Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sILXlLLUxr65NMJV3pdHhz5rYeM.roa
File: sILXlLLUxr65NMJV3pdHhz5rYeM.roa (raw, json)
Hash identifier: LzmR5iiVFVb2+MsbrEBbEvsXgxp32WgplOnnM7CAgAc=
Subject key identifier: B0:82:D7:94:B2:D4:C6:BE:B9:34:C2:55:DE:97:47:87:3E:6B:61:E3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0608
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sILXlLLUxr65NMJV3pdHhz5rYeM.roa
Signing time: Thu 15 May 2025 03:08:00 +0000
ROA not before: Thu 15 May 2025 03:08:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1544 (0x608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 03:08:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B082D794B2D4C6BEB934C255DE9747873E6B61E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:25:fe:9d:e2:fd:0b:35:a9:90:83:61:2b:cf:
f7:89:70:93:ce:12:47:c5:23:e6:dc:81:eb:96:2b:
e0:d3:e5:38:aa:98:20:88:30:21:2b:5a:1f:bf:aa:
1d:ff:c8:30:05:f3:dc:09:8b:3d:6d:67:57:45:67:
d8:5a:3a:af:3a:22:1e:32:34:ac:33:ae:1d:ca:75:
8a:2f:9d:51:88:b4:eb:83:0c:ea:88:94:fb:ac:46:
f5:75:af:b0:b4:9b:5e:94:0c:47:18:f0:a3:ee:f9:
ef:ac:d3:c3:6c:e5:7b:bf:e1:45:b5:05:d0:3a:5e:
fe:ef:21:e9:cf:b3:c4:1a:01:f8:21:3b:4d:7b:40:
aa:c0:6a:ff:d2:9c:56:09:fc:73:bb:a1:4d:31:6c:
9f:3f:73:b7:43:b5:85:3f:fd:d9:f3:83:56:fb:f4:
88:43:57:4d:ae:66:72:64:1c:9b:e5:ad:90:13:42:
df:ef:11:1b:81:1e:74:d6:5d:46:98:99:76:c8:e6:
3d:a5:b5:6b:f9:3d:a3:f2:1c:f3:b9:f0:c6:18:ce:
d4:b4:42:74:fa:99:58:95:38:18:58:c8:2e:5d:a9:
e3:9e:11:04:62:b3:26:db:03:7d:f8:e6:6c:2e:c6:
03:d4:8e:12:46:3a:3d:99:dd:7f:08:64:ed:32:45:
ae:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:82:D7:94:B2:D4:C6:BE:B9:34:C2:55:DE:97:47:87:3E:6B:61:E3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sILXlLLUxr65NMJV3pdHhz5rYeM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:90:23:f7:58:1b:68:a2:f9:49:a2:8d:73:6a:74:64:9f:1c:
cc:b7:ce:b4:44:da:58:b1:0a:73:9c:ee:c4:f3:d6:9d:0b:d1:
ae:b5:14:e5:5d:81:ca:68:f5:35:b1:fd:88:41:5c:2a:70:d3:
fa:50:15:98:b0:ff:73:a6:a0:05:7e:2d:87:d9:c3:84:69:db:
52:54:33:47:61:27:78:dc:be:3a:18:d9:9e:6a:8e:8e:f8:56:
8d:f0:dd:88:1f:03:e1:4a:3a:b3:95:b4:aa:1c:7a:b0:64:09:
1d:26:34:1b:73:36:3c:31:c4:6f:76:7b:9b:6e:29:d0:85:91:
fb:09:09:60:d1:93:e1:c3:ad:13:20:16:80:17:33:a7:95:37:
54:bb:d9:d7:bf:1c:c2:6e:d2:1b:e7:87:b3:9c:f4:15:67:9c:
13:ba:c6:d7:a2:37:9d:f2:76:8b:60:c6:26:41:dc:e1:1a:72:
3c:74:47:54:fa:47:a3:86:cb:68:e6:67:23:69:a3:27:a4:54:
85:e6:fa:1d:3c:a7:9b:d2:9e:ab:ed:df:5f:ad:d6:c1:a1:44:
c2:b2:8c:2f:2f:e9:b0:2c:9b:a7:cb:50:16:9f:cc:b9:33:c1:
6c:c7:8f:28:1f:0a:8f:6b:33:80:a8:4f:bc:ed:3f:d0:f4:90:
b0:42:ef:68
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MzA4MDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIwODJENzk0QjJENEM2
QkVCOTM0QzI1NURFOTc0Nzg3M0U2QjYxRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFJf6d4v0LNamQg2Erz/eJcJPOEkfFI+bcgeuWK+DT5TiqmCCI
MCErWh+/qh3/yDAF89wJiz1tZ1dFZ9haOq86Ih4yNKwzrh3KdYovnVGItOuDDOqI
lPusRvV1r7C0m16UDEcY8KPu+e+s08Ns5Xu/4UW1BdA6Xv7vIenPs8QaAfghO017
QKrAav/SnFYJ/HO7oU0xbJ8/c7dDtYU//dnzg1b79IhDV02uZnJkHJvlrZATQt/v
ERuBHnTWXUaYmXbI5j2ltWv5PaPyHPO58MYYztS0QnT6mViVOBhYyC5dqeOeEQRi
sybbA3345mwuxgPUjhJGOj2Z3X8IZO0yRa61AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsILXlLLUxr65NMJV3pdHhz5rYeMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zSUxYbExMVXhyNjVOTUpW
M3BkSGh6NXJZZU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEuQI/dYG2ii+UmijXNqdGSfHMy3zrRE2lix
CnOc7sTz1p0L0a61FOVdgcpo9TWx/YhBXCpw0/pQFZiw/3OmoAV+LYfZw4Rp21JU
M0dhJ3jcvjoY2Z5qjo74Vo3w3YgfA+FKOrOVtKocerBkCR0mNBtzNjwxxG92e5tu
KdCFkfsJCWDRk+HDrRMgFoAXM6eVN1S72de/HMJu0hvnh7Oc9BVnnBO6xteiN53y
dotgxiZB3OEacjx0R1T6R6OGy2jmZyNpoyekVIXm+h08p5vSnqvt31+t1sGhRMKy
jC8v6bAsm6fLUBafzLkzwWzHjygfCo9rM4CoT7ztP9D0kLBC72g=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:38:23 2025 by rpki-client