Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/owVga5-DJM6cZd-rfeGU8xmLC8M.roa
File: owVga5-DJM6cZd-rfeGU8xmLC8M.roa (raw, json)
Hash identifier: doRa2fuS+R1Ar0Fs52BBROJTth7Dqmoe8TbBOXY0aZE=
Subject key identifier: A3:05:60:6B:9F:83:24:CE:9C:65:DF:AB:7D:E1:94:F3:19:8B:0B:C3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0844
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/owVga5-DJM6cZd-rfeGU8xmLC8M.roa
Signing time: Sun 18 May 2025 02:38:14 +0000
ROA not before: Sun 18 May 2025 02:38:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2116 (0x844)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 02:38:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A305606B9F8324CE9C65DFAB7DE194F3198B0BC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0a:05:02:96:15:97:f1:d2:d0:97:ec:d7:a1:
30:86:80:de:8b:ec:9b:d5:f7:87:93:0a:d6:5f:4b:
fc:33:f9:2a:75:5a:b5:a8:6a:eb:e5:cb:e2:63:97:
3b:83:ee:07:86:b8:98:62:5b:d7:4e:5d:74:ab:5a:
ec:59:83:0c:b0:c3:42:70:19:87:d4:b1:76:c5:36:
c9:02:af:3d:b5:09:a1:7d:6b:65:c8:38:9f:de:dd:
0c:76:d8:5f:36:1a:5f:6b:6b:f1:54:bb:60:71:1c:
2c:ef:6f:d2:46:ce:45:e0:2b:68:60:83:84:55:26:
1b:03:90:f0:c9:5f:ce:8b:bf:5a:03:2d:f4:39:5b:
ed:94:20:4a:c3:a1:0f:d6:50:ea:4e:c8:7c:e9:d5:
d5:72:f8:99:a9:a8:2f:49:08:1f:9f:6b:61:75:54:
08:99:30:88:4a:e3:0f:2e:df:e9:39:69:38:6b:67:
f2:e7:22:b3:eb:db:92:4a:b9:4c:7a:bf:e2:ca:e9:
e2:ab:30:6c:27:7a:25:08:fc:ec:bd:6d:af:61:fc:
09:94:3a:99:61:f2:97:0c:1e:5f:a7:25:b0:18:05:
34:99:d0:c9:4a:a9:ab:e9:21:ad:4e:2a:be:f2:9c:
37:08:74:27:15:1f:11:34:90:3d:dd:5c:ca:69:4b:
9e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:05:60:6B:9F:83:24:CE:9C:65:DF:AB:7D:E1:94:F3:19:8B:0B:C3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/owVga5-DJM6cZd-rfeGU8xmLC8M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:1f:2f:b2:61:5e:ee:ee:ab:ae:1d:b2:fe:a8:cf:01:10:b7:
4a:77:7b:14:c8:6e:d7:5b:f3:2e:3a:97:ac:4e:1f:cf:16:7b:
7b:a8:49:45:c7:29:ce:9d:9b:9e:f0:af:98:99:b8:fe:31:5f:
c6:05:26:65:7d:e4:98:b7:b6:26:3c:c9:3c:b6:0f:d5:98:6a:
56:83:d3:8d:99:34:e0:69:03:7d:e3:1c:4c:37:c4:94:46:9e:
d2:e9:a4:a4:09:4c:71:bb:da:ae:3f:08:2f:a0:c7:96:55:e9:
51:a8:21:aa:38:f9:5a:e3:56:46:cd:e6:a0:0f:3b:c3:d3:b4:
79:70:34:3f:df:bc:53:c1:6a:1a:98:6c:2c:bf:57:62:d2:51:
be:c2:e8:c8:8e:3f:98:8f:d0:ed:63:8a:25:3b:ab:df:65:21:
76:ae:3a:5a:6f:63:99:b0:61:ac:a4:cd:14:82:e6:bb:a3:ca:
d7:27:85:0c:ca:78:c5:34:9d:c4:1a:23:eb:da:6f:4d:4e:df:
77:eb:f6:ff:b6:c7:7b:16:60:73:f8:48:ec:14:c2:80:cc:07:
cf:b0:11:f0:ca:fa:78:04:27:96:63:ac:81:d6:16:5e:36:13:
aa:b3:d1:a8:e2:74:bc:ad:ea:07:09:48:24:c9:fa:d9:e2:89:
45:46:1e:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCEQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
MjM4MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEzMDU2MDZCOUY4MzI0
Q0U5QzY1REZBQjdERTE5NEYzMTk4QjBCQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4CgUClhWX8dLQl+zXoTCGgN6L7JvV94eTCtZfS/wz+Sp1WrWo
auvly+JjlzuD7geGuJhiW9dOXXSrWuxZgwyww0JwGYfUsXbFNskCrz21CaF9a2XI
OJ/e3Qx22F82Gl9ra/FUu2BxHCzvb9JGzkXgK2hgg4RVJhsDkPDJX86Lv1oDLfQ5
W+2UIErDoQ/WUOpOyHzp1dVy+JmpqC9JCB+fa2F1VAiZMIhK4w8u3+k5aThrZ/Ln
IrPr25JKuUx6v+LK6eKrMGwneiUI/Oy9ba9h/AmUOplh8pcMHl+nJbAYBTSZ0MlK
qavpIa1OKr7ynDcIdCcVHxE0kD3dXMppS57vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUowVga5+DJM6cZd+rfeGU8xmLC8MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vd1ZnYTUtREpNNmNaZC1y
ZmVHVTh4bUxDOE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABgfL7JhXu7uq64dsv6ozwEQt0p3exTIbtdb
8y46l6xOH88We3uoSUXHKc6dm57wr5iZuP4xX8YFJmV95Ji3tiY8yTy2D9WYalaD
042ZNOBpA33jHEw3xJRGntLppKQJTHG72q4/CC+gx5ZV6VGoIao4+VrjVkbN5qAP
O8PTtHlwND/fvFPBahqYbCy/V2LSUb7C6MiOP5iP0O1jiiU7q99lIXauOlpvY5mw
YaykzRSC5rujytcnhQzKeMU0ncQaI+vab01O33fr9v+2x3sWYHP4SOwUwoDMB8+w
EfDK+ngEJ5ZjrIHWFl42E6qz0ajidLyt6gcJSCTJ+tniiUVGHgY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:09:57 2025 by rpki-client