Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4P_VHEbxN1LhvtqOWIofkVdzGaE.roa
File: 4P_VHEbxN1LhvtqOWIofkVdzGaE.roa (raw, json)
Hash identifier: nsBOPX9iAFIPB7QpIn62wtnCYkUt7L9GkIPfI/sbOxE=
Subject key identifier: E0:FF:D5:1C:46:F1:37:52:E1:BE:DA:8E:58:8A:1F:91:57:73:19:A1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0134
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4P_VHEbxN1LhvtqOWIofkVdzGaE.roa
Signing time: Thu 08 May 2025 16:37:44 +0000
ROA not before: Thu 08 May 2025 16:37:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308 (0x134)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 16:37:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E0FFD51C46F13752E1BEDA8E588A1F91577319A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:c9:0b:ed:fd:be:de:30:92:9b:67:e8:7d:
c1:25:60:48:9c:3c:64:60:90:29:d9:bc:45:65:e7:
e7:ef:1b:14:5c:66:ca:8e:de:01:3f:1e:40:a6:c1:
4d:7e:c4:eb:39:83:e5:31:a4:b1:f4:51:c8:a0:4d:
2b:09:6a:70:47:98:e7:47:71:e1:4f:47:1a:94:04:
05:12:5c:15:c5:c4:fa:a6:59:7c:53:4a:5b:de:90:
5a:54:57:96:5a:eb:3d:47:49:e5:b6:e4:e3:f3:17:
4b:f5:25:16:98:13:6b:98:02:dd:f1:cd:09:e5:ad:
0e:80:90:b3:9c:6f:70:37:d2:ab:25:b6:51:bf:63:
2e:9e:90:a4:a8:ce:98:cc:e8:13:aa:8a:61:c5:46:
ae:6e:66:8e:18:41:2b:13:1b:64:69:82:9f:47:30:
d0:a0:e7:46:77:67:7e:42:90:68:80:2f:2f:61:b1:
3c:5f:26:54:85:e5:c8:d2:14:12:49:21:4e:1a:ac:
4d:39:d5:f5:e2:3a:90:1b:29:5a:57:fd:2c:ec:c6:
38:61:16:9c:4f:5c:15:3a:9f:54:02:87:cc:f2:33:
dd:a3:7c:19:23:b2:db:f5:a7:dd:f6:45:12:3e:06:
c4:eb:2c:b6:9b:db:10:a8:59:f0:7c:e2:5e:ee:56:
42:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:FF:D5:1C:46:F1:37:52:E1:BE:DA:8E:58:8A:1F:91:57:73:19:A1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4P_VHEbxN1LhvtqOWIofkVdzGaE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:78:19:49:d7:6f:b2:54:38:1c:a3:ef:34:e5:4f:d3:6c:51:
d3:59:09:4a:9a:01:2b:f5:05:ca:34:e0:95:bc:15:3d:c6:d3:
ab:e3:2a:18:b7:c8:4a:26:5c:45:60:4b:9c:0d:5d:49:04:2f:
9f:8b:65:1a:fb:fd:bf:86:8e:47:94:a1:8f:f6:7c:e0:6b:52:
0b:94:30:7f:6c:2d:f5:ba:83:8a:9c:79:52:12:8c:0a:83:86:
a3:7c:ab:75:3a:0b:36:4a:5b:ba:54:86:d9:07:1f:b2:4d:ab:
fc:8e:2f:cb:5f:f8:3e:1c:8e:6e:be:d1:ae:8c:e0:36:9a:e7:
70:5b:17:fd:a1:10:da:42:82:6e:94:b5:5b:c8:4b:a4:9e:41:
09:e6:ef:c4:39:b8:d3:4d:26:23:d6:90:ad:ae:03:a3:15:64:
25:b8:65:0d:53:4f:44:33:b8:0f:99:ab:a2:5d:2a:9b:7e:0d:
14:73:60:8e:be:a5:22:c9:92:d0:a5:60:a2:d8:ab:96:33:59:
3b:14:86:13:1d:06:b5:8f:61:3d:1b:aa:70:0a:45:3e:67:91:
3a:6a:b6:cd:b0:e1:f0:36:9d:ef:8d:20:eb:eb:8f:fc:ca:88:
f0:41:88:71:82:62:ff:df:f8:31:6c:3a:3f:0a:57:d0:0b:c9:
4c:de:24:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICATQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
NjM3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUwRkZENTFDNDZGMTM3
NTJFMUJFREE4RTU4OEExRjkxNTc3MzE5QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6GskL7f2+3jCSm2fofcElYEicPGRgkCnZvEVl5+fvGxRcZsqO
3gE/HkCmwU1+xOs5g+UxpLH0UcigTSsJanBHmOdHceFPRxqUBAUSXBXFxPqmWXxT
SlvekFpUV5Za6z1HSeW25OPzF0v1JRaYE2uYAt3xzQnlrQ6AkLOcb3A30qsltlG/
Yy6ekKSozpjM6BOqimHFRq5uZo4YQSsTG2Rpgp9HMNCg50Z3Z35CkGiALy9hsTxf
JlSF5cjSFBJJIU4arE051fXiOpAbKVpX/SzsxjhhFpxPXBU6n1QCh8zyM92jfBkj
stv1p932RRI+BsTrLLab2xCoWfB84l7uVkIJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4P/VHEbxN1LhvtqOWIofkVdzGaEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80UF9WSEVieE4xTGh2dHFP
V0lvZmtWZHpHYUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGl4GUnXb7JUOByj7zTlT9NsUdNZCUqaASv1
Bco04JW8FT3G06vjKhi3yEomXEVgS5wNXUkEL5+LZRr7/b+GjkeUoY/2fOBrUguU
MH9sLfW6g4qceVISjAqDhqN8q3U6CzZKW7pUhtkHH7JNq/yOL8tf+D4cjm6+0a6M
4Daa53BbF/2hENpCgm6UtVvIS6SeQQnm78Q5uNNNJiPWkK2uA6MVZCW4ZQ1TT0Qz
uA+Zq6JdKpt+DRRzYI6+pSLJktClYKLYq5YzWTsUhhMdBrWPYT0bqnAKRT5nkTpq
ts2w4fA2ne+NIOvrj/zKiPBBiHGCYv/f+DFsOj8KV9ALyUzeJMc=
-----END CERTIFICATE-----
Generated at Sun May 18 13:32:22 2025 by rpki-client