Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DlyhT0c_q5YQFVuJQUtT0mOfB40.roa
File: DlyhT0c_q5YQFVuJQUtT0mOfB40.roa (raw, json)
Hash identifier: 8DVeYipH04T2mvaL/ig+mECm9+DGdPCC4qlJRXNeURs=
Subject key identifier: 0E:5C:A1:4F:47:3F:AB:96:10:15:5B:89:41:4B:53:D2:63:9F:07:8D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0614
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DlyhT0c_q5YQFVuJQUtT0mOfB40.roa
Signing time: Thu 15 May 2025 04:38:05 +0000
ROA not before: Thu 15 May 2025 04:38:05 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1556 (0x614)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 04:38:05 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0E5CA14F473FAB9610155B89414B53D2639F078D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1d:a7:bb:ec:7d:2a:84:65:31:87:83:e3:cb:
85:98:61:c7:38:61:53:1a:97:55:df:61:68:a7:99:
30:e7:3a:78:3d:69:fa:99:6e:83:86:3a:8b:fe:f6:
51:68:eb:77:a9:e3:bc:47:f6:84:cb:66:b3:c1:a5:
28:9a:40:c9:64:ee:11:24:97:f2:27:11:88:a8:ea:
ac:80:ed:92:fa:f9:53:af:8d:51:22:16:4a:1a:29:
a2:7a:d4:77:c8:32:1b:ac:92:66:94:d6:7f:de:ae:
f2:15:53:ac:c7:cf:d1:85:fa:92:f5:a6:f5:f4:12:
6e:98:62:0b:f1:b3:3d:1f:b4:c4:de:0c:9e:99:51:
ad:98:ac:c2:a4:ae:f4:52:7f:ef:e4:c8:89:90:96:
03:8a:bf:ba:bf:f6:1f:d6:98:98:92:8c:7f:ad:ee:
bc:f7:03:3e:5a:9a:ba:3d:ac:cf:fe:18:31:b5:eb:
c4:a6:06:52:5f:6a:00:e5:4f:e0:6a:0a:00:4f:81:
a9:2a:c8:cf:da:88:c9:f0:6a:42:fc:34:fd:c8:62:
4a:b0:46:3f:48:38:48:b5:7f:20:45:67:e4:cc:9a:
21:78:07:56:e6:9f:65:92:63:96:03:1d:fb:37:99:
a8:da:5a:6c:dd:15:43:66:28:35:a3:96:78:65:19:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:5C:A1:4F:47:3F:AB:96:10:15:5B:89:41:4B:53:D2:63:9F:07:8D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DlyhT0c_q5YQFVuJQUtT0mOfB40.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:74:4d:dc:e7:2f:b3:0a:ef:a9:05:f8:e4:d7:b5:a7:03:7c:
3a:8b:4c:3f:a7:6e:5e:a8:41:f0:1a:22:e7:a5:f2:8b:f8:5e:
ef:d2:51:9a:ef:c5:de:e3:c7:5b:f5:cc:5b:82:0d:46:f6:9c:
2f:0a:bd:2b:06:db:85:a4:02:fe:4d:05:6f:6d:27:12:eb:a4:
42:18:91:9c:c3:2d:4d:78:cc:b6:81:17:39:7a:80:74:07:f8:
cc:56:cd:1f:9e:e7:3b:81:fb:ba:96:ff:b0:f4:92:3e:1e:e1:
ea:31:00:93:b0:17:51:46:f0:e4:c9:ee:f1:5d:32:dd:ed:2d:
20:2a:6b:f4:b2:b7:a8:a2:39:a0:59:ec:a8:96:ae:5c:f8:ee:
a0:f4:9d:5b:fb:f2:d7:e6:e6:45:ab:f1:dc:8a:8b:15:7c:3b:
d9:f1:62:af:73:0e:ef:4d:bf:27:52:c1:4c:66:aa:5b:25:2b:
f3:57:12:8b:a1:ef:b7:3a:e5:e1:93:a7:6e:32:b0:1a:0d:f7:
21:dd:e7:95:3b:04:8e:5c:76:1f:19:82:bf:6e:fc:a3:00:84:
9a:3c:a4:28:82:00:bd:f4:5a:1e:21:c3:70:9c:e3:35:14:f4:
5e:7f:7f:c5:b0:6b:67:1f:95:d2:5e:98:f4:97:08:bd:6a:ec:
37:03:1a:7e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NDM4MDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBFNUNBMTRGNDczRkFC
OTYxMDE1NUI4OTQxNEI1M0QyNjM5RjA3OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYHae77H0qhGUxh4Pjy4WYYcc4YVMal1XfYWinmTDnOng9afqZ
boOGOov+9lFo63ep47xH9oTLZrPBpSiaQMlk7hEkl/InEYio6qyA7ZL6+VOvjVEi
FkoaKaJ61HfIMhuskmaU1n/ervIVU6zHz9GF+pL1pvX0Em6YYgvxsz0ftMTeDJ6Z
Ua2YrMKkrvRSf+/kyImQlgOKv7q/9h/WmJiSjH+t7rz3Az5amro9rM/+GDG168Sm
BlJfagDlT+BqCgBPgakqyM/aiMnwakL8NP3IYkqwRj9IOEi1fyBFZ+TMmiF4B1bm
n2WSY5YDHfs3majaWmzdFUNmKDWjlnhlGfDVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDlyhT0c/q5YQFVuJQUtT0mOfB40wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EbHloVDBjX3E1WVFGVnVK
UVV0VDBtT2ZCNDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ90TdznL7MK76kF+OTXtacDfDqLTD+nbl6o
QfAaIuel8ov4Xu/SUZrvxd7jx1v1zFuCDUb2nC8KvSsG24WkAv5NBW9tJxLrpEIY
kZzDLU14zLaBFzl6gHQH+MxWzR+e5zuB+7qW/7D0kj4e4eoxAJOwF1FG8OTJ7vFd
Mt3tLSAqa/Syt6iiOaBZ7KiWrlz47qD0nVv78tfm5kWr8dyKixV8O9nxYq9zDu9N
vydSwUxmqlslK/NXEouh77c65eGTp24ysBoN9yHd55U7BI5cdh8Zgr9u/KMAhJo8
pCiCAL30Wh4hw3Cc4zUU9F5/f8Wwa2cfldJemPSXCL1q7DcDGn4=
-----END CERTIFICATE-----
Generated at Sun Jun 22 15:00:45 2025 by rpki-client