Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Aw-kbP17rgiMiZ5JIN5zvySLrNg.roa
File: Aw-kbP17rgiMiZ5JIN5zvySLrNg.roa (raw, json)
Hash identifier: pOoQZCoA8eFEYt1D2spQHuXQRvy8Nwzz/it6+KPKC6Q=
Subject key identifier: 03:0F:A4:6C:FD:7B:AE:08:8C:89:9E:49:20:DE:73:BF:24:8B:AC:D8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0258
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Aw-kbP17rgiMiZ5JIN5zvySLrNg.roa
Signing time: Sat 10 May 2025 05:08:22 +0000
ROA not before: Sat 10 May 2025 05:08:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 600 (0x258)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 05:08:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=030FA46CFD7BAE088C899E4920DE73BF248BACD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:f8:0c:a3:dc:c0:9c:39:13:cc:6c:a1:db:
4e:35:8f:fa:b5:d6:a0:d4:27:d7:b1:d6:49:e9:79:
03:9e:8d:d3:d8:77:bd:a7:95:a1:e9:75:82:df:15:
6f:5c:21:9d:cb:9c:be:96:39:e7:c7:14:67:b6:d3:
7e:5f:26:eb:fc:75:19:89:11:c6:55:b5:77:66:37:
fa:ca:d8:2a:91:61:42:e1:ea:d0:6d:47:30:3c:c3:
32:b2:dc:42:16:b5:c4:85:c0:b2:57:a3:01:c3:e8:
e5:86:3e:28:31:3d:3a:ae:32:12:98:85:94:9b:58:
ed:99:8f:b5:bf:d3:2c:5e:2f:6d:71:5b:be:ce:ec:
70:81:26:58:c0:c7:fd:aa:ab:fe:86:7e:90:42:1e:
f5:aa:40:96:f8:cc:3e:eb:19:9a:df:6d:38:7a:60:
75:19:bd:ca:bb:09:e0:72:ce:74:0d:fb:35:66:22:
b9:38:05:e5:46:52:73:65:6d:8b:f0:5a:5a:3a:55:
11:68:dd:bc:e3:af:ef:7e:d7:fb:c5:c6:e8:79:5e:
1d:37:0c:bc:bf:d7:d1:72:2b:63:b3:34:84:22:b7:
09:6a:ae:86:43:d2:0b:f5:ce:4b:9e:0c:72:a7:2e:
c4:bf:ef:68:d5:8f:a3:b0:d0:f8:31:09:70:5a:7d:
0c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0F:A4:6C:FD:7B:AE:08:8C:89:9E:49:20:DE:73:BF:24:8B:AC:D8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Aw-kbP17rgiMiZ5JIN5zvySLrNg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:da:45:36:70:6c:fc:b4:93:7d:87:25:ff:c9:6d:a5:bd:26:
0b:6b:41:34:e0:2f:86:ff:1f:c3:33:07:6d:20:c4:4c:29:ab:
6e:1c:54:8e:cc:2e:8e:9e:e7:16:e4:53:07:9c:e4:6a:8e:88:
89:e6:1a:c0:bd:3b:7d:10:15:70:3b:10:2b:1a:2f:b0:3e:e2:
07:5f:37:45:6a:a6:65:d8:82:34:55:a5:c4:15:97:f0:6b:23:
26:ab:c3:4b:37:c2:af:39:dc:bc:4d:99:94:ef:5f:ef:20:6d:
e8:0a:13:41:53:8d:8e:29:11:bb:be:33:7d:49:70:90:fe:5b:
29:94:4f:01:34:2f:cc:ce:4b:a3:dd:be:39:43:21:8b:c6:f7:
bd:4f:c3:2a:18:63:30:6e:00:21:c0:11:bd:98:57:9d:62:5b:
a2:e9:2a:5b:68:21:00:0a:bf:01:a0:a2:57:42:9f:65:70:36:
ea:ed:79:a4:43:cf:d4:b2:8b:c3:a6:83:73:e9:51:8e:63:da:
68:fa:4d:37:48:fa:f2:2f:35:6f:a5:ec:99:b0:a4:8c:51:28:
d4:d1:50:d4:70:0e:b4:56:62:ec:85:af:51:fb:d0:af:a8:8f:
63:7c:52:3d:75:fa:bd:57:ac:df:1e:95:86:d4:b3:35:8f:99:
60:d5:3f:fb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
NTA4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAzMEZBNDZDRkQ3QkFF
MDg4Qzg5OUU0OTIwREU3M0JGMjQ4QkFDRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKJvgMo9zAnDkTzGyh2041j/q11qDUJ9ex1knpeQOejdPYd72n
laHpdYLfFW9cIZ3LnL6WOefHFGe2035fJuv8dRmJEcZVtXdmN/rK2CqRYULh6tBt
RzA8wzKy3EIWtcSFwLJXowHD6OWGPigxPTquMhKYhZSbWO2Zj7W/0yxeL21xW77O
7HCBJljAx/2qq/6GfpBCHvWqQJb4zD7rGZrfbTh6YHUZvcq7CeByznQN+zVmIrk4
BeVGUnNlbYvwWlo6VRFo3bzjr+9+1/vFxuh5Xh03DLy/19FyK2OzNIQitwlqroZD
0gv1zkueDHKnLsS/72jVj6Ow0PgxCXBafQw3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAw+kbP17rgiMiZ5JIN5zvySLrNgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Bdy1rYlAxN3JnaU1pWjVK
SU41enZ5U0xyTmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAbaRTZwbPy0k32HJf/JbaW9JgtrQTTgL4b/
H8MzB20gxEwpq24cVI7MLo6e5xbkUwec5GqOiInmGsC9O30QFXA7ECsaL7A+4gdf
N0VqpmXYgjRVpcQVl/BrIyarw0s3wq853LxNmZTvX+8gbegKE0FTjY4pEbu+M31J
cJD+WymUTwE0L8zOS6PdvjlDIYvG971PwyoYYzBuACHAEb2YV51iW6LpKltoIQAK
vwGgoldCn2VwNurteaRDz9Syi8Omg3PpUY5j2mj6TTdI+vIvNW+l7JmwpIxRKNTR
UNRwDrRWYuyFr1H70K+oj2N8Uj11+r1XrN8elYbUszWPmWDVP/s=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:21 2025 by rpki-client