Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fBK6ROjlZE-0oNYryGJ4RbjmXfE.roa
File: fBK6ROjlZE-0oNYryGJ4RbjmXfE.roa (raw, json)
Hash identifier: uxjl3eJ2sP4CnfL2dFzhkE13WdBB9GtUGcZjG91rN7k=
Subject key identifier: 7C:12:BA:44:E8:E5:64:4F:B4:A0:D6:2B:C8:62:78:45:B8:E6:5D:F1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0980
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fBK6ROjlZE-0oNYryGJ4RbjmXfE.roa
Signing time: Mon 19 May 2025 18:08:11 +0000
ROA not before: Mon 19 May 2025 18:08:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2432 (0x980)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 18:08:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7C12BA44E8E5644FB4A0D62BC8627845B8E65DF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:43:74:ad:ff:c8:d5:a1:82:eb:41:ea:f1:79:
b8:25:4a:d0:b5:d2:4c:29:d6:c2:ef:ce:34:44:aa:
2f:e1:1b:a4:96:b3:4f:e7:7a:92:00:3a:63:f4:f4:
b3:80:b5:86:b8:7a:bb:4f:11:de:2b:20:32:9f:6f:
87:dc:f5:96:67:fe:76:aa:2f:0e:71:a1:99:ce:20:
c3:6a:64:8e:fb:c1:e6:95:08:7d:bf:05:bc:09:77:
97:eb:48:e5:24:ee:b0:a9:9f:9f:9a:04:e8:97:89:
e9:26:ca:43:1f:d1:c2:1d:24:d8:be:ad:e4:1d:1b:
87:30:37:91:7c:8f:65:5f:bd:4d:16:6a:05:ee:73:
5d:18:8d:f8:8e:86:e9:65:76:73:98:84:f7:3b:39:
49:21:de:0f:e3:6b:c3:81:fe:be:81:06:8b:83:db:
dc:f0:3c:78:23:d4:a2:1e:b2:5e:7a:75:aa:a9:49:
99:f8:07:f1:1b:9d:3e:14:74:7a:a0:29:0b:21:8e:
18:40:33:76:fc:0e:85:53:1b:e8:c1:7b:ea:29:e4:
f3:af:70:2d:c7:16:72:fd:fc:ea:6d:86:6c:02:28:
b1:a5:96:12:96:7b:48:b8:2f:bc:06:22:87:03:e4:
89:16:da:43:d9:8a:49:cc:85:a1:30:5b:74:a5:77:
d9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:12:BA:44:E8:E5:64:4F:B4:A0:D6:2B:C8:62:78:45:B8:E6:5D:F1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fBK6ROjlZE-0oNYryGJ4RbjmXfE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:49:9e:97:87:5a:9c:4e:eb:a1:3f:61:73:b8:ea:c2:a0:af:
09:22:d2:0b:4c:56:ed:48:7d:78:4d:8f:85:1b:0f:ba:41:36:
39:15:c2:a7:b6:52:28:85:eb:18:ab:94:d0:74:c0:64:a8:a2:
a6:62:ce:e9:74:49:06:82:24:2e:ac:73:c1:45:4d:05:b9:78:
b5:e7:83:ee:5d:4a:e4:5c:52:cf:24:d2:0d:25:0e:36:aa:61:
c0:bf:9b:71:01:03:8b:4e:bd:8e:dd:69:17:86:3d:80:35:12:
c7:f2:c7:9f:fd:bc:7f:67:a2:b5:ab:e7:2c:67:49:7f:48:bb:
10:af:7c:ee:39:db:6a:72:93:91:93:d1:dd:fb:7d:d9:24:1b:
99:00:07:c1:da:fd:ab:32:51:66:e5:d5:fc:ae:1b:b4:ce:4a:
06:16:35:e0:d6:bf:0d:ff:98:1f:9c:13:42:fd:e1:26:08:f6:
c4:2e:91:89:52:61:f4:e3:16:c2:c4:2a:3a:ec:8a:a3:f1:9d:
a8:29:1b:0c:a0:e7:b2:d5:1c:de:2a:b9:45:fe:bf:f1:70:85:
d5:d0:5f:58:f9:80:05:83:33:bc:2b:6d:10:ee:fe:f9:12:4e:
88:26:9b:61:4a:b4:a6:72:52:bd:2f:45:2b:9f:f1:cf:ac:6a:
a5:fe:ec:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCYAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkx
ODA4MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdDMTJCQTQ0RThFNTY0
NEZCNEEwRDYyQkM4NjI3ODQ1QjhFNjVERjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJQ3St/8jVoYLrQerxebglStC10kwp1sLvzjREqi/hG6SWs0/n
epIAOmP09LOAtYa4ertPEd4rIDKfb4fc9ZZn/naqLw5xoZnOIMNqZI77weaVCH2/
BbwJd5frSOUk7rCpn5+aBOiXiekmykMf0cIdJNi+reQdG4cwN5F8j2VfvU0WagXu
c10YjfiOhulldnOYhPc7OUkh3g/ja8OB/r6BBouD29zwPHgj1KIesl56daqpSZn4
B/EbnT4UdHqgKQshjhhAM3b8DoVTG+jBe+op5POvcC3HFnL9/OpthmwCKLGllhKW
e0i4L7wGIocD5IkW2kPZiknMhaEwW3Sld9kNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfBK6ROjlZE+0oNYryGJ4RbjmXfEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mQks2Uk9qbFpFLTBvTlly
eUdKNFJiam1YZkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIdJnpeHWpxO66E/YXO46sKgrwki0gtMVu1I
fXhNj4UbD7pBNjkVwqe2UiiF6xirlNB0wGSooqZizul0SQaCJC6sc8FFTQW5eLXn
g+5dSuRcUs8k0g0lDjaqYcC/m3EBA4tOvY7daReGPYA1Esfyx5/9vH9norWr5yxn
SX9IuxCvfO4522pyk5GT0d37fdkkG5kAB8Ha/asyUWbl1fyuG7TOSgYWNeDWvw3/
mB+cE0L94SYI9sQukYlSYfTjFsLEKjrsiqPxnagpGwyg57LVHN4quUX+v/FwhdXQ
X1j5gAWDM7wrbRDu/vkSTogmm2FKtKZyUr0vRSuf8c+saqX+7FM=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:03:19 2025 by rpki-client