Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-iXUQljT1CbeRgsO32olFjeHm6M.roa
File: -iXUQljT1CbeRgsO32olFjeHm6M.roa (raw, json)
Hash identifier: w99vaENhrwFF+xvWfTE2FF1o/Kr8UulNHqRFaktFUT4=
Subject key identifier: FA:25:D4:42:58:D3:D4:26:DE:46:0B:0E:DF:6A:25:16:37:87:9B:A3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E20
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-iXUQljT1CbeRgsO32olFjeHm6M.roa
Signing time: Sun 25 May 2025 22:08:38 +0000
ROA not before: Sun 25 May 2025 22:08:38 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3616 (0xe20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 22:08:38 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FA25D44258D3D426DE460B0EDF6A251637879BA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:16:fb:59:07:d3:8b:f6:16:33:9a:88:e4:fd:
11:83:4b:73:a3:5f:1f:ff:6b:2f:54:1c:e0:9c:be:
8d:cb:e5:e3:16:58:77:c9:55:a0:44:4c:98:41:17:
26:30:17:fa:17:d2:0f:0a:29:bc:36:52:da:18:66:
60:ab:4a:24:3a:b2:59:30:ae:a5:a3:5e:08:f2:d4:
54:97:34:d9:62:ad:25:c1:f2:9f:4a:03:da:ad:71:
b6:d8:43:c6:78:01:1d:d7:a2:44:99:15:7a:09:76:
f2:17:da:65:d6:da:8f:30:91:d5:dd:e5:de:06:9a:
0a:d6:f8:a0:c4:1e:ef:c9:98:01:3d:aa:c0:04:21:
a4:89:85:8f:90:28:f9:66:a8:c9:51:21:d7:4a:47:
0e:dd:e3:ed:dc:45:07:85:5a:10:37:ae:2f:34:e8:
81:69:d2:72:33:6b:ac:1f:a9:df:d6:ec:bd:29:2d:
64:78:3a:51:82:62:8f:da:c9:e9:39:70:eb:38:10:
8f:27:64:72:b2:db:b9:d2:37:ee:7c:c0:2a:1a:22:
68:3c:6a:80:0a:c7:2a:f5:29:6b:b4:c6:7d:cd:c3:
bb:9a:83:e9:08:8e:32:e6:61:04:44:de:ea:9e:5d:
53:ae:8d:95:af:30:a8:c6:f0:59:24:29:31:ea:fa:
0f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:25:D4:42:58:D3:D4:26:DE:46:0B:0E:DF:6A:25:16:37:87:9B:A3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-iXUQljT1CbeRgsO32olFjeHm6M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:15:66:ee:ef:bf:e2:6e:eb:47:d9:9b:82:7c:52:18:b4:ad:
23:2c:5f:72:5f:da:6b:c4:8a:84:65:c7:a8:9a:4d:ca:5b:17:
f3:9f:f1:f7:a2:7c:03:9c:fa:2a:44:3e:8a:45:5d:ad:98:a1:
24:39:fc:bd:dd:c1:cd:99:15:da:45:04:81:80:e4:24:22:0d:
7d:26:71:47:0b:45:33:ab:29:c0:6a:a6:33:e1:4a:87:b2:ad:
d9:a8:b9:3d:f8:9b:3d:4c:de:13:c9:72:16:93:ee:4d:b5:33:
7b:f0:e1:b4:70:2f:81:9c:35:be:3e:c0:f7:10:54:2d:f7:6e:
d0:c1:e6:a9:10:92:22:91:ba:47:07:33:c1:e6:6e:89:24:a0:
1f:c8:50:64:7c:ef:d9:24:5b:27:b5:0b:16:26:fa:be:3a:bb:
27:6b:7d:1e:8c:c8:5e:a5:eb:76:94:8e:9d:4b:86:09:65:e5:
42:4c:6c:8f:6d:ff:03:5c:21:91:5c:e7:bb:4a:71:83:4d:2d:
77:fc:a3:2c:3f:fd:e6:f7:65:39:8d:52:97:0b:ff:68:37:7d:
8d:44:ab:a3:25:48:b7:3b:bc:3d:82:1a:c6:fe:96:90:b6:0d:
b4:0f:77:61:80:7a:75:9c:a5:79:33:0e:0e:4c:35:ad:e5:0f:
25:dd:f9:bc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUy
MjA4MzhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZBMjVENDQyNThEM0Q0
MjZERTQ2MEIwRURGNkEyNTE2Mzc4NzlCQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbFvtZB9OL9hYzmojk/RGDS3OjXx//ay9UHOCcvo3L5eMWWHfJ
VaBETJhBFyYwF/oX0g8KKbw2UtoYZmCrSiQ6slkwrqWjXgjy1FSXNNlirSXB8p9K
A9qtcbbYQ8Z4AR3XokSZFXoJdvIX2mXW2o8wkdXd5d4GmgrW+KDEHu/JmAE9qsAE
IaSJhY+QKPlmqMlRIddKRw7d4+3cRQeFWhA3ri806IFp0nIza6wfqd/W7L0pLWR4
OlGCYo/ayek5cOs4EI8nZHKy27nSN+58wCoaImg8aoAKxyr1KWu0xn3Nw7uag+kI
jjLmYQRE3uqeXVOujZWvMKjG8FkkKTHq+g+VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+iXUQljT1CbeRgsO32olFjeHm6MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8taVhVUWxqVDFDYmVSZ3NP
MzJvbEZqZUhtNk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACcVZu7vv+Ju60fZm4J8Uhi0rSMsX3Jf2mvE
ioRlx6iaTcpbF/Of8feifAOc+ipEPopFXa2YoSQ5/L3dwc2ZFdpFBIGA5CQiDX0m
cUcLRTOrKcBqpjPhSoeyrdmouT34mz1M3hPJchaT7k21M3vw4bRwL4GcNb4+wPcQ
VC33btDB5qkQkiKRukcHM8HmbokkoB/IUGR879kkWye1CxYm+r46uydrfR6MyF6l
63aUjp1Lhgll5UJMbI9t/wNcIZFc57tKcYNNLXf8oyw//eb3ZTmNUpcL/2g3fY1E
q6MlSLc7vD2CGsb+lpC2DbQPd2GAenWcpXkzDg5MNa3lDyXd+bw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:17:37 2025 by rpki-client