Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/roXsZsPDwQGdj5oxTAIzbeu1mq4.roa
File: roXsZsPDwQGdj5oxTAIzbeu1mq4.roa (raw, json)
Hash identifier: GOP5VFIJwQ1TJ3KRXsyNF6oa9flROZYelgQS56CpJUY=
Subject key identifier: AE:85:EC:66:C3:C3:C1:01:9D:8F:9A:31:4C:02:33:6D:EB:B5:9A:AE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01A0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/roXsZsPDwQGdj5oxTAIzbeu1mq4.roa
Signing time: Fri 09 May 2025 06:07:46 +0000
ROA not before: Fri 09 May 2025 06:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416 (0x1a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 06:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AE85EC66C3C3C1019D8F9A314C02336DEBB59AAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b8:c9:21:e3:f9:cd:8f:d2:79:25:9c:72:e1:
42:5f:55:e6:51:e6:8c:1d:58:84:f2:fb:69:46:1a:
3a:41:c1:dc:65:31:a4:03:0e:2c:94:50:d2:80:71:
ff:cf:c2:2d:b7:19:50:ce:b3:75:38:73:34:ac:df:
2a:e0:83:c2:9c:57:fb:e6:72:54:43:60:c9:c8:fb:
96:c2:40:e7:25:9b:8b:df:c2:9b:36:f5:40:f0:fd:
81:69:1c:82:28:35:eb:32:0d:1c:37:ab:e1:df:62:
4a:a5:76:c9:c7:ec:cd:67:19:be:d0:e0:b7:7e:98:
e2:4e:84:ca:d6:a1:ee:83:50:0e:ef:9f:8d:45:14:
01:e9:ac:7d:a0:e9:de:0b:17:33:9b:e4:36:66:13:
56:0b:f0:96:1a:0f:c5:c3:16:9e:08:97:b3:83:10:
ba:13:83:23:35:8c:88:d4:64:02:07:a3:2a:b8:01:
58:8f:5c:fd:5d:a0:ac:ea:fe:ec:d6:00:cb:53:72:
b2:07:19:d0:52:00:4e:46:f3:87:ad:6a:87:7f:71:
50:1f:99:0c:9e:d2:9f:1d:37:a4:24:75:dd:67:9e:
b1:19:1e:0e:a1:a4:ff:3b:0f:d1:82:36:94:c6:0b:
7a:ed:5c:bf:ba:15:f0:52:aa:ff:fc:6e:50:de:db:
e2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:85:EC:66:C3:C3:C1:01:9D:8F:9A:31:4C:02:33:6D:EB:B5:9A:AE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/roXsZsPDwQGdj5oxTAIzbeu1mq4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:d9:df:a3:e6:44:b3:12:a6:e9:15:7a:62:4a:4d:4d:2b:ee:
b6:f7:29:53:53:d0:4c:88:9c:f1:c1:64:5d:3e:69:51:2e:33:
84:49:f0:f4:ea:fb:69:c7:58:60:63:e3:ec:11:ab:97:1e:b6:
fb:79:9b:ed:30:7f:42:9b:c6:a0:03:58:8a:77:01:d6:45:aa:
3d:0e:ea:a5:a2:cd:39:30:b7:a2:3e:41:f9:4b:55:d7:2a:cc:
d4:ad:e8:90:d1:a3:da:ab:43:e5:62:36:0b:eb:b6:e6:1d:9d:
df:d8:b4:6b:cd:ac:ed:06:5c:4e:71:fa:32:3f:68:5a:35:f0:
3d:f9:44:12:eb:68:75:bd:67:9c:2e:e0:70:c5:61:be:c9:76:
f2:52:05:f1:f4:93:80:c4:7d:7e:0d:9f:90:7c:f5:22:95:4e:
a1:16:84:9f:3b:05:6b:84:fc:95:2a:54:81:cf:27:b7:ec:87:
27:3c:53:34:64:75:0b:37:49:be:26:30:7a:62:dc:98:a7:cf:
73:10:f6:c8:eb:41:aa:f1:d1:08:18:aa:91:68:a5:9c:cf:7e:
23:6a:6b:e7:d3:6e:97:70:a1:e3:43:a3:0b:e8:b8:14:ec:c4:
ae:78:15:90:d6:f4:1a:05:9a:99:6b:a4:7f:38:94:3d:c1:00:
ed:9d:05:f9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NjA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFFODVFQzY2QzNDM0Mx
MDE5RDhGOUEzMTRDMDIzMzZERUJCNTlBQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbuMkh4/nNj9J5JZxy4UJfVeZR5owdWITy+2lGGjpBwdxlMaQD
DiyUUNKAcf/Pwi23GVDOs3U4czSs3yrgg8KcV/vmclRDYMnI+5bCQOclm4vfwps2
9UDw/YFpHIIoNesyDRw3q+HfYkqldsnH7M1nGb7Q4Ld+mOJOhMrWoe6DUA7vn41F
FAHprH2g6d4LFzOb5DZmE1YL8JYaD8XDFp4Il7ODELoTgyM1jIjUZAIHoyq4AViP
XP1doKzq/uzWAMtTcrIHGdBSAE5G84etaod/cVAfmQye0p8dN6Qkdd1nnrEZHg6h
pP87D9GCNpTGC3rtXL+6FfBSqv/8blDe2+I1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUroXsZsPDwQGdj5oxTAIzbeu1mq4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yb1hzWnNQRHdRR2RqNW94
VEFJemJldTFtcTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAA3Z36PmRLMSpukVemJKTU0r7rb3KVNT0EyI
nPHBZF0+aVEuM4RJ8PTq+2nHWGBj4+wRq5cetvt5m+0wf0KbxqADWIp3AdZFqj0O
6qWizTkwt6I+QflLVdcqzNSt6JDRo9qrQ+ViNgvrtuYdnd/YtGvNrO0GXE5x+jI/
aFo18D35RBLraHW9Z5wu4HDFYb7JdvJSBfH0k4DEfX4Nn5B89SKVTqEWhJ87BWuE
/JUqVIHPJ7fshyc8UzRkdQs3Sb4mMHpi3Jinz3MQ9sjrQarx0QgYqpFopZzPfiNq
a+fTbpdwoeNDowvouBTsxK54FZDW9BoFmplrpH84lD3BAO2dBfk=
-----END CERTIFICATE-----
Generated at Sat May 17 23:56:11 2025 by rpki-client