Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_Plw20QUQoyIQ218Nr_0Z8iQN5Q.roa
File: _Plw20QUQoyIQ218Nr_0Z8iQN5Q.roa (raw, json)
Hash identifier: pRiEVL+SVN/SW8O4dWaSr1LCEjRb7lplCVMOOq/9ZYo=
Subject key identifier: FC:F9:70:DB:44:14:42:8C:88:43:6D:7C:36:BF:F4:67:C8:90:37:94
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0A08
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Plw20QUQoyIQ218Nr_0Z8iQN5Q.roa
Signing time: Tue 20 May 2025 11:08:19 +0000
ROA not before: Tue 20 May 2025 11:08:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2568 (0xa08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 11:08:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FCF970DB4414428C88436D7C36BFF467C8903794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a6:30:df:4e:48:4e:26:93:ec:db:eb:44:ee:
e4:10:42:69:ff:0c:b7:92:df:b8:d1:5b:ab:3a:4f:
2f:75:cc:57:e0:e0:32:97:31:11:34:e1:71:b5:92:
a3:c2:c4:44:a2:5c:83:f4:1b:94:e9:fd:3b:ed:30:
b9:f8:d5:d2:2a:b9:8e:56:7d:e1:43:f1:2a:f2:da:
dd:29:cf:21:10:e5:b0:88:12:17:a6:5c:f7:89:cd:
de:a6:c0:fe:54:54:e0:fb:89:7f:10:66:30:c6:b2:
63:10:ba:2d:d4:e2:64:42:39:1b:c4:f8:49:b6:06:
e6:5a:9e:9c:11:45:83:44:55:49:4c:88:ee:a1:8d:
76:c6:ad:cf:a9:37:17:cf:2d:99:13:89:c3:a6:0b:
6f:e0:44:2a:c6:cc:76:e8:c7:ea:2e:a5:ea:6d:d1:
a7:0e:dc:03:6a:e7:a3:89:f9:f8:67:ff:42:8f:b0:
5b:b1:5d:87:08:7c:39:8c:6e:15:f8:56:ff:4e:97:
2d:cc:24:58:03:55:68:fb:91:84:78:c9:de:73:10:
17:09:68:62:70:3d:be:67:3d:b0:7c:80:f6:16:ee:
f1:0f:96:89:d2:ff:f0:26:72:bb:71:93:83:fa:17:
8e:de:31:29:68:63:cb:f9:41:a1:a7:30:4e:34:c6:
7a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F9:70:DB:44:14:42:8C:88:43:6D:7C:36:BF:F4:67:C8:90:37:94
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Plw20QUQoyIQ218Nr_0Z8iQN5Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:ac:2e:ab:53:35:63:ca:ca:26:5e:10:55:37:9e:94:db:ac:
d1:83:31:69:fd:12:e0:fd:94:dc:ca:ce:0c:03:7e:e5:e7:5a:
15:83:20:ce:e1:a8:aa:40:b1:ea:67:12:fe:09:e3:32:a6:d0:
79:4b:c3:5a:3a:7a:93:73:58:af:4e:f3:0d:5f:46:3f:c3:1e:
f6:43:74:7f:74:12:72:6b:3d:66:14:e2:2f:f5:05:07:ad:ae:
5c:c7:c6:65:fc:9d:5a:21:38:dd:7a:1f:33:78:b1:90:b1:08:
02:ed:ff:13:53:f3:ab:41:ac:ee:43:86:d2:33:17:75:b6:24:
20:24:2f:82:4e:79:98:c1:27:e4:2e:00:54:5c:5d:b9:17:a3:
32:26:4b:d8:b1:2a:76:0b:40:5f:60:d1:09:51:50:33:25:30:
40:aa:ea:0e:89:2b:3b:df:39:40:5f:df:7f:38:bd:7f:3e:0c:
28:fc:be:85:58:ca:30:a9:3c:a0:78:b1:36:6c:89:6f:b2:74:
5f:dc:ad:57:d3:dc:e4:c1:c3:92:fb:84:d3:af:a2:20:3c:28:
93:5d:85:9a:c5:89:5e:e6:49:60:35:f5:73:3c:03:3c:83:fd:
9c:3c:de:22:a6:72:b5:a1:20:86:cb:56:65:76:b4:96:97:a6:
b1:96:81:67
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCggwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAx
MTA4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZDRjk3MERCNDQxNDQy
OEM4ODQzNkQ3QzM2QkZGNDY3Qzg5MDM3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFpjDfTkhOJpPs2+tE7uQQQmn/DLeS37jRW6s6Ty91zFfg4DKX
MRE04XG1kqPCxESiXIP0G5Tp/TvtMLn41dIquY5WfeFD8Sry2t0pzyEQ5bCIEhem
XPeJzd6mwP5UVOD7iX8QZjDGsmMQui3U4mRCORvE+Em2BuZanpwRRYNEVUlMiO6h
jXbGrc+pNxfPLZkTicOmC2/gRCrGzHbox+oupept0acO3ANq56OJ+fhn/0KPsFux
XYcIfDmMbhX4Vv9Oly3MJFgDVWj7kYR4yd5zEBcJaGJwPb5nPbB8gPYW7vEPlonS
//Amcrtxk4P6F47eMSloY8v5QaGnME40xnpZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/Plw20QUQoyIQ218Nr/0Z8iQN5QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fUGx3MjBRVVFveUlRMjE4
TnJfMFo4aVFONVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK2sLqtTNWPKyiZeEFU3npTbrNGDMWn9EuD9
lNzKzgwDfuXnWhWDIM7hqKpAsepnEv4J4zKm0HlLw1o6epNzWK9O8w1fRj/DHvZD
dH90EnJrPWYU4i/1BQetrlzHxmX8nVohON16HzN4sZCxCALt/xNT86tBrO5DhtIz
F3W2JCAkL4JOeZjBJ+QuAFRcXbkXozImS9ixKnYLQF9g0QlRUDMlMECq6g6JKzvf
OUBf3384vX8+DCj8voVYyjCpPKB4sTZsiW+ydF/crVfT3OTBw5L7hNOvoiA8KJNd
hZrFiV7mSWA19XM8AzyD/Zw83iKmcrWhIIbLVmV2tJaXprGWgWc=
-----END CERTIFICATE-----
Generated at Sun Jun 22 19:43:10 2025 by rpki-client