Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/idO_VTblSR3HdGASMRxuFRPvUYo.roa
File: idO_VTblSR3HdGASMRxuFRPvUYo.roa (raw, json)
Hash identifier: qwxxtemJXOmlgNs3RFihdiK/DbZaHlhaUH/c0u8vZ5s=
Subject key identifier: 89:D3:BF:55:36:E5:49:1D:C7:74:60:12:31:1C:6E:15:13:EF:51:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 075C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/idO_VTblSR3HdGASMRxuFRPvUYo.roa
Signing time: Fri 16 May 2025 21:38:06 +0000
ROA not before: Fri 16 May 2025 21:38:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1884 (0x75c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 21:38:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=89D3BF5536E5491DC7746012311C6E1513EF518A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:36:91:4f:62:b3:55:45:ca:98:55:53:e6:
a7:a5:f8:6c:43:40:a7:ed:6b:6c:32:95:c3:33:a1:
b8:9d:a9:06:7c:43:d3:97:b6:a8:d4:3f:ec:82:13:
9c:d4:c6:93:83:18:fa:92:ed:2a:cd:bd:f3:ca:a7:
d0:77:f7:17:b8:83:ed:c8:20:a7:4c:3b:59:06:41:
ea:52:cd:08:e7:89:30:65:ef:b3:ef:98:d3:fa:86:
fb:e0:1d:31:09:b6:28:51:bf:b6:d0:74:fa:85:b8:
c4:41:eb:cc:59:34:80:68:fd:04:7e:a6:4d:2f:e8:
bd:f1:98:ae:f5:a7:c3:9a:e6:02:4c:8b:f0:ad:f0:
12:d2:90:94:22:ae:30:51:fd:51:99:fa:14:d5:0f:
42:c1:60:a6:d0:df:cc:d9:c8:e4:03:9f:d6:90:94:
44:df:e5:b5:fd:0b:52:cd:1a:8e:f1:52:4d:d2:f6:
28:4d:f6:aa:a1:8f:20:77:0a:d9:b9:e7:12:66:70:
66:1f:2d:ab:30:11:34:78:d5:63:c5:6a:d7:b6:5c:
44:2f:b0:d3:db:0d:b4:c4:2f:69:9d:e4:7e:73:6e:
79:59:25:a0:17:58:ca:8d:a6:f6:e7:9c:73:49:1f:
80:5e:8b:f3:a0:89:03:ec:00:43:96:67:c7:7f:5d:
04:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D3:BF:55:36:E5:49:1D:C7:74:60:12:31:1C:6E:15:13:EF:51:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/idO_VTblSR3HdGASMRxuFRPvUYo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:e7:68:e7:a1:a9:3a:52:87:cb:7c:b6:b1:0f:44:af:c2:91:
cd:3f:7e:28:72:a0:35:10:03:c5:02:40:8a:05:72:10:17:03:
95:8d:ce:c6:f3:73:74:c4:32:88:87:47:38:86:bc:3c:d5:06:
ff:b9:9a:dc:e8:e4:60:aa:63:8a:3a:a9:37:8f:7c:74:8b:cc:
84:1d:6b:a0:49:c6:7d:92:7e:71:a6:1e:6a:9a:4d:1a:9c:79:
8c:4c:e9:af:54:55:79:a4:93:35:f1:26:fe:20:7c:fa:c7:8a:
90:39:bd:21:0e:9f:fb:77:9a:d8:90:b2:f6:85:f9:e9:68:fd:
33:3b:45:6a:9b:05:eb:2b:0f:fc:3b:61:4b:98:98:ef:9e:57:
d7:1d:e9:b1:61:39:fa:77:4e:f5:db:e4:a9:4c:9a:77:0a:71:
18:96:96:dc:67:8d:a9:96:91:50:14:e6:b0:d3:1f:a5:26:93:
62:01:e5:df:6f:a3:87:c2:2e:60:21:e5:c7:ce:50:a2:53:0c:
a9:5f:55:03:98:f8:b0:05:df:7d:c9:18:86:5a:f5:d0:d8:b7:
1d:7d:5c:0f:6d:4f:5a:ae:5a:5b:57:b5:63:b3:ea:9c:18:cf:
d5:93:d2:e0:8f:dd:dc:79:c4:26:b9:69:f5:84:7e:7c:cd:58:
d5:0f:e9:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYy
MTM4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg5RDNCRjU1MzZFNTQ5
MURDNzc0NjAxMjMxMUM2RTE1MTNFRjUxOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6mzaRT2KzVUXKmFVT5qel+GxDQKfta2wylcMzobidqQZ8Q9OX
tqjUP+yCE5zUxpODGPqS7SrNvfPKp9B39xe4g+3IIKdMO1kGQepSzQjniTBl77Pv
mNP6hvvgHTEJtihRv7bQdPqFuMRB68xZNIBo/QR+pk0v6L3xmK71p8Oa5gJMi/Ct
8BLSkJQirjBR/VGZ+hTVD0LBYKbQ38zZyOQDn9aQlETf5bX9C1LNGo7xUk3S9ihN
9qqhjyB3Ctm55xJmcGYfLaswETR41WPFate2XEQvsNPbDbTEL2md5H5zbnlZJaAX
WMqNpvbnnHNJH4Bei/OgiQPsAEOWZ8d/XQSdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUidO/VTblSR3HdGASMRxuFRPvUYowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pZE9fVlRibFNSM0hkR0FT
TVJ4dUZSUHZVWW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJfnaOehqTpSh8t8trEPRK/Ckc0/fihyoDUQ
A8UCQIoFchAXA5WNzsbzc3TEMoiHRziGvDzVBv+5mtzo5GCqY4o6qTePfHSLzIQd
a6BJxn2SfnGmHmqaTRqceYxM6a9UVXmkkzXxJv4gfPrHipA5vSEOn/t3mtiQsvaF
+elo/TM7RWqbBesrD/w7YUuYmO+eV9cd6bFhOfp3TvXb5KlMmncKcRiWltxnjamW
kVAU5rDTH6Umk2IB5d9vo4fCLmAh5cfOUKJTDKlfVQOY+LAF333JGIZa9dDYtx19
XA9tT1quWltXtWOz6pwYz9WT0uCP3dx5xCa5afWEfnzNWNUP6Ug=
-----END CERTIFICATE-----
Generated at Sat May 17 22:39:24 2025 by rpki-client