Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jNO2PPB5FyEHs6gToLfaa1HuSE0.roa
File: jNO2PPB5FyEHs6gToLfaa1HuSE0.roa (raw, json)
Hash identifier: fLWQxEO2H4i8obvyCwuqK92K2T7BW5f/6DgrTVQLJbc=
Subject key identifier: 8C:D3:B6:3C:F0:79:17:21:07:B3:A8:13:A0:B7:DA:6B:51:EE:48:4D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0ABC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jNO2PPB5FyEHs6gToLfaa1HuSE0.roa
Signing time: Wed 21 May 2025 09:38:18 +0000
ROA not before: Wed 21 May 2025 09:38:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2748 (0xabc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 09:38:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8CD3B63CF079172107B3A813A0B7DA6B51EE484D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:9e:19:74:05:53:63:ef:5b:5b:da:d3:d3:
27:42:d5:f8:25:6d:12:20:58:9c:1b:c9:5d:e2:e9:
53:9e:f7:52:2a:52:98:e9:da:9c:5e:a6:a3:dd:f2:
1d:8f:02:12:68:40:60:b7:99:e3:b8:4c:40:d3:0d:
0b:c9:a6:c1:e9:d7:85:c2:fd:d6:0c:49:61:06:54:
f2:cf:f0:8a:ac:74:7b:86:ea:82:a0:0c:7e:88:f4:
98:9b:2b:28:8c:30:53:be:00:40:31:37:b4:f8:5b:
85:ee:02:0c:d9:e0:79:dc:ad:af:77:27:a3:70:79:
7f:11:e7:b7:c5:f1:69:1b:48:97:50:65:fe:10:69:
3e:ec:3d:45:31:8e:40:7d:18:94:f9:28:c8:be:9d:
84:97:55:92:9c:31:13:ea:54:bd:43:d0:53:15:c9:
f4:0d:c9:28:9a:9e:67:0f:d4:f2:c1:4d:2b:5c:2b:
4e:94:6d:00:ce:b7:c1:2f:bc:7a:15:db:e1:59:fb:
7e:38:8e:87:86:44:b4:f4:5d:bd:dd:77:f6:9e:39:
f8:05:30:58:b7:98:f4:c6:08:0c:59:40:15:fe:5d:
a1:36:cc:43:e2:79:f1:50:45:b1:19:98:7a:20:44:
58:59:a0:24:8b:92:13:76:7f:72:95:0a:12:77:aa:
a2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D3:B6:3C:F0:79:17:21:07:B3:A8:13:A0:B7:DA:6B:51:EE:48:4D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jNO2PPB5FyEHs6gToLfaa1HuSE0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:7d:8c:b9:3f:71:94:63:6f:67:98:a9:9a:c5:88:f3:0f:ea:
40:50:49:2c:75:85:a6:9b:f5:f4:57:f5:62:01:e0:f9:ff:88:
7b:78:e3:1f:fc:a1:33:f3:a9:7e:9f:8c:a3:e1:af:ae:58:99:
3b:ca:a2:2d:7d:77:b8:d9:ba:9d:fb:3c:db:70:bf:05:61:03:
41:e9:23:c6:53:35:cd:e7:87:b6:1e:00:b3:13:b9:07:c0:df:
03:d1:94:21:d0:92:37:3e:cf:1f:a1:00:6b:53:e7:b6:26:74:
dc:ec:89:6a:e2:4a:df:86:4f:3b:d7:bd:e0:4a:02:92:b8:06:
74:01:6b:9f:7b:ee:1e:6a:47:8f:4f:b2:a6:97:d4:bb:24:f6:
e5:cf:87:0e:68:08:f7:03:21:6c:bb:67:68:89:91:66:89:c2:
98:f0:2b:be:53:42:8a:ed:70:b7:53:75:fd:ac:d3:2e:00:2c:
54:15:9c:9c:64:3c:3b:9c:fe:14:01:66:41:bb:3b:b9:b1:f0:
16:e5:b2:8b:9a:9f:ba:76:2d:54:4b:9e:23:19:d8:35:90:be:
4f:cd:07:92:29:13:04:79:f3:5d:51:ec:a2:8b:35:36:ba:ac:
37:6e:3d:2c:3a:70:4d:93:1d:62:d7:92:74:ce:81:50:b9:b1:
43:c6:d8:37
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCrwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
OTM4MThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhDRDNCNjNDRjA3OTE3
MjEwN0IzQTgxM0EwQjdEQTZCNTFFRTQ4NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGjZ4ZdAVTY+9bW9rT0ydC1fglbRIgWJwbyV3i6VOe91IqUpjp
2pxepqPd8h2PAhJoQGC3meO4TEDTDQvJpsHp14XC/dYMSWEGVPLP8IqsdHuG6oKg
DH6I9JibKyiMMFO+AEAxN7T4W4XuAgzZ4Hncra93J6NweX8R57fF8WkbSJdQZf4Q
aT7sPUUxjkB9GJT5KMi+nYSXVZKcMRPqVL1D0FMVyfQNySianmcP1PLBTStcK06U
bQDOt8EvvHoV2+FZ+344joeGRLT0Xb3dd/aeOfgFMFi3mPTGCAxZQBX+XaE2zEPi
efFQRbEZmHogRFhZoCSLkhN2f3KVChJ3qqIPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjNO2PPB5FyEHs6gToLfaa1HuSE0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qTk8yUFBCNUZ5RUhzNmdU
b0xmYWExSHVTRTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADB9jLk/cZRjb2eYqZrFiPMP6kBQSSx1haab
9fRX9WIB4Pn/iHt44x/8oTPzqX6fjKPhr65YmTvKoi19d7jZup37PNtwvwVhA0Hp
I8ZTNc3nh7YeALMTuQfA3wPRlCHQkjc+zx+hAGtT57YmdNzsiWriSt+GTzvXveBK
ApK4BnQBa5977h5qR49PsqaX1Lsk9uXPhw5oCPcDIWy7Z2iJkWaJwpjwK75TQort
cLdTdf2s0y4ALFQVnJxkPDuc/hQBZkG7O7mx8Bblsouan7p2LVRLniMZ2DWQvk/N
B5IpEwR5811R7KKLNTa6rDduPSw6cE2THWLXknTOgVC5sUPG2Dc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 14:28:05 2025 by rpki-client