Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/MS5JyZQZDh8Q5_JtyXiYsPlmadc.roa
File: MS5JyZQZDh8Q5_JtyXiYsPlmadc.roa (raw, json)
Hash identifier: enyZjCRydq+ntfdudDZknUa7A7yEkXZniRF1IKTpIGQ=
Subject key identifier: 31:2E:49:C9:94:19:0E:1F:10:E7:F2:6D:C9:78:98:B0:F9:66:69:D7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1AE8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MS5JyZQZDh8Q5_JtyXiYsPlmadc.roa
Signing time: Wed 11 Jun 2025 23:10:00 +0000
ROA not before: Wed 11 Jun 2025 23:10:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6888 (0x1ae8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 23:10:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=312E49C994190E1F10E7F26DC97898B0F96669D7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:09:f6:1e:7c:c4:bd:5a:ee:41:a2:46:14:d0:
06:fc:83:38:04:9c:08:0b:ca:6c:51:e7:71:53:09:
d2:dc:a8:c9:c7:b0:51:7f:47:86:12:17:73:5a:c5:
b6:ab:2e:79:d6:ed:26:28:0b:d8:00:56:a7:3d:45:
2f:72:9b:f0:40:8f:bb:bd:b8:5b:92:68:6e:e8:d0:
9d:47:27:c2:65:b2:01:45:a6:98:39:97:12:21:d8:
dd:c6:e9:4b:2c:cf:f4:c9:01:67:18:8c:3f:59:76:
9a:19:a1:05:97:ae:2c:22:57:8c:3a:a9:ee:e5:5a:
b9:0a:fa:70:02:f6:c7:f7:1f:06:bf:7e:f3:3a:12:
3a:75:57:c3:a2:87:d9:dd:2f:df:bf:c5:9b:df:fe:
fa:35:02:cd:ce:ae:02:12:67:8a:ca:69:ac:52:f5:
11:76:eb:ae:3b:f4:3d:24:9c:9b:fe:05:14:8d:57:
38:04:60:4c:41:b8:9a:42:3a:be:b5:7a:0d:aa:a3:
5b:65:48:30:d9:46:72:45:ea:14:b6:f9:3a:7a:4b:
da:c7:ee:68:9e:eb:2b:4a:f7:f5:c4:e6:40:f0:45:
e6:de:32:64:d8:99:0c:7a:cf:ac:4c:53:af:77:ed:
39:15:87:6a:76:ff:b2:60:1f:64:7b:41:ec:83:d9:
28:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2E:49:C9:94:19:0E:1F:10:E7:F2:6D:C9:78:98:B0:F9:66:69:D7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MS5JyZQZDh8Q5_JtyXiYsPlmadc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:78:af:f7:7f:99:62:d2:73:78:2b:e8:62:4b:e0:66:1b:80:
ca:f8:33:d9:bd:d5:12:da:34:57:d5:5f:0b:19:98:1b:64:c6:
1f:0e:a9:d4:fb:6d:c4:4c:de:70:a5:fb:69:3d:b6:91:0a:dd:
69:ee:33:22:a1:e7:1a:7c:31:5d:51:01:c5:ba:fb:dc:53:44:
17:93:38:9d:e3:61:24:51:e1:6e:f9:c4:70:0e:cb:fc:e4:c5:
89:5b:36:f2:f1:a2:db:31:2b:e8:dc:13:e2:fc:69:61:ed:b3:
aa:e0:43:69:27:25:48:cf:9d:30:2f:6f:06:59:7a:a5:5d:9f:
f7:96:cf:42:ca:da:a3:b6:99:a2:16:6b:b4:df:1a:61:a0:9f:
c3:ed:42:a4:d9:e4:b7:18:d8:7e:25:cd:b9:24:ec:ba:6f:ec:
76:36:4c:a2:e5:e3:50:c3:51:95:94:08:2a:f2:75:cd:0f:eb:
32:a6:da:20:22:80:09:c3:52:70:45:ac:5c:79:fa:f7:3d:18:
eb:80:d2:cf:3f:13:96:59:f0:96:de:20:9f:ad:ca:06:c7:81:
7f:02:0a:3e:8a:11:7a:2a:fe:76:6f:d1:6c:d7:27:03:26:9f:
57:90:88:e5:0f:ff:92:01:36:82:1c:13:21:ba:5a:1d:2b:95:
74:3c:2e:a9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEy
MzEwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMxMkU0OUM5OTQxOTBF
MUYxMEU3RjI2REM5Nzg5OEIwRjk2NjY5RDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcCfYefMS9Wu5BokYU0Ab8gzgEnAgLymxR53FTCdLcqMnHsFF/
R4YSF3NaxbarLnnW7SYoC9gAVqc9RS9ym/BAj7u9uFuSaG7o0J1HJ8JlsgFFppg5
lxIh2N3G6Ussz/TJAWcYjD9ZdpoZoQWXriwiV4w6qe7lWrkK+nAC9sf3Hwa/fvM6
Ejp1V8Oih9ndL9+/xZvf/vo1As3OrgISZ4rKaaxS9RF266479D0knJv+BRSNVzgE
YExBuJpCOr61eg2qo1tlSDDZRnJF6hS2+Tp6S9rH7mie6ytK9/XE5kDwRebeMmTY
mQx6z6xMU6937TkVh2p2/7JgH2R7QeyD2SjJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUMS5JyZQZDh8Q5/JtyXiYsPlmadcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NUzVKeVpRWkRoOFE1X0p0
eVhpWXNQbG1hZGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFV4r/d/mWLSc3gr6GJL4GYbgMr4M9m91RLa
NFfVXwsZmBtkxh8OqdT7bcRM3nCl+2k9tpEK3WnuMyKh5xp8MV1RAcW6+9xTRBeT
OJ3jYSRR4W75xHAOy/zkxYlbNvLxotsxK+jcE+L8aWHts6rgQ2knJUjPnTAvbwZZ
eqVdn/eWz0LK2qO2maIWa7TfGmGgn8PtQqTZ5LcY2H4lzbkk7Lpv7HY2TKLl41DD
UZWUCCrydc0P6zKm2iAigAnDUnBFrFx5+vc9GOuA0s8/E5ZZ8JbeIJ+tygbHgX8C
Cj6KEXoq/nZv0WzXJwMmn1eQiOUP/5IBNoIcEyG6Wh0rlXQ8Lqk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:28:11 2025 by rpki-client