Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8qaGALeeOpRaVUkqzA-0xTPlxy0.roa
File: 8qaGALeeOpRaVUkqzA-0xTPlxy0.roa (raw, json)
Hash identifier: gR2i43bQevuFpTbUf2RaB/OUej/53+8l3qABC9tSbtM=
Subject key identifier: F2:A6:86:00:B7:9E:3A:94:5A:55:49:2A:CC:0F:B4:C5:33:E5:C7:2D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04D8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8qaGALeeOpRaVUkqzA-0xTPlxy0.roa
Signing time: Tue 13 May 2025 13:08:00 +0000
ROA not before: Tue 13 May 2025 13:08:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1240 (0x4d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 13:08:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F2A68600B79E3A945A55492ACC0FB4C533E5C72D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:13:13:a3:ea:88:2c:4d:0c:12:aa:89:5e:c6:
d4:7c:d5:ec:13:cc:7a:51:d7:51:02:18:32:48:fa:
79:93:ef:af:13:f4:2b:99:15:41:57:c3:48:37:b5:
4c:48:49:f6:7b:3f:73:b6:65:55:86:7d:f2:55:e6:
15:aa:e9:ff:c8:47:0a:82:34:a3:ad:8d:3f:87:a0:
d2:70:9c:50:89:d6:9d:d9:f1:b3:e6:74:5b:44:0f:
5c:e0:3e:df:25:36:cf:20:4f:5e:2c:73:4d:43:6e:
9f:e2:86:88:3a:bd:61:d6:ec:10:44:dd:ca:51:91:
b9:08:2b:aa:dc:4a:c0:d3:45:b3:1e:d4:bd:28:5b:
0b:9d:18:ed:81:76:01:ae:36:f4:aa:aa:b9:d4:38:
1d:eb:af:5e:5e:43:8a:20:64:86:f5:68:45:95:2c:
9c:92:25:1b:2a:31:fa:a8:37:66:42:f8:00:eb:46:
42:05:0f:95:46:1a:47:d2:4f:4f:fc:63:19:57:0e:
ab:3e:0a:c6:4e:3f:18:34:a4:44:c8:ee:8a:ac:ab:
42:16:86:40:6a:93:f7:07:0f:3f:4a:7e:f8:24:00:
2a:d4:46:b0:68:54:b0:e6:b4:15:4c:28:4f:17:5e:
0f:cc:0e:d6:b5:75:fb:4b:11:0c:84:2f:04:02:24:
7a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A6:86:00:B7:9E:3A:94:5A:55:49:2A:CC:0F:B4:C5:33:E5:C7:2D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8qaGALeeOpRaVUkqzA-0xTPlxy0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:ab:05:ec:c1:13:b0:ed:9a:37:b2:02:4e:7a:e6:fc:ce:2a:
7d:92:23:ba:36:47:3f:4c:3f:0e:64:52:74:71:26:fb:83:cc:
5b:06:2e:c2:55:3e:b6:7b:ca:9a:70:61:17:31:74:48:a0:90:
19:95:13:63:ca:3d:21:df:9a:84:fa:79:87:05:39:05:ed:57:
50:18:92:e3:b9:3c:40:02:55:44:28:df:11:b3:3f:a2:29:89:
ee:02:50:fc:2b:d2:77:27:2f:f6:93:76:9a:a5:b0:b8:75:64:
d5:4a:1a:32:0f:aa:d1:d0:3d:04:97:6a:71:df:ac:c7:2c:29:
c5:cf:12:7d:21:25:60:1c:eb:c8:f1:84:74:39:cf:c7:b8:ef:
06:ea:86:5b:17:a0:97:da:1d:68:12:ed:98:4d:96:c6:78:8a:
75:9f:68:d3:af:7a:16:a3:bf:62:11:9c:87:0d:b2:46:ae:be:
6a:6a:d5:f1:24:4a:fd:c8:3e:2c:04:90:75:95:cd:00:93:d3:
b9:3a:d6:88:05:61:ee:a0:b9:55:82:c8:46:96:a0:29:33:12:
f4:b6:90:ab:c8:90:24:a1:18:65:7b:29:a9:0b:3d:97:42:97:
e4:14:27:3f:56:f3:cc:9c:08:b9:52:d3:5b:77:a5:fd:fa:b2:
f0:64:1c:95
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
MzA4MDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYyQTY4NjAwQjc5RTNB
OTQ1QTU1NDkyQUNDMEZCNEM1MzNFNUM3MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJExOj6ogsTQwSqolextR81ewTzHpR11ECGDJI+nmT768T9CuZ
FUFXw0g3tUxISfZ7P3O2ZVWGffJV5hWq6f/IRwqCNKOtjT+HoNJwnFCJ1p3Z8bPm
dFtED1zgPt8lNs8gT14sc01Dbp/ihog6vWHW7BBE3cpRkbkIK6rcSsDTRbMe1L0o
WwudGO2BdgGuNvSqqrnUOB3rr15eQ4ogZIb1aEWVLJySJRsqMfqoN2ZC+ADrRkIF
D5VGGkfST0/8YxlXDqs+CsZOPxg0pETI7oqsq0IWhkBqk/cHDz9KfvgkACrURrBo
VLDmtBVMKE8XXg/MDta1dftLEQyELwQCJHprAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8qaGALeeOpRaVUkqzA+0xTPlxy0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84cWFHQUxlZU9wUmFWVWtx
ekEtMHhUUGx4eTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAG2rBezBE7DtmjeyAk565vzOKn2SI7o2Rz9M
Pw5kUnRxJvuDzFsGLsJVPrZ7yppwYRcxdEigkBmVE2PKPSHfmoT6eYcFOQXtV1AY
kuO5PEACVUQo3xGzP6Ipie4CUPwr0ncnL/aTdpqlsLh1ZNVKGjIPqtHQPQSXanHf
rMcsKcXPEn0hJWAc68jxhHQ5z8e47wbqhlsXoJfaHWgS7ZhNlsZ4inWfaNOvehaj
v2IRnIcNskauvmpq1fEkSv3IPiwEkHWVzQCT07k61ogFYe6guVWCyEaWoCkzEvS2
kKvIkCShGGV7KakLPZdCl+QUJz9W88ycCLlS01t3pf36svBkHJU=
-----END CERTIFICATE-----
Generated at Sun May 18 04:51:54 2025 by rpki-client