Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ou_iHkm9crTPDCY901d7yLV2Lxw.roa
File: Ou_iHkm9crTPDCY901d7yLV2Lxw.roa (raw, json)
Hash identifier: boyh1fypnC5R5vMN1/cP6930MOF1kC/UVwso5KvmWY8=
Subject key identifier: 3A:EF:E2:1E:49:BD:72:B4:CF:0C:26:3D:D3:57:7B:C8:B5:76:2F:1C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0950
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ou_iHkm9crTPDCY901d7yLV2Lxw.roa
Signing time: Mon 19 May 2025 12:08:12 +0000
ROA not before: Mon 19 May 2025 12:08:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2384 (0x950)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 12:08:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3AEFE21E49BD72B4CF0C263DD3577BC8B5762F1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:94:a7:3c:68:0c:fb:0c:62:32:ea:ae:21:91:
e1:0a:77:63:28:41:04:d2:3b:8c:f3:23:ce:4d:ee:
84:27:c6:c1:3d:a1:fe:2c:7f:6c:af:5d:d4:3f:0e:
ff:80:ea:9b:6d:a1:a0:a7:db:1d:4c:b4:23:df:3d:
4a:7b:e0:d9:45:2e:70:7f:56:8c:35:55:96:47:83:
b2:34:d2:d1:ba:6e:2d:84:70:f8:be:df:9f:6e:94:
d0:13:7b:69:2c:a4:8b:8a:6c:57:9e:53:f0:a8:db:
9a:a7:43:24:b8:8f:b2:12:47:60:bf:d1:c8:85:c8:
11:76:2d:46:d0:49:25:ef:25:06:61:14:83:22:6b:
a6:21:c4:18:2e:91:d1:bd:7c:5e:aa:ba:43:52:7d:
bd:a5:5d:33:60:2d:bf:fb:21:14:c9:d0:fa:e0:b2:
54:9b:f6:2c:eb:a9:27:45:c4:5e:70:6b:87:28:14:
e5:d4:21:eb:92:14:ed:86:79:71:fa:eb:b3:a2:b1:
23:3f:da:c5:18:6a:0f:5f:ba:7d:bc:48:f2:2a:a7:
78:6c:66:86:b7:78:47:0a:1e:c1:53:ba:66:b2:1c:
aa:67:e0:5a:15:6e:af:d9:54:b2:60:e0:9f:1e:d2:
80:e7:21:31:bf:f3:1d:07:61:14:dd:75:92:af:fd:
47:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EF:E2:1E:49:BD:72:B4:CF:0C:26:3D:D3:57:7B:C8:B5:76:2F:1C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ou_iHkm9crTPDCY901d7yLV2Lxw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:a8:f9:f5:9f:83:36:a1:4c:58:16:81:ea:00:45:37:4a:46:
b3:f8:48:4e:49:bb:6e:a0:c6:35:a3:2f:3d:8c:dc:d3:4e:59:
9c:43:e4:8a:1b:1f:03:9f:0e:73:50:3a:85:10:19:c2:55:83:
f0:8d:38:7e:c6:0d:1a:17:9c:ac:3c:6e:56:ed:8f:96:03:24:
79:83:eb:7b:0c:63:29:ac:4b:2a:29:7e:bb:b6:08:ac:4d:84:
ec:63:a8:7d:58:af:ae:54:bf:d2:09:d4:8b:4a:58:1a:cf:56:
61:56:2a:52:92:3b:ee:e3:7d:32:7e:5b:33:6c:6f:81:d7:1d:
fc:dc:4c:36:3a:5b:82:22:0f:eb:26:af:d4:54:cd:c0:20:28:
b8:35:e6:d4:b9:84:43:2c:e5:42:6a:98:4d:10:fb:06:31:38:
77:96:f6:87:99:a3:3a:f7:1b:de:e4:61:a8:d8:85:ab:7c:7f:
b0:db:d5:e0:4d:70:e1:92:35:3c:76:f1:a1:57:4a:5d:d7:8f:
72:f9:8f:0f:f9:e6:ba:9b:79:c7:bc:80:e8:6e:10:ae:50:23:
6b:56:5d:cc:48:60:f9:fa:6f:4b:c9:6f:36:57:d3:ed:df:5a:
8e:d9:f0:e1:f0:ae:ef:f4:ca:8c:0e:32:a0:48:1e:2c:ef:31:
d7:99:49:50
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCVAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkx
MjA4MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNBRUZFMjFFNDlCRDcy
QjRDRjBDMjYzREQzNTc3QkM4QjU3NjJGMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLlKc8aAz7DGIy6q4hkeEKd2MoQQTSO4zzI85N7oQnxsE9of4s
f2yvXdQ/Dv+A6pttoaCn2x1MtCPfPUp74NlFLnB/Vow1VZZHg7I00tG6bi2EcPi+
359ulNATe2kspIuKbFeeU/Co25qnQyS4j7ISR2C/0ciFyBF2LUbQSSXvJQZhFIMi
a6YhxBgukdG9fF6qukNSfb2lXTNgLb/7IRTJ0PrgslSb9izrqSdFxF5wa4coFOXU
IeuSFO2GeXH667OisSM/2sUYag9fun28SPIqp3hsZoa3eEcKHsFTumayHKpn4FoV
bq/ZVLJg4J8e0oDnITG/8x0HYRTddZKv/Ue1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOu/iHkm9crTPDCY901d7yLV2LxwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PdV9pSGttOWNyVFBEQ1k5
MDFkN3lMVjJMeHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ6o+fWfgzahTFgWgeoARTdKRrP4SE5Ju26g
xjWjLz2M3NNOWZxD5IobHwOfDnNQOoUQGcJVg/CNOH7GDRoXnKw8blbtj5YDJHmD
63sMYymsSyopfru2CKxNhOxjqH1Yr65Uv9IJ1ItKWBrPVmFWKlKSO+7jfTJ+WzNs
b4HXHfzcTDY6W4IiD+smr9RUzcAgKLg15tS5hEMs5UJqmE0Q+wYxOHeW9oeZozr3
G97kYajYhat8f7Db1eBNcOGSNTx28aFXSl3Xj3L5jw/55rqbece8gOhuEK5QI2tW
XcxIYPn6b0vJbzZX0+3fWo7Z8OHwru/0yowOMqBIHizvMdeZSVA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:54:01 2025 by rpki-client