Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rAUo5TkY68PGhyTboyFrljOAO5s.roa
File: rAUo5TkY68PGhyTboyFrljOAO5s.roa (raw, json)
Hash identifier: 1QL9PEJRotf9ozS/wkf47a4X8ktOu0vsnKJPchl7Qa4=
Subject key identifier: AC:05:28:E5:39:18:EB:C3:C6:87:24:DB:A3:21:6B:96:33:80:3B:9B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0364
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rAUo5TkY68PGhyTboyFrljOAO5s.roa
Signing time: Sun 11 May 2025 14:37:52 +0000
ROA not before: Sun 11 May 2025 14:37:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 868 (0x364)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 14:37:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AC0528E53918EBC3C68724DBA3216B9633803B9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cf:d8:fe:cd:da:ad:61:06:bc:ca:8c:03:df:
47:75:e2:50:9e:7d:6b:de:4d:f3:9c:4d:a4:fa:50:
3b:ef:10:1d:43:c7:18:a1:72:8c:1e:07:a8:e3:f1:
15:11:3d:45:fa:b1:d9:ae:fa:44:75:9e:47:80:53:
7a:52:2a:8e:8c:25:96:58:7a:7b:10:ba:48:f9:fc:
3a:50:98:db:d9:d2:92:b2:cf:bc:06:45:d9:22:51:
24:60:74:99:be:99:6a:49:c7:ff:76:4e:46:f8:9b:
ef:94:db:b3:25:f1:be:c9:15:20:c7:fb:7f:c1:39:
98:f0:b6:83:3a:cf:48:0e:eb:57:93:b6:a6:bb:78:
80:05:88:e1:a1:fd:ba:7f:10:e5:34:03:90:77:89:
f7:41:b3:eb:62:a6:49:66:54:9e:ae:2c:a8:cb:18:
42:19:66:64:43:e4:53:be:06:3a:5e:dc:81:da:2e:
13:3d:24:ba:97:fb:88:5f:6d:21:a5:cc:8c:21:a7:
dd:fa:f1:7f:a0:25:55:aa:85:a8:2b:84:d4:35:7e:
b9:59:c9:85:ff:01:4e:6e:5f:82:42:08:da:18:75:
b9:2c:44:82:91:6c:ae:fb:45:7f:32:50:6f:5a:f1:
b8:2b:73:0c:0a:fc:2b:fd:f5:60:6e:9b:b9:64:43:
b5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:05:28:E5:39:18:EB:C3:C6:87:24:DB:A3:21:6B:96:33:80:3B:9B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rAUo5TkY68PGhyTboyFrljOAO5s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:52:95:e9:db:ef:6b:fe:8d:a0:61:53:e1:a5:e8:62:e8:3d:
ec:9c:ed:28:8f:97:ed:21:12:75:60:b7:d1:5a:57:37:89:7b:
74:aa:0f:36:50:1f:ed:b4:45:8d:aa:84:28:d6:09:a1:ca:2f:
fe:69:09:2f:a2:af:0d:cf:1f:d8:63:06:3d:d6:54:b9:39:72:
69:7e:3e:cf:f2:12:bc:e3:f7:60:67:18:9d:59:c7:9e:a1:c5:
07:da:11:40:71:00:20:b1:2f:6a:19:01:02:b9:16:dc:39:4a:
29:fd:e8:b0:5a:c9:c4:67:8b:da:84:54:49:8a:46:4b:8b:e2:
84:d1:54:84:ea:c6:2c:3c:5a:ce:b3:cd:e9:4b:7f:ea:c5:ab:
ae:51:cf:a8:46:3a:ad:d9:69:78:05:9d:be:c0:de:a6:5c:ad:
86:7e:d4:a9:5e:76:4b:1d:12:24:1c:19:7b:e7:7e:a1:0c:5f:
b9:75:49:01:71:33:89:ad:75:e2:88:5f:2f:6f:04:e4:97:c6:
d6:91:7a:e8:74:1e:84:2c:2f:8e:55:68:48:45:40:89:1c:74:
5d:24:cd:92:f5:e6:5c:cb:c6:15:78:be:7b:10:fb:11:4d:f7:
67:aa:09:f5:01:fb:c8:fe:a5:ae:5c:ae:ca:d0:7f:a6:0c:1c:
d0:68:c0:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NDM3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFDMDUyOEU1MzkxOEVC
QzNDNjg3MjREQkEzMjE2Qjk2MzM4MDNCOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHz9j+zdqtYQa8yowD30d14lCefWveTfOcTaT6UDvvEB1Dxxih
coweB6jj8RURPUX6sdmu+kR1nkeAU3pSKo6MJZZYensQukj5/DpQmNvZ0pKyz7wG
RdkiUSRgdJm+mWpJx/92Tkb4m++U27Ml8b7JFSDH+3/BOZjwtoM6z0gO61eTtqa7
eIAFiOGh/bp/EOU0A5B3ifdBs+tipklmVJ6uLKjLGEIZZmRD5FO+Bjpe3IHaLhM9
JLqX+4hfbSGlzIwhp9368X+gJVWqhagrhNQ1frlZyYX/AU5uX4JCCNoYdbksRIKR
bK77RX8yUG9a8bgrcwwK/Cv99WBum7lkQ7V3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrAUo5TkY68PGhyTboyFrljOAO5swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yQVVvNVRrWTY4UEdoeVRi
b3lGcmxqT0FPNXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADNSlenb72v+jaBhU+Gl6GLoPeyc7SiPl+0h
EnVgt9FaVzeJe3SqDzZQH+20RY2qhCjWCaHKL/5pCS+irw3PH9hjBj3WVLk5cml+
Ps/yErzj92BnGJ1Zx56hxQfaEUBxACCxL2oZAQK5Ftw5Sin96LBaycRni9qEVEmK
RkuL4oTRVITqxiw8Ws6zzelLf+rFq65Rz6hGOq3ZaXgFnb7A3qZcrYZ+1Kledksd
EiQcGXvnfqEMX7l1SQFxM4mtdeKIXy9vBOSXxtaReuh0HoQsL45VaEhFQIkcdF0k
zZL15lzLxhV4vnsQ+xFN92eqCfUB+8j+pa5crsrQf6YMHNBowNU=
-----END CERTIFICATE-----
Generated at Sun May 18 23:01:39 2025 by rpki-client