Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8l19s617axIZyvPYCwW1RYkH6Ag.roa
File: 8l19s617axIZyvPYCwW1RYkH6Ag.roa (raw, json)
Hash identifier: fW5Rz/Ry36UlU+HnS6FAQm7Opzy2eSvLvA4bfHIvyFw=
Subject key identifier: F2:5D:7D:B3:AD:7B:6B:12:19:CA:F3:D8:0B:05:B5:45:89:07:E8:08
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02FC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8l19s617axIZyvPYCwW1RYkH6Ag.roa
Signing time: Sun 11 May 2025 01:37:50 +0000
ROA not before: Sun 11 May 2025 01:37:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 764 (0x2fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 01:37:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F25D7DB3AD7B6B1219CAF3D80B05B5458907E808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:dd:25:e5:17:d3:3a:7c:bc:ad:aa:35:15:62:
be:56:0c:f2:e3:36:0d:da:55:7d:0c:8b:8c:59:0d:
95:28:75:42:23:4b:f7:bf:81:98:a1:57:04:17:5b:
83:e4:f6:bf:fb:04:c0:8a:e2:f0:bd:e6:51:36:43:
07:2f:e8:56:e0:36:51:1f:3f:84:89:7b:f0:06:b3:
16:0e:8f:20:a2:02:56:26:40:42:29:ff:e6:d7:3f:
68:d0:23:6d:34:99:69:52:37:b6:be:f6:38:7a:15:
40:47:cf:4b:07:bb:7b:79:cf:6e:ca:47:23:0e:cb:
46:2c:68:48:74:21:12:a4:96:1b:33:e3:1b:bb:27:
fa:c2:23:93:26:01:26:66:a5:dc:cc:be:ad:c7:53:
77:a5:c5:8c:bc:1f:58:40:fd:f3:e4:1f:98:2b:92:
ef:26:7e:c4:b1:d4:e9:0a:d4:a9:35:dc:37:ce:30:
cf:5a:69:f8:e2:28:d3:a7:1d:e1:9b:e6:c6:92:ea:
13:f5:99:41:f9:37:3c:25:b1:4d:e1:e1:54:23:c4:
69:89:ea:c2:df:4a:ac:53:79:66:7a:1d:08:2b:f5:
71:f4:7b:0e:0e:1e:2e:4c:ec:41:6e:b6:33:bb:fd:
89:70:f1:11:86:72:94:7c:a8:cf:3c:cb:16:cf:3f:
90:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5D:7D:B3:AD:7B:6B:12:19:CA:F3:D8:0B:05:B5:45:89:07:E8:08
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8l19s617axIZyvPYCwW1RYkH6Ag.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:80:69:9d:4c:d6:9c:eb:3f:39:c6:b9:83:18:a9:00:f4:30:
d2:26:cb:8a:dc:d6:0b:6c:eb:ba:01:27:cb:25:b9:09:06:d9:
61:5d:a2:a4:81:8a:8c:ad:eb:31:51:c4:0c:14:db:42:5a:53:
f6:3c:c9:e1:61:51:08:d5:7f:3b:e3:b3:2f:35:b3:db:3a:bd:
eb:27:fa:2d:06:e7:97:b6:29:3b:db:cf:5b:f1:9b:1d:61:a7:
3f:7e:c1:19:bc:46:82:5f:db:c4:a9:58:49:1a:04:78:02:ab:
16:f5:6c:80:63:5a:3c:b3:09:41:6c:d3:ad:49:eb:2d:60:9e:
2d:fd:12:07:60:86:73:13:3c:21:d8:d9:41:19:1e:36:3b:2b:
23:69:10:08:3f:85:da:b1:d1:43:6e:56:6f:d5:77:a1:47:cb:
58:7f:ad:79:a1:4f:95:53:bd:ae:7d:b7:69:07:6a:11:96:c3:
c0:82:f2:7f:c0:61:05:a2:30:62:aa:bb:01:34:68:0e:e4:77:
d8:9b:03:36:c6:c4:eb:30:35:66:70:3a:17:58:65:8c:94:c9:
68:aa:46:b1:8e:9c:e0:d6:df:ed:4d:d3:7b:c2:5e:f5:3d:a1:
bc:77:b9:fe:70:c3:00:53:86:5f:4a:fc:06:66:ea:54:8a:53:
de:67:23:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAvwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
MTM3NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYyNUQ3REIzQUQ3QjZC
MTIxOUNBRjNEODBCMDVCNTQ1ODkwN0U4MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX3SXlF9M6fLytqjUVYr5WDPLjNg3aVX0Mi4xZDZUodUIjS/e/
gZihVwQXW4Pk9r/7BMCK4vC95lE2Qwcv6FbgNlEfP4SJe/AGsxYOjyCiAlYmQEIp
/+bXP2jQI200mWlSN7a+9jh6FUBHz0sHu3t5z27KRyMOy0YsaEh0IRKklhsz4xu7
J/rCI5MmASZmpdzMvq3HU3elxYy8H1hA/fPkH5grku8mfsSx1OkK1Kk13DfOMM9a
afjiKNOnHeGb5saS6hP1mUH5NzwlsU3h4VQjxGmJ6sLfSqxTeWZ6HQgr9XH0ew4O
Hi5M7EFutjO7/Ylw8RGGcpR8qM88yxbPP5DvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8l19s617axIZyvPYCwW1RYkH6AgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84bDE5czYxN2F4SVp5dlBZ
Q3dXMVJZa0g2QWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKKAaZ1M1pzrPznGuYMYqQD0MNImy4rc1gts
67oBJ8sluQkG2WFdoqSBioyt6zFRxAwU20JaU/Y8yeFhUQjVfzvjsy81s9s6vesn
+i0G55e2KTvbz1vxmx1hpz9+wRm8RoJf28SpWEkaBHgCqxb1bIBjWjyzCUFs061J
6y1gni39EgdghnMTPCHY2UEZHjY7KyNpEAg/hdqx0UNuVm/Vd6FHy1h/rXmhT5VT
va59t2kHahGWw8CC8n/AYQWiMGKquwE0aA7kd9ibAzbGxOswNWZwOhdYZYyUyWiq
RrGOnODW3+1N03vCXvU9obx3uf5wwwBThl9K/AZm6lSKU95nI4s=
-----END CERTIFICATE-----
Generated at Sat May 17 23:39:39 2025 by rpki-client