Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/oFpE67mlvta5FY8pnn1BtH8O87A.roa
File: oFpE67mlvta5FY8pnn1BtH8O87A.roa (raw, json)
Hash identifier: EyfHWJFtAwlgGZLOwMPPeOh9c8alZ3T45uUbBzAs3E8=
Subject key identifier: A0:5A:44:EB:B9:A5:BE:D6:B9:15:8F:29:9E:7D:41:B4:7F:0E:F3:B0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0528
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oFpE67mlvta5FY8pnn1BtH8O87A.roa
Signing time: Tue 13 May 2025 23:08:02 +0000
ROA not before: Tue 13 May 2025 23:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1320 (0x528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 23:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A05A44EBB9A5BED6B9158F299E7D41B47F0EF3B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:79:37:59:87:1e:9a:a7:a8:4f:46:56:df:cf:
2c:c8:f7:59:e1:df:3d:7e:d9:ae:d1:85:c4:0d:31:
21:ce:98:5d:20:90:6b:70:f6:a7:87:8c:34:b4:f5:
35:5c:d2:d8:28:a5:de:ea:10:1f:bd:94:e0:9e:c7:
19:97:3b:1b:41:2d:59:d0:c4:ca:61:95:b3:15:e3:
4a:f4:0d:b7:46:93:17:6e:a4:50:b8:eb:bf:04:9e:
33:e0:aa:1f:89:5b:43:c4:18:f4:10:13:81:22:ca:
4c:03:59:2b:bf:ca:1c:04:3e:51:5f:1c:a5:e7:89:
89:f5:09:f1:ca:1c:fc:a0:b0:a8:09:18:03:03:80:
02:65:fc:db:84:67:ec:ea:56:dc:6c:a2:5d:88:a4:
27:f4:41:51:aa:e2:b2:bd:12:88:be:a9:fb:fe:ad:
66:31:60:f1:36:b9:c7:c0:76:1e:15:6b:37:95:d3:
da:60:e8:64:25:18:fb:83:ad:54:21:b0:0c:4b:a0:
d0:9c:e1:40:51:e5:d6:fe:f2:34:63:eb:97:cf:74:
4d:19:47:67:1a:55:a2:a2:86:64:5c:d8:be:13:99:
99:2f:5a:30:74:f5:c8:b9:01:5f:51:22:28:81:5f:
a8:b0:d4:5d:6f:63:37:fd:80:97:7f:4b:57:e5:c3:
ea:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5A:44:EB:B9:A5:BE:D6:B9:15:8F:29:9E:7D:41:B4:7F:0E:F3:B0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oFpE67mlvta5FY8pnn1BtH8O87A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:1e:ed:b7:72:49:dc:39:08:63:2e:e7:cb:08:d0:e8:4a:a7:
d9:6f:7d:d6:62:f7:78:25:33:c3:84:75:b1:c1:bd:26:ed:13:
1b:fc:e4:71:aa:14:d0:2a:8b:59:6e:05:9e:bf:17:ef:e0:37:
e9:31:95:25:b4:44:8c:5c:45:fb:42:e3:45:6b:24:e8:d3:e7:
8c:83:39:c4:1f:7d:41:d4:7d:28:ad:c5:00:24:0f:1c:ff:79:
22:29:70:d7:49:cb:70:29:18:6a:3a:e3:fc:3a:92:8a:e4:bb:
13:99:d8:33:2c:7e:91:29:78:92:b4:98:02:0f:cb:82:75:db:
16:c2:0a:06:34:9e:39:22:c9:c8:4e:b7:ae:bd:fd:f4:90:8e:
ee:6b:a2:d3:fb:3b:49:8f:70:4b:9b:2c:f5:16:2b:bf:f5:e1:
01:5d:36:13:fc:20:81:92:d8:ae:da:7b:be:79:20:86:9b:e3:
34:e1:39:9b:8b:b7:37:23:4a:34:af:d2:74:7f:3f:77:04:f1:
dd:74:b3:e0:b0:7a:9c:9a:34:8c:bd:36:ca:d4:e1:df:8e:22:
d7:eb:38:ff:4a:3f:cc:21:b7:5b:6f:19:bb:5a:2b:0c:01:ad:
3d:47:f9:d5:57:6b:c7:e4:8e:c1:ab:a0:08:ef:32:a5:e6:ea:
77:a4:e3:c6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBSgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEwNUE0NEVCQjlBNUJF
RDZCOTE1OEYyOTlFN0Q0MUI0N0YwRUYzQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBeTdZhx6ap6hPRlbfzyzI91nh3z1+2a7RhcQNMSHOmF0gkGtw
9qeHjDS09TVc0tgopd7qEB+9lOCexxmXOxtBLVnQxMphlbMV40r0DbdGkxdupFC4
678EnjPgqh+JW0PEGPQQE4EiykwDWSu/yhwEPlFfHKXniYn1CfHKHPygsKgJGAMD
gAJl/NuEZ+zqVtxsol2IpCf0QVGq4rK9Eoi+qfv+rWYxYPE2ucfAdh4VazeV09pg
6GQlGPuDrVQhsAxLoNCc4UBR5db+8jRj65fPdE0ZR2caVaKihmRc2L4TmZkvWjB0
9ci5AV9RIiiBX6iw1F1vYzf9gJd/S1flw+qnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoFpE67mlvta5FY8pnn1BtH8O87AwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vRnBFNjdtbHZ0YTVGWThw
bm4xQnRIOE84N0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACoe7bdySdw5CGMu58sI0OhKp9lvfdZi93gl
M8OEdbHBvSbtExv85HGqFNAqi1luBZ6/F+/gN+kxlSW0RIxcRftC40VrJOjT54yD
OcQffUHUfSitxQAkDxz/eSIpcNdJy3ApGGo64/w6korkuxOZ2DMsfpEpeJK0mAIP
y4J12xbCCgY0njkiychOt669/fSQju5rotP7O0mPcEubLPUWK7/14QFdNhP8IIGS
2K7ae755IIab4zThOZuLtzcjSjSv0nR/P3cE8d10s+CwepyaNIy9NsrU4d+OItfr
OP9KP8wht1tvGbtaKwwBrT1H+dVXa8fkjsGroAjvMqXm6nek48Y=
-----END CERTIFICATE-----
Generated at Sun May 18 07:37:16 2025 by rpki-client