Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/oOw4qOn1c3ls6wnaJj1L5cS6acA.roa
File: oOw4qOn1c3ls6wnaJj1L5cS6acA.roa (raw, json)
Hash identifier: vFDbG6oF8fOcORxYWvyyO1/b3EvATKncXSxmU3+Zn8c=
Subject key identifier: A0:EC:38:A8:E9:F5:73:79:6C:EB:09:DA:26:3D:4B:E5:C4:BA:69:C0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03DC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oOw4qOn1c3ls6wnaJj1L5cS6acA.roa
Signing time: Mon 12 May 2025 05:38:17 +0000
ROA not before: Mon 12 May 2025 05:38:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 988 (0x3dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 05:38:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A0EC38A8E9F573796CEB09DA263D4BE5C4BA69C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d5:05:17:a2:81:f2:c5:b1:c0:32:e1:ee:24:
f1:45:d5:6b:3f:b3:f5:2f:88:04:9d:58:93:69:23:
78:b4:92:9b:bd:99:f7:82:c1:cb:3b:f3:c7:6a:f8:
19:8e:e0:7e:cf:21:a8:78:cb:1b:df:a8:a7:bc:53:
95:4c:75:84:9b:9d:54:00:04:43:ee:06:2b:00:12:
fc:4c:06:ad:21:18:48:27:6d:4c:59:94:f3:de:93:
83:39:30:8f:ea:b4:59:de:d0:66:d6:a4:2c:87:40:
dd:d4:1e:8b:9e:f0:1f:f5:33:5e:77:11:8e:ea:4d:
56:9d:75:ca:84:3c:75:39:29:5e:c6:2b:74:e8:2c:
35:46:1b:ec:fc:89:12:db:c9:43:5c:90:0e:e4:35:
00:56:a4:29:ab:64:73:ed:97:17:0d:51:5a:a9:ec:
00:7e:3a:35:e4:4e:e3:96:7f:f0:22:0d:5a:99:1a:
c3:79:47:5a:7a:49:4c:c1:47:cc:2a:53:5d:b5:a4:
17:85:8c:37:c6:f0:37:37:15:28:5c:6e:92:dd:58:
b7:cb:51:71:57:80:96:8b:d8:db:14:5c:5e:20:46:
fe:65:ac:45:b9:8e:7b:cf:13:5f:60:5d:60:d8:6a:
34:3b:44:20:32:d5:23:81:08:71:59:aa:cb:56:f3:
b6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EC:38:A8:E9:F5:73:79:6C:EB:09:DA:26:3D:4B:E5:C4:BA:69:C0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oOw4qOn1c3ls6wnaJj1L5cS6acA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:bb:d9:f2:f3:d3:93:40:61:8d:88:b7:7a:c2:af:a8:4c:49:
d9:69:c3:66:5c:8a:27:b4:ac:d6:0f:12:d1:bf:52:1f:58:fa:
04:49:47:33:a1:fc:78:f8:ef:fc:2c:23:e9:c3:97:e5:35:dd:
d7:76:56:45:93:dd:e3:12:a0:a0:f9:8e:98:14:09:09:00:6a:
6c:8c:1c:75:70:4f:ce:76:a8:26:c6:b3:4a:df:5b:06:79:c8:
59:6f:62:d1:34:09:09:ff:f5:59:06:49:b6:ef:e3:09:60:2e:
5b:e7:44:93:e9:19:ea:77:74:a4:df:82:06:c3:76:3d:48:8a:
c3:31:f2:3f:b2:17:bc:eb:1d:fb:33:4a:9e:5f:77:aa:92:1c:
2f:93:1e:47:5a:a0:38:6a:67:8e:cb:f4:18:19:55:98:af:7c:
7c:4f:59:e1:27:16:42:16:48:25:9d:42:d6:d0:ed:4d:72:02:
8a:3d:7e:01:f2:2e:db:8f:b5:74:7a:c1:5f:71:02:6c:56:07:
6f:01:ff:22:47:f2:68:24:84:7d:8c:b9:0d:30:a9:8d:13:32:
3c:e3:36:0c:4c:7a:58:b7:36:8d:4c:83:64:bc:0e:e2:ca:0e:
93:1d:01:43:0d:75:fd:d6:07:ae:4d:37:ed:d0:8d:df:ea:e8:
b2:f2:ea:54
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA9wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
NTM4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEwRUMzOEE4RTlGNTcz
Nzk2Q0VCMDlEQTI2M0Q0QkU1QzRCQTY5QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDr1QUXooHyxbHAMuHuJPFF1Ws/s/UviASdWJNpI3i0kpu9mfeC
wcs788dq+BmO4H7PIah4yxvfqKe8U5VMdYSbnVQABEPuBisAEvxMBq0hGEgnbUxZ
lPPek4M5MI/qtFne0GbWpCyHQN3UHoue8B/1M153EY7qTVaddcqEPHU5KV7GK3To
LDVGG+z8iRLbyUNckA7kNQBWpCmrZHPtlxcNUVqp7AB+OjXkTuOWf/AiDVqZGsN5
R1p6SUzBR8wqU121pBeFjDfG8Dc3FShcbpLdWLfLUXFXgJaL2NsUXF4gRv5lrEW5
jnvPE19gXWDYajQ7RCAy1SOBCHFZqstW87ZpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoOw4qOn1c3ls6wnaJj1L5cS6acAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vT3c0cU9uMWMzbHM2d25h
SmoxTDVjUzZhY0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIm72fLz05NAYY2It3rCr6hMSdlpw2Zciie0
rNYPEtG/Uh9Y+gRJRzOh/Hj47/wsI+nDl+U13dd2VkWT3eMSoKD5jpgUCQkAamyM
HHVwT852qCbGs0rfWwZ5yFlvYtE0CQn/9VkGSbbv4wlgLlvnRJPpGep3dKTfggbD
dj1IisMx8j+yF7zrHfszSp5fd6qSHC+THkdaoDhqZ47L9BgZVZivfHxPWeEnFkIW
SCWdQtbQ7U1yAoo9fgHyLtuPtXR6wV9xAmxWB28B/yJH8mgkhH2MuQ0wqY0TMjzj
NgxMeli3No1Mg2S8DuLKDpMdAUMNdf3WB65NN+3Qjd/q6LLy6lQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:51:16 2025 by rpki-client