Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fXa7-HhDp8fSrIHhPvzY3QfruEI.roa
File: fXa7-HhDp8fSrIHhPvzY3QfruEI.roa (raw, json)
Hash identifier: tWjyML7iZyifCQn0SBUHrYhJdcgktFZCm86TtyYO1o4=
Subject key identifier: 7D:76:BB:F8:78:43:A7:C7:D2:AC:81:E1:3E:FC:D8:DD:07:EB:B8:42
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02C0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fXa7-HhDp8fSrIHhPvzY3QfruEI.roa
Signing time: Sat 10 May 2025 18:07:52 +0000
ROA not before: Sat 10 May 2025 18:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 704 (0x2c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 18:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7D76BBF87843A7C7D2AC81E13EFCD8DD07EBB842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c4:64:0e:b0:d7:57:e9:14:72:e2:60:c7:49:
16:2c:f9:ec:be:da:4c:1f:0d:2e:7a:ac:b4:d5:5e:
32:85:17:6e:25:79:7d:6f:9a:f1:e6:4c:5e:6b:69:
07:24:89:68:1c:6d:de:3d:41:ee:16:6c:7b:a7:4d:
bd:29:7e:45:ac:ea:19:4f:ae:5c:fc:4f:51:2b:b6:
3e:27:0c:0c:e6:98:2d:4b:d4:09:6b:f3:20:90:bc:
a6:64:f8:30:0a:14:73:1e:4b:21:5f:6d:c5:91:31:
53:a7:e7:c5:4c:f6:03:85:ad:dc:2e:d4:c4:5c:67:
1c:fa:84:be:36:b6:1e:bd:d4:ae:d8:a6:9c:1e:1f:
29:61:1e:e8:3c:24:3b:19:ad:37:c4:b9:fa:76:bb:
d6:aa:8b:52:ee:f2:2c:94:44:7f:6c:98:82:0c:0f:
64:dc:ed:b6:3c:3c:6e:c8:85:d6:3b:d5:b1:64:0e:
5c:c5:9c:2a:28:88:ba:44:c5:99:d8:9c:30:e3:27:
6e:22:c5:b9:b2:3b:4d:93:13:65:4b:92:5f:6e:17:
c3:0d:2b:c8:9d:b1:50:09:2b:f6:bd:2e:55:5f:75:
4e:fa:c5:7a:98:13:c0:b0:47:c9:a4:43:69:b4:38:
6f:13:62:34:34:5f:a9:ff:1e:9f:cc:14:1d:4c:91:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:76:BB:F8:78:43:A7:C7:D2:AC:81:E1:3E:FC:D8:DD:07:EB:B8:42
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fXa7-HhDp8fSrIHhPvzY3QfruEI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:a7:e9:88:d9:77:ea:aa:11:81:ea:fd:e8:50:f3:05:f4:f4:
ae:cc:1c:49:a1:26:47:ea:c0:e5:b9:1b:9b:f8:6f:a9:d0:90:
86:03:21:9c:c5:5f:fc:fc:08:39:53:30:83:59:fc:c6:ee:6b:
70:70:98:fb:9e:30:cf:4c:ae:a7:66:61:37:a3:38:d4:b8:d7:
c7:f5:4c:1e:2d:7b:76:4b:1b:ba:57:8f:ee:ee:99:52:62:95:
ff:10:fc:b8:65:30:de:2e:1d:a9:1c:d3:59:4e:dc:2a:ce:13:
d4:8a:25:32:10:f6:d1:ab:a9:47:4d:79:b3:73:05:6c:10:73:
82:70:51:63:38:45:13:ba:27:71:e4:e1:a0:c3:e1:54:fc:e1:
a8:6c:6e:b5:46:89:0f:db:54:55:d6:27:fb:ad:2e:2c:50:fc:
fc:91:53:6b:c4:1e:d6:f0:01:1f:7f:a3:49:60:00:34:45:f9:
db:6f:12:ea:b6:de:25:12:cb:fe:2b:5d:61:8c:07:e1:c1:b5:
87:82:57:5e:30:8b:01:7e:b4:03:b2:3a:10:f4:b6:1a:40:54:
58:2d:de:9e:20:16:b6:d4:ab:af:d0:dc:44:6f:87:de:9e:e7:
6e:8e:7a:ba:6a:2f:42:c2:ef:1a:82:87:94:72:28:a5:40:21:
c1:1b:a9:63
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAsAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
ODA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdENzZCQkY4Nzg0M0E3
QzdEMkFDODFFMTNFRkNEOEREMDdFQkI4NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAxGQOsNdX6RRy4mDHSRYs+ey+2kwfDS56rLTVXjKFF24leX1v
mvHmTF5raQckiWgcbd49Qe4WbHunTb0pfkWs6hlPrlz8T1Ertj4nDAzmmC1L1Alr
8yCQvKZk+DAKFHMeSyFfbcWRMVOn58VM9gOFrdwu1MRcZxz6hL42th691K7Yppwe
HylhHug8JDsZrTfEufp2u9aqi1Lu8iyURH9smIIMD2Tc7bY8PG7IhdY71bFkDlzF
nCooiLpExZnYnDDjJ24ixbmyO02TE2VLkl9uF8MNK8idsVAJK/a9LlVfdU76xXqY
E8CwR8mkQ2m0OG8TYjQ0X6n/Hp/MFB1MkaVpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfXa7+HhDp8fSrIHhPvzY3QfruEIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mWGE3LUhoRHA4ZlNySUho
UHZ6WTNRZnJ1RUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKyn6YjZd+qqEYHq/ehQ8wX09K7MHEmhJkfq
wOW5G5v4b6nQkIYDIZzFX/z8CDlTMINZ/Mbua3BwmPueMM9MrqdmYTejONS418f1
TB4te3ZLG7pXj+7umVJilf8Q/LhlMN4uHakc01lO3CrOE9SKJTIQ9tGrqUdNebNz
BWwQc4JwUWM4RRO6J3Hk4aDD4VT84ahsbrVGiQ/bVFXWJ/utLixQ/PyRU2vEHtbw
AR9/o0lgADRF+dtvEuq23iUSy/4rXWGMB+HBtYeCV14wiwF+tAOyOhD0thpAVFgt
3p4gFrbUq6/Q3ERvh96e526OerpqL0LC7xqCh5RyKKVAIcEbqWM=
-----END CERTIFICATE-----
Generated at Sun May 18 03:38:40 2025 by rpki-client