Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LVKsAZ5lL_d5jhf0Pv50chc_dbk.roa
File: LVKsAZ5lL_d5jhf0Pv50chc_dbk.roa (raw, json)
Hash identifier: 6LlrIJ3/G/ZV5qjl5HBDtWM0EMLuLAvtXGRbhnqp/LY=
Subject key identifier: 2D:52:AC:01:9E:65:2F:F7:79:8E:17:F4:3E:FE:74:72:17:3F:75:B9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D78
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LVKsAZ5lL_d5jhf0Pv50chc_dbk.roa
Signing time: Sun 25 May 2025 01:08:33 +0000
ROA not before: Sun 25 May 2025 01:08:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3448 (0xd78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 01:08:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2D52AC019E652FF7798E17F43EFE7472173F75B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:23:56:1a:6c:b8:da:81:c3:91:b3:94:9f:3d:
2e:3c:79:e3:b8:13:d9:24:12:6d:2f:fe:36:ab:86:
fd:00:b8:f0:b0:43:a2:72:12:5d:3c:d3:09:58:9a:
5a:fb:6c:c5:9e:b5:b7:2b:1b:d3:e6:99:ae:4a:e9:
5c:8e:4a:46:e2:93:86:72:4d:36:80:ef:5d:5c:9b:
e1:93:3f:77:ac:c4:94:db:6c:02:86:75:a1:87:5b:
46:6f:bc:94:b6:a3:da:05:ab:50:76:d4:37:4b:09:
ff:4d:23:4d:25:78:91:07:c7:89:99:f4:38:3b:fc:
97:88:fa:00:62:f1:2b:a5:3f:79:31:32:f3:ec:69:
76:c8:7d:87:4a:e5:63:4c:71:4c:04:2b:03:45:4d:
0a:89:46:04:82:3f:7d:e1:b7:c7:8a:ce:33:40:fc:
14:3f:c5:4a:61:86:26:3a:c3:9e:b4:d6:c1:3a:8c:
b5:2b:82:01:9a:a1:c5:8c:49:e0:25:a4:8d:59:95:
89:99:e2:4f:f9:ad:59:d9:ba:54:62:c6:14:f4:b2:
1d:2e:f1:72:b0:bc:df:dd:da:6a:83:3b:75:d7:96:
8b:38:f9:47:07:86:5d:bb:ab:8d:b8:0a:79:ea:8e:
c0:2c:8e:e7:c5:c4:c6:7b:b7:99:ce:f8:d9:1e:2e:
3e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:52:AC:01:9E:65:2F:F7:79:8E:17:F4:3E:FE:74:72:17:3F:75:B9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LVKsAZ5lL_d5jhf0Pv50chc_dbk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:a4:9b:ff:d3:04:8c:b4:b2:02:2e:3d:01:83:06:d2:c8:2a:
fd:33:98:bf:7c:1b:24:6c:fa:26:a9:e6:33:bf:3d:bd:b5:51:
c6:24:c8:3c:40:59:84:6b:90:0f:93:eb:a1:2f:a5:86:63:d2:
eb:88:69:8f:e3:9d:dd:28:42:cf:c7:ed:5d:eb:e1:be:19:97:
cf:29:19:e1:c4:c8:bf:10:3e:2d:98:e2:81:79:cb:22:59:2c:
1f:30:8a:d8:61:cf:79:31:a9:fe:df:5c:a3:c7:02:23:e8:fd:
af:6c:d3:d1:a3:3c:a8:0b:46:01:0b:de:93:c8:1a:2f:8c:cf:
ba:80:b5:ea:9b:2f:51:dc:87:d6:5f:21:f5:7a:39:7c:f3:95:
db:de:58:dd:a4:a7:f3:e0:5e:30:df:ca:b8:62:99:ec:22:72:
59:6b:4c:f8:05:f7:f5:b9:ba:87:d0:9f:5d:25:f2:2a:b6:18:
3d:44:10:c6:e9:e2:b9:a9:1e:d1:22:c4:5a:b1:6a:e6:cd:a8:
ff:05:19:07:58:4d:91:15:92:d4:36:fc:21:30:d6:fa:b3:d0:
b8:bd:74:9f:42:e4:01:cc:68:be:d2:8a:19:c6:e0:54:2a:8e:
30:bc:1c:16:ad:5f:aa:b1:ea:6f:fb:53:b1:20:53:95:5a:9d:
bf:c2:7f:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDXgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
MTA4MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJENTJBQzAxOUU2NTJG
Rjc3OThFMTdGNDNFRkU3NDcyMTczRjc1QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmI1YabLjagcORs5SfPS48eeO4E9kkEm0v/jarhv0AuPCwQ6Jy
El080wlYmlr7bMWetbcrG9Pmma5K6VyOSkbik4ZyTTaA711cm+GTP3esxJTbbAKG
daGHW0ZvvJS2o9oFq1B21DdLCf9NI00leJEHx4mZ9Dg7/JeI+gBi8SulP3kxMvPs
aXbIfYdK5WNMcUwEKwNFTQqJRgSCP33ht8eKzjNA/BQ/xUphhiY6w5601sE6jLUr
ggGaocWMSeAlpI1ZlYmZ4k/5rVnZulRixhT0sh0u8XKwvN/d2mqDO3XXlos4+UcH
hl27q424CnnqjsAsjufFxMZ7t5nO+NkeLj7pAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULVKsAZ5lL/d5jhf0Pv50chc/dbkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MVktzQVo1bExfZDVqaGYw
UHY1MGNoY19kYmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAD6km//TBIy0sgIuPQGDBtLIKv0zmL98GyRs
+iap5jO/Pb21UcYkyDxAWYRrkA+T66EvpYZj0uuIaY/jnd0oQs/H7V3r4b4Zl88p
GeHEyL8QPi2Y4oF5yyJZLB8withhz3kxqf7fXKPHAiPo/a9s09GjPKgLRgEL3pPI
Gi+Mz7qAteqbL1Hch9ZfIfV6OXzzldveWN2kp/PgXjDfyrhimewicllrTPgF9/W5
uofQn10l8iq2GD1EEMbp4rmpHtEixFqxaubNqP8FGQdYTZEVktQ2/CEw1vqz0Li9
dJ9C5AHMaL7SihnG4FQqjjC8HBatX6qx6m/7U7EgU5Vanb/Cf5I=
-----END CERTIFICATE-----
Generated at Sun Jun 22 10:53:34 2025 by rpki-client