Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-Cl8tna_12fx8tyFXSKtp28c130.roa
File: -Cl8tna_12fx8tyFXSKtp28c130.roa (raw, json)
Hash identifier: myvGQPD8rPiKT1ymM2j+/BhNO6Cpq1qTrI6Y2vWPWww=
Subject key identifier: F8:29:7C:B6:76:BF:D7:67:F1:F2:DC:85:5D:22:AD:A7:6F:1C:D7:7D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0618
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-Cl8tna_12fx8tyFXSKtp28c130.roa
Signing time: Thu 15 May 2025 05:08:08 +0000
ROA not before: Thu 15 May 2025 05:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1560 (0x618)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 05:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F8297CB676BFD767F1F2DC855D22ADA76F1CD77D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:5c:64:f0:98:53:55:1c:10:03:1f:2d:fc:6e:
88:4b:cc:5d:94:a5:34:b6:29:9a:0f:bf:fc:8d:86:
e2:40:97:9c:4b:e6:8d:70:32:fb:6f:83:4a:be:0b:
ff:fa:ee:40:79:95:2f:9d:9d:0f:3a:ca:b7:e7:e5:
db:8c:3f:72:d6:32:9d:2c:bb:b8:22:9e:cc:4f:b6:
4e:4b:ad:9f:fe:7b:80:e1:b1:99:82:ff:c0:fe:73:
d5:37:9c:80:db:e3:8f:8e:89:a4:a3:0a:0d:a5:29:
76:3b:1e:7d:bc:67:75:3a:ab:c9:ed:ed:16:42:f1:
5e:d2:a6:bd:39:ab:99:96:ac:de:ea:f0:81:bd:2f:
91:ed:63:3c:f2:e5:75:b9:1a:f5:c4:ed:b5:a3:83:
a6:f0:6c:90:0d:54:ed:d0:2c:02:9f:fe:ea:5f:a4:
f2:61:dc:f3:43:14:10:71:ad:2d:0c:1f:11:28:86:
10:7e:96:9b:5c:5a:a1:1c:80:23:1b:0f:d7:b3:52:
3f:63:ad:b8:71:93:4a:44:bd:a7:57:83:67:8a:fd:
7d:6c:bf:88:6a:35:7b:9c:d7:8f:0a:69:6b:f0:1e:
15:18:95:ac:d6:e6:c5:7a:f9:6b:26:16:37:a0:9d:
23:e8:f7:b6:f2:ee:89:51:5e:9b:fa:82:68:af:46:
11:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:29:7C:B6:76:BF:D7:67:F1:F2:DC:85:5D:22:AD:A7:6F:1C:D7:7D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-Cl8tna_12fx8tyFXSKtp28c130.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:3d:0d:91:a0:12:35:7e:6c:9a:56:99:05:15:b1:60:44:7e:
92:17:8b:58:5b:c8:14:7e:1d:4a:52:d8:cd:d8:88:2d:ad:79:
e3:2c:d0:42:0f:fc:6e:0c:04:ba:c0:ef:d5:a8:d3:fc:79:34:
09:76:fc:88:01:18:b8:86:dc:66:47:47:1f:5f:29:fa:9b:0c:
75:08:41:0f:2e:ba:2a:24:36:dc:98:6d:d2:22:b5:c3:47:77:
01:8f:92:a2:7e:e6:26:01:7a:6c:34:dd:ca:70:b1:d3:ef:3f:
8b:10:88:4c:9b:1e:6c:8c:45:88:28:dc:b6:24:f2:f8:d9:3c:
d1:19:c7:d8:ad:96:75:83:ec:89:dc:ca:92:87:bb:71:4f:27:
13:ca:a6:56:ae:b5:b4:96:d1:38:59:0d:29:b4:a0:72:a4:e4:
54:30:d2:16:24:ef:1b:be:b4:d2:c1:4b:a2:9e:a1:e3:11:9c:
ab:27:f3:0b:98:df:19:b6:bb:84:f6:86:92:4a:2e:64:e3:11:
09:ff:eb:ed:ba:32:b1:ef:97:03:8a:70:db:b6:a5:0e:14:dd:
bf:e9:cc:0f:fb:85:82:0c:c1:8f:f3:a9:31:2f:1a:3e:73:a5:
08:3c:d6:cd:ce:6f:a2:02:87:cb:a0:0a:8c:50:50:89:9f:ef:
ee:12:48:e2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBhgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY4Mjk3Q0I2NzZCRkQ3
NjdGMUYyREM4NTVEMjJBREE3NkYxQ0Q3N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqXGTwmFNVHBADHy38bohLzF2UpTS2KZoPv/yNhuJAl5xL5o1w
Mvtvg0q+C//67kB5lS+dnQ86yrfn5duMP3LWMp0su7ginsxPtk5LrZ/+e4DhsZmC
/8D+c9U3nIDb44+OiaSjCg2lKXY7Hn28Z3U6q8nt7RZC8V7Spr05q5mWrN7q8IG9
L5HtYzzy5XW5GvXE7bWjg6bwbJANVO3QLAKf/upfpPJh3PNDFBBxrS0MHxEohhB+
lptcWqEcgCMbD9ezUj9jrbhxk0pEvadXg2eK/X1sv4hqNXuc148KaWvwHhUYlazW
5sV6+WsmFjegnSPo97by7olRXpv6gmivRhHbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+Cl8tna/12fx8tyFXSKtp28c130wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tQ2w4dG5hXzEyZng4dHlG
WFNLdHAyOGMxMzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHc9DZGgEjV+bJpWmQUVsWBEfpIXi1hbyBR+
HUpS2M3YiC2teeMs0EIP/G4MBLrA79Wo0/x5NAl2/IgBGLiG3GZHRx9fKfqbDHUI
QQ8uuiokNtyYbdIitcNHdwGPkqJ+5iYBemw03cpwsdPvP4sQiEybHmyMRYgo3LYk
8vjZPNEZx9itlnWD7IncypKHu3FPJxPKplautbSW0ThZDSm0oHKk5FQw0hYk7xu+
tNLBS6KeoeMRnKsn8wuY3xm2u4T2hpJKLmTjEQn/6+26MrHvlwOKcNu2pQ4U3b/p
zA/7hYIMwY/zqTEvGj5zpQg81s3Ob6ICh8ugCoxQUImf7+4SSOI=
-----END CERTIFICATE-----
Generated at Sun May 18 20:15:52 2025 by rpki-client