Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_O6M5PO814NbUPRoi4ImbK14El0.roa
File: _O6M5PO814NbUPRoi4ImbK14El0.roa (raw, json)
Hash identifier: hTn0fR+dfaslIywRBqSDR6a+tg87vhLAfL61iE9WIuw=
Subject key identifier: FC:EE:8C:E4:F3:BC:D7:83:5B:50:F4:68:8B:82:26:6C:AD:78:12:5D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 072C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_O6M5PO814NbUPRoi4ImbK14El0.roa
Signing time: Fri 16 May 2025 15:38:04 +0000
ROA not before: Fri 16 May 2025 15:38:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1836 (0x72c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 15:38:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FCEE8CE4F3BCD7835B50F4688B82266CAD78125D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ac:f4:b7:c9:fe:d1:c5:86:66:a6:f0:f5:5d:
09:bb:d7:62:7e:e2:0e:05:fe:75:28:79:e2:bb:a3:
08:eb:54:ee:b2:d6:99:a4:ec:ee:95:44:fc:76:84:
4f:3e:05:7d:fc:bc:fa:15:e5:e3:e7:1d:98:af:cc:
b4:f9:66:a3:d1:82:dd:c9:3a:ce:3e:7b:d0:96:1c:
75:43:ca:08:75:2d:5b:f2:0f:f4:a7:5e:5d:6c:08:
f5:77:94:bb:32:72:ee:76:3c:df:f5:4a:44:d6:e6:
43:b4:a9:8c:40:ce:17:77:8c:28:99:fb:9d:a7:79:
8a:2e:8a:0d:45:17:b4:c1:af:f4:68:59:fd:19:48:
66:7e:27:3a:8f:61:7d:fb:a2:5b:b1:37:69:fc:be:
d9:f7:d7:4e:1d:b8:e9:ba:fc:1c:06:0c:52:42:03:
ba:21:62:1c:3e:eb:a5:dd:7b:61:97:30:e5:6a:d4:
5a:20:4f:5b:35:74:7f:d6:69:ee:51:38:24:94:d9:
b4:99:b8:86:3c:17:85:9f:bf:69:3c:11:83:19:df:
ce:44:41:ea:f1:7b:04:db:ac:27:b4:54:5d:b4:c1:
60:65:8b:e9:e0:76:cd:00:85:46:80:40:2e:61:24:
14:15:60:f6:aa:a6:73:38:6f:cd:c7:0a:26:a7:4a:
1d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:EE:8C:E4:F3:BC:D7:83:5B:50:F4:68:8B:82:26:6C:AD:78:12:5D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_O6M5PO814NbUPRoi4ImbK14El0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:3b:44:7f:4b:a9:a4:16:77:56:3d:3e:ef:ec:07:61:cb:6c:
04:84:1a:6a:86:79:a3:fe:49:d5:9a:7b:15:93:cb:24:92:59:
4d:1b:6f:97:c0:7a:3a:08:fa:9b:b2:0d:b5:c0:66:41:65:85:
fc:1a:b1:2a:df:b1:c1:60:03:22:d8:a7:86:78:09:61:4d:a1:
ad:68:34:4d:28:72:be:50:87:ae:d9:8f:24:02:dc:4e:1a:ce:
df:9a:ff:a0:7b:d9:50:b4:fa:3c:9a:82:46:9f:e8:a9:5d:0e:
35:98:79:50:06:f4:ee:ad:35:fc:49:f5:d2:20:04:19:8b:55:
32:9a:8b:07:6b:27:2b:4d:ec:af:77:ba:f6:96:2c:2f:ed:e3:
a8:63:82:0d:de:dd:e3:26:d7:ba:00:99:0d:de:19:65:56:33:
4e:85:74:d9:65:9e:7b:10:8e:fb:a2:cf:c0:c5:c9:81:aa:ff:
ed:19:37:53:22:d2:db:a7:6b:c2:b2:eb:64:83:56:35:8c:dc:
08:c3:d1:00:18:da:7b:2d:98:b1:4c:82:27:38:3d:10:54:c2:
6c:41:ad:71:af:8b:03:59:51:1e:42:7a:d7:ab:54:9e:c9:08:
77:89:b2:90:6f:fd:8e:16:eb:55:9f:c0:96:75:b3:c0:71:58:
8a:00:e3:e3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBywwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
NTM4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZDRUU4Q0U0RjNCQ0Q3
ODM1QjUwRjQ2ODhCODIyNjZDQUQ3ODEyNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTrPS3yf7RxYZmpvD1XQm712J+4g4F/nUoeeK7owjrVO6y1pmk
7O6VRPx2hE8+BX38vPoV5ePnHZivzLT5ZqPRgt3JOs4+e9CWHHVDygh1LVvyD/Sn
Xl1sCPV3lLsycu52PN/1SkTW5kO0qYxAzhd3jCiZ+52neYouig1FF7TBr/RoWf0Z
SGZ+JzqPYX37oluxN2n8vtn3104duOm6/BwGDFJCA7ohYhw+66Xde2GXMOVq1Fog
T1s1dH/Wae5ROCSU2bSZuIY8F4Wfv2k8EYMZ385EQerxewTbrCe0VF20wWBli+ng
ds0AhUaAQC5hJBQVYPaqpnM4b83HCianSh2PAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/O6M5PO814NbUPRoi4ImbK14El0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fTzZNNVBPODE0TmJVUFJv
aTRJbWJLMTRFbDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJQ7RH9LqaQWd1Y9Pu/sB2HLbASEGmqGeaP+
SdWaexWTyySSWU0bb5fAejoI+puyDbXAZkFlhfwasSrfscFgAyLYp4Z4CWFNoa1o
NE0ocr5Qh67ZjyQC3E4azt+a/6B72VC0+jyagkaf6KldDjWYeVAG9O6tNfxJ9dIg
BBmLVTKaiwdrJytN7K93uvaWLC/t46hjgg3e3eMm17oAmQ3eGWVWM06FdNllnnsQ
jvuiz8DFyYGq/+0ZN1Mi0tuna8Ky62SDVjWM3AjD0QAY2nstmLFMgic4PRBUwmxB
rXGviwNZUR5CeterVJ7JCHeJspBv/Y4W61WfwJZ1s8BxWIoA4+M=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:52:07 2025 by rpki-client