:53:d7:
c8:09:50:d3:28:02:b2:67:4a:fb:8d:a1:47:1e:99:63:a8:e6:
7a:5a:0d:74:13:82:0c:e2:8d:0c:d2:52:3c:4c:7a:86:db:c1:
09:20:74:9a:a3:92:04:d8:97:87:02:50:95:4e:b6:7e:b8:56:
cf:d8:68:59:17:28:88:0b:63:0b:01:5d:fc:05:9f:c3:a1:18:
e4:9f:21:13:40:9a:9b:b1:7c:14:4f:ac:0f:81:df:50:d9:af:
91:99:62:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFAAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
ODA5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU0ODYyQjU1QkNFNDZF
RjA5ODBBODQwODY1NTdBOTZDODg4M0FFQjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp8wN2goSV0IuYVV0dL8LUztFuj5D4SqtTYlxEPWZsMjZAU+ld
Pal0xdcOT31b1IsE9N87VTSdTVs55WO76gi4Hdlu6uNLoBxlorCozUnIVO24FEE4
zlUXijrzzxGYNOjCWk9vvVAF+DeGrF+XEB/GtJ1xDuSvglAJNZ+vzc157bYqGBeY
HkGMzsgdS6u1T7Y3u9ONhhYhckpaBbIgtQ+BFeg0Dyuaf/777urGWt8zV3ymdjH7
1KeFjZrhhHKr6MQHblggsZR1+bx12DuCweKAsvLxI0S6IpD03JWertAGQoh4A2ni
YhXamMWLqfc2nPzbu2gEL+rN4mEvT1Teh/9zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5IYrVbzkbvCYCoQIZVepbIiDrrQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81SVlyVmJ6a2J2Q1lDb1FJ
WlZlcGJJaURyclEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABv0ccYz1KkYT328GyjYttArE08Ujtz8Dunx
pONlGpF6HJME2X4jALRVd4YzCLN9zVsifMFvE6PlQJZXfN4CqpV0s30svavhcHhV
2RcuHMHmeIIGhCDEtcxmbPnuxUNUZt4iIZW+OSXNFfe2AY2LYMSuzsgH0a7FHMlO
rqJ3/yN5ScDU7n/nK6Kto8CSJS+CLnfHDIEyHul/htGhqEQV6bRT18gJUNMoArJn
SvuNoUcemWOo5npaDXQTggzijQzSUjxMeobbwQkgdJqjkgTYl4cCUJVOtn64Vs/Y
aFkXKIgLYwsBXfwFn8OhGOSfIRNAmpuxfBRPrA+B31DZr5GZYlU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:09:40 2025 by rpki-client