Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FS2uX2qRSS7iabOcf1xtGFe18Xs.roa
File: FS2uX2qRSS7iabOcf1xtGFe18Xs.roa (raw, json)
Hash identifier: ZXbJzM4lg12Aw0y+cAb82hT/GCtrkT638m8MKV0o+P8=
Subject key identifier: 15:2D:AE:5F:6A:91:49:2E:E2:69:B3:9C:7F:5C:6D:18:57:B5:F1:7B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0640
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FS2uX2qRSS7iabOcf1xtGFe18Xs.roa
Signing time: Thu 15 May 2025 10:08:01 +0000
ROA not before: Thu 15 May 2025 10:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1600 (0x640)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 10:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=152DAE5F6A91492EE269B39C7F5C6D1857B5F17B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b7:11:c2:7d:65:f5:d0:0f:6a:ff:41:2a:6f:
ca:77:e0:d7:ce:9b:bd:9f:8f:3d:9e:5a:1c:f0:ef:
99:51:9f:66:57:71:6d:ea:2d:1a:0e:29:2e:53:d7:
07:53:4a:d8:18:a8:8d:6e:ac:32:4b:00:6c:d9:6d:
a2:70:41:68:05:f6:d1:da:14:3e:c3:88:b9:9b:14:
24:b8:24:33:03:79:be:21:e5:60:42:5a:5d:5f:aa:
2b:12:56:48:15:55:90:02:8a:11:ec:ee:0a:f1:2d:
5c:65:83:b0:c7:3d:9b:c1:16:35:1f:5e:a3:a0:12:
cf:c5:34:14:cb:95:e5:bb:d0:6f:a9:8d:d7:d3:4e:
2f:71:87:40:04:a5:7e:e4:a2:46:4e:01:75:3d:51:
94:8f:8d:ce:a0:93:be:7b:37:b9:05:70:e6:a2:0f:
fa:46:ec:f1:9d:c1:33:cf:d2:5c:8c:56:84:2f:20:
34:9d:1e:0c:47:84:ed:3a:e0:a0:09:63:f6:2f:76:
c8:6f:b5:39:b6:cf:41:cd:bf:e8:a6:03:09:c6:a3:
fa:c1:17:8b:48:2e:01:8b:2d:47:a0:ae:9f:2a:64:
2f:85:ca:38:46:66:5a:63:a4:5a:72:6b:f6:ae:a3:
96:32:2e:23:5f:cf:57:90:ee:a1:39:fa:bb:aa:33:
c1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2D:AE:5F:6A:91:49:2E:E2:69:B3:9C:7F:5C:6D:18:57:B5:F1:7B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FS2uX2qRSS7iabOcf1xtGFe18Xs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:29:b5:20:9e:2b:98:3c:ff:23:04:36:e9:81:fd:76:54:05:
fa:38:c6:89:84:72:7b:52:1f:fd:90:3d:d8:07:0a:2b:f1:32:
40:37:f2:47:4e:6a:99:d9:49:3e:e1:e1:f6:24:4f:f9:5c:f8:
b8:7f:59:85:15:0f:47:06:c7:78:46:5b:2b:e6:71:5e:92:9f:
b9:02:a1:f4:88:27:d3:6d:e2:ac:f9:18:0d:da:97:93:4e:3e:
1a:d1:7a:3b:01:6d:a8:6c:3c:4c:8e:72:b5:d8:be:cf:f0:a3:
ba:5d:44:5d:90:29:39:f0:8e:4e:73:25:0a:77:75:e5:20:4c:
95:88:47:f6:e6:f8:93:f4:f5:c7:cd:50:e2:67:02:72:13:14:
23:c3:59:c1:84:65:b3:d2:c0:68:7f:69:67:6b:74:9f:49:3e:
68:cf:ff:11:d3:6f:b7:f5:a2:76:5a:79:0d:a6:db:cd:9c:be:
fc:e1:04:58:7c:e7:da:77:36:5f:33:e9:a7:10:5c:c0:a6:5c:
f4:df:c7:ea:14:8d:e4:11:61:fe:30:62:4f:9e:7d:f0:bf:47:
12:3d:4f:12:5b:65:79:1e:23:fb:18:87:f0:ab:6e:87:9a:b3:
23:aa:d6:90:93:4e:31:aa:b0:8e:d5:79:c6:67:8f:d1:76:dc:
f1:a8:75:ef
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
MDA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE1MkRBRTVGNkE5MTQ5
MkVFMjY5QjM5QzdGNUM2RDE4NTdCNUYxN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgtxHCfWX10A9q/0Eqb8p34NfOm72fjz2eWhzw75lRn2ZXcW3q
LRoOKS5T1wdTStgYqI1urDJLAGzZbaJwQWgF9tHaFD7DiLmbFCS4JDMDeb4h5WBC
Wl1fqisSVkgVVZACihHs7grxLVxlg7DHPZvBFjUfXqOgEs/FNBTLleW70G+pjdfT
Ti9xh0AEpX7kokZOAXU9UZSPjc6gk757N7kFcOaiD/pG7PGdwTPP0lyMVoQvIDSd
HgxHhO064KAJY/YvdshvtTm2z0HNv+imAwnGo/rBF4tILgGLLUegrp8qZC+FyjhG
ZlpjpFpya/auo5YyLiNfz1eQ7qE5+ruqM8HtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFS2uX2qRSS7iabOcf1xtGFe18XswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GUzJ1WDJxUlNTN2lhYk9j
ZjF4dEdGZTE4WHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJEptSCeK5g8/yMENumB/XZUBfo4xomEcntS
H/2QPdgHCivxMkA38kdOapnZST7h4fYkT/lc+Lh/WYUVD0cGx3hGWyvmcV6Sn7kC
ofSIJ9Nt4qz5GA3al5NOPhrRejsBbahsPEyOcrXYvs/wo7pdRF2QKTnwjk5zJQp3
deUgTJWIR/bm+JP09cfNUOJnAnITFCPDWcGEZbPSwGh/aWdrdJ9JPmjP/xHTb7f1
onZaeQ2m282cvvzhBFh859p3Nl8z6acQXMCmXPTfx+oUjeQRYf4wYk+effC/RxI9
TxJbZXkeI/sYh/CrboeasyOq1pCTTjGqsI7VecZnj9F23PGode8=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:07 2025 by rpki-client