Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Oo8mCMtif8fCXMOk-nQ0IdgXCJE.roa
File: Oo8mCMtif8fCXMOk-nQ0IdgXCJE.roa (raw, json)
Hash identifier: RV2KAgWhvXYQUw7hpBAVtf7JgaKznLNe7wg0ZNMrc7I=
Subject key identifier: 3A:8F:26:08:CB:62:7F:C7:C2:5C:C3:A4:FA:74:34:21:D8:17:08:91
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0968
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Oo8mCMtif8fCXMOk-nQ0IdgXCJE.roa
Signing time: Mon 19 May 2025 15:08:10 +0000
ROA not before: Mon 19 May 2025 15:08:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2408 (0x968)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 15:08:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3A8F2608CB627FC7C25CC3A4FA743421D8170891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:24:06:00:6d:03:d6:ac:18:68:d7:85:c7:98:
15:eb:f4:6f:32:5f:a0:64:87:8f:ff:da:63:c5:79:
d1:77:01:10:01:b8:c0:fa:cc:3e:8f:e4:f0:04:4b:
a7:f1:c3:4b:9c:7c:20:07:fe:66:28:81:c3:84:29:
ed:9f:6c:9e:ef:3b:95:94:36:21:19:31:c7:2e:c2:
6c:df:f5:04:7c:80:fe:4c:6d:82:5d:50:ca:31:75:
db:56:0a:50:c2:d1:71:69:cc:cd:57:3c:c9:f5:72:
6f:5f:96:d5:d4:54:3a:86:f9:3b:d8:b5:7c:ae:a5:
a3:b6:d1:d7:95:24:b5:7f:0c:fc:38:78:8a:e3:0c:
82:4d:31:a0:02:b0:e8:ea:85:c2:6a:9b:2d:85:8e:
c6:20:95:08:86:68:e3:1b:da:80:44:c2:a1:7e:ca:
ae:35:99:a2:eb:1c:99:12:e6:91:89:5d:ab:f9:63:
41:be:8c:d0:5c:f5:c0:f6:51:dc:93:c2:24:5b:a4:
0a:9f:93:58:7e:4b:0c:fa:76:76:07:72:02:ea:df:
49:70:c8:d8:fe:e5:91:ed:1b:96:48:c3:a5:66:16:
db:27:59:c7:77:86:8d:d7:32:23:f9:ad:0b:fb:b4:
a9:e1:08:86:f9:2e:33:48:69:62:4f:ce:84:32:ae:
bc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8F:26:08:CB:62:7F:C7:C2:5C:C3:A4:FA:74:34:21:D8:17:08:91
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Oo8mCMtif8fCXMOk-nQ0IdgXCJE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:bb:51:16:28:34:10:ea:6d:06:3f:18:02:a7:10:ee:ff:fd:
9c:39:4a:da:5e:ee:94:5f:4a:37:e4:14:41:89:d0:d5:66:c3:
65:69:d8:4f:2d:61:24:25:32:18:57:d4:b1:8b:28:29:e3:c5:
b8:5a:68:f5:e8:67:de:3f:b0:bd:cb:ad:dc:89:3e:b4:d6:09:
d7:09:94:1d:c0:8b:03:a5:08:79:a3:41:8b:25:65:8d:ba:5a:
ef:0c:6f:14:ec:00:3d:77:f4:8b:fb:f1:da:59:62:05:db:26:
6f:15:ce:2e:39:bd:71:26:cf:ad:16:09:f2:7d:a7:f0:d6:29:
8f:78:71:02:21:71:c8:de:64:99:2a:7b:ff:8a:aa:0c:26:19:
36:12:c1:ec:c8:a7:b7:3c:21:fb:e9:84:d3:11:bb:bf:89:a6:
34:97:d4:b6:2f:92:8f:4e:be:0b:d2:c6:f7:3c:70:e2:78:c5:
e7:29:91:e8:40:19:c1:9b:1b:f2:87:d5:ca:53:a0:ec:3d:4e:
51:35:aa:67:00:8c:84:c7:98:a7:17:3a:dc:54:67:60:2b:be:
b9:36:7f:f5:a9:c8:5d:18:e6:6b:2d:0e:15:35:7f:90:97:c4:
86:aa:b8:69:84:dc:76:01:df:00:c2:9c:dd:1f:57:00:08:1b:
df:b9:87:9d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkx
NTA4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNBOEYyNjA4Q0I2MjdG
QzdDMjVDQzNBNEZBNzQzNDIxRDgxNzA4OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1JAYAbQPWrBho14XHmBXr9G8yX6Bkh4//2mPFedF3ARABuMD6
zD6P5PAES6fxw0ucfCAH/mYogcOEKe2fbJ7vO5WUNiEZMccuwmzf9QR8gP5MbYJd
UMoxddtWClDC0XFpzM1XPMn1cm9fltXUVDqG+TvYtXyupaO20deVJLV/DPw4eIrj
DIJNMaACsOjqhcJqmy2FjsYglQiGaOMb2oBEwqF+yq41maLrHJkS5pGJXav5Y0G+
jNBc9cD2UdyTwiRbpAqfk1h+Swz6dnYHcgLq30lwyNj+5ZHtG5ZIw6VmFtsnWcd3
ho3XMiP5rQv7tKnhCIb5LjNIaWJPzoQyrrynAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOo8mCMtif8fCXMOk+nQ0IdgXCJEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PbzhtQ010aWY4ZkNYTU9r
LW5RMElkZ1hDSkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEm7URYoNBDqbQY/GAKnEO7//Zw5Stpe7pRf
SjfkFEGJ0NVmw2Vp2E8tYSQlMhhX1LGLKCnjxbhaaPXoZ94/sL3LrdyJPrTWCdcJ
lB3AiwOlCHmjQYslZY26Wu8MbxTsAD139Iv78dpZYgXbJm8Vzi45vXEmz60WCfJ9
p/DWKY94cQIhccjeZJkqe/+KqgwmGTYSwezIp7c8IfvphNMRu7+JpjSX1LYvko9O
vgvSxvc8cOJ4xecpkehAGcGbG/KH1cpToOw9TlE1qmcAjITHmKcXOtxUZ2Arvrk2
f/WpyF0Y5mstDhU1f5CXxIaquGmE3HYB3wDCnN0fVwAIG9+5h50=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:00:04 2025 by rpki-client