Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/J02vRo-JFamEaiTh-Jp62n2iuAY.roa
File: J02vRo-JFamEaiTh-Jp62n2iuAY.roa (raw, json)
Hash identifier: 5LGOUq19Qpmg2YOA/HTJY5e+cXjxKazMX03GmY8LaIc=
Subject key identifier: 27:4D:AF:46:8F:89:15:A9:84:6A:24:E1:F8:9A:7A:DA:7D:A2:B8:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: EC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/J02vRo-JFamEaiTh-Jp62n2iuAY.roa
Signing time: Thu 08 May 2025 07:37:41 +0000
ROA not before: Thu 08 May 2025 07:37:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 236 (0xec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 07:37:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=274DAF468F8915A9846A24E1F89A7ADA7DA2B806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:aa:25:95:f7:9e:f1:4c:80:43:06:a6:8d:
7b:18:6f:c7:14:60:c4:b0:f5:66:11:57:f4:2c:ca:
cd:03:a2:98:a9:b4:83:cc:2a:4d:b6:be:15:c6:cb:
fd:70:52:15:0a:f9:b0:99:6c:5b:11:71:2f:93:cf:
51:11:21:52:58:40:e3:ce:0b:de:71:15:58:63:b7:
6b:0f:c5:7f:53:59:38:46:56:a5:94:82:23:72:92:
16:ee:d9:17:88:33:a7:06:e9:96:8c:3a:c3:87:a0:
37:7f:70:62:01:80:11:32:44:03:53:2d:a0:ea:0a:
60:c8:3c:a8:1c:bf:0a:43:e2:1d:ce:55:e0:5d:e8:
76:86:0f:88:5f:1e:3c:0f:86:04:08:44:21:3c:7f:
e8:e2:7c:90:70:2a:96:52:ce:d5:95:c9:ca:57:91:
b7:75:23:56:51:4e:85:ac:9b:15:0f:54:cb:7f:45:
3e:de:45:f6:03:e1:54:d0:33:ec:c2:e8:75:2e:43:
43:f4:09:5a:6c:82:25:f8:3a:bd:fd:06:f1:27:ed:
a4:ec:d7:71:9f:15:b9:e9:54:fd:b6:1f:4c:ed:e1:
5d:79:63:ba:3b:44:64:82:75:c7:9f:45:71:4c:7a:
c3:b5:73:f0:3b:d2:34:5b:2b:7d:b9:4e:49:da:67:
81:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:4D:AF:46:8F:89:15:A9:84:6A:24:E1:F8:9A:7A:DA:7D:A2:B8:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/J02vRo-JFamEaiTh-Jp62n2iuAY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:61:3c:a3:83:26:1e:31:5a:ae:39:8a:dd:15:33:6f:ce:80:
63:34:14:b7:b0:64:cb:e1:38:36:aa:dd:aa:3e:f9:71:9e:4d:
ee:2a:1b:fd:ac:88:4d:2b:fc:67:e1:77:e4:a9:8d:47:9d:ec:
b7:b1:3d:9f:7d:0c:ce:d0:1d:38:d2:b5:24:71:41:50:14:fc:
6f:11:9d:8f:8d:19:55:f3:6d:2c:c9:89:23:f4:02:f5:77:b7:
07:c6:a7:7e:de:66:c8:24:d0:30:90:03:f8:73:a4:8e:bd:f8:
1c:53:85:a6:37:11:d2:6a:c0:ba:69:2c:8f:36:12:34:56:97:
03:49:03:67:be:9d:5f:42:b3:d7:6b:c0:f7:63:9f:f0:71:4b:
b7:da:59:c2:39:26:91:d4:5c:9b:36:38:8c:5e:15:ae:33:21:
88:08:a8:0e:36:cb:bc:2e:0e:be:1d:05:2a:b3:73:70:39:8e:
90:bd:7c:21:f8:4d:de:a6:42:ef:76:f8:2b:f0:a0:3a:96:bb:
80:6d:f1:fc:c4:f1:bd:54:c4:58:88:1a:08:db:16:0a:77:67:
b5:b3:72:4f:60:d5:e0:57:4b:c4:b9:b6:cd:c2:17:23:dc:69:
b8:d7:f1:35:46:61:12:3f:68:95:cd:22:8d:ad:ce:cf:64:e0:
9f:f7:43:e3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAOwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NzM3NDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI3NERBRjQ2OEY4OTE1
QTk4NDZBMjRFMUY4OUE3QURBN0RBMkI4MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK+aollfee8UyAQwamjXsYb8cUYMSw9WYRV/Qsys0DopiptIPM
Kk22vhXGy/1wUhUK+bCZbFsRcS+Tz1ERIVJYQOPOC95xFVhjt2sPxX9TWThGVqWU
giNykhbu2ReIM6cG6ZaMOsOHoDd/cGIBgBEyRANTLaDqCmDIPKgcvwpD4h3OVeBd
6HaGD4hfHjwPhgQIRCE8f+jifJBwKpZSztWVycpXkbd1I1ZRToWsmxUPVMt/RT7e
RfYD4VTQM+zC6HUuQ0P0CVpsgiX4Or39BvEn7aTs13GfFbnpVP22H0zt4V15Y7o7
RGSCdcefRXFMesO1c/A70jRbK325TknaZ4FnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJ02vRo+JFamEaiTh+Jp62n2iuAYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KMDJ2Um8tSkZhbUVhaVRo
LUpwNjJuMml1QVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABZhPKODJh4xWq45it0VM2/OgGM0FLewZMvh
ODaq3ao++XGeTe4qG/2siE0r/Gfhd+SpjUed7LexPZ99DM7QHTjStSRxQVAU/G8R
nY+NGVXzbSzJiSP0AvV3twfGp37eZsgk0DCQA/hzpI69+BxThaY3EdJqwLppLI82
EjRWlwNJA2e+nV9Cs9drwPdjn/BxS7faWcI5JpHUXJs2OIxeFa4zIYgIqA42y7wu
Dr4dBSqzc3A5jpC9fCH4Td6mQu92+CvwoDqWu4Bt8fzE8b1UxFiIGgjbFgp3Z7Wz
ck9g1eBXS8S5ts3CFyPcabjX8TVGYRI/aJXNIo2tzs9k4J/3Q+M=
-----END CERTIFICATE-----
Generated at Sat May 17 23:18:06 2025 by rpki-client