Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ooYgsdJZq0iFsS0u0lYgUjBW-FA.roa
File: ooYgsdJZq0iFsS0u0lYgUjBW-FA.roa (raw, json)
Hash identifier: fUkIgW2ghZupBy30ak3dmhTKp8pkx5y5mbA09g6Ey54=
Subject key identifier: A2:86:20:B1:D2:59:AB:48:85:B1:2D:2E:D2:56:20:52:30:56:F8:50
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: BC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ooYgsdJZq0iFsS0u0lYgUjBW-FA.roa
Signing time: Thu 08 May 2025 02:23:58 +0000
ROA not before: Thu 08 May 2025 02:23:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188 (0xbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 02:23:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A28620B1D259AB4885B12D2ED25620523056F850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:63:75:72:90:f9:9f:b1:2b:64:e8:02:87:4d:
06:f4:f2:8e:9d:e9:17:02:97:87:2b:31:3b:ab:4f:
fa:31:09:0e:ab:11:c2:bd:1d:db:ba:21:b7:0f:43:
a5:3e:e1:da:70:d9:c9:fa:06:6b:85:66:68:5b:cb:
5d:1a:c0:d0:8f:b3:86:48:5e:56:a4:2d:7a:bd:05:
ea:ce:75:03:2d:9f:99:c1:87:83:55:50:58:2c:86:
a8:a0:d5:aa:f8:d8:dc:ef:b1:90:11:d4:d4:42:29:
af:1c:c6:63:ea:82:a1:e6:12:6d:03:a2:f3:24:bd:
14:bc:45:50:80:be:f1:a8:d5:7e:1b:ff:d1:71:ce:
64:f4:75:f6:85:65:5a:36:19:52:83:80:b0:7b:ae:
42:e5:59:77:fe:de:0e:db:e4:02:76:9a:c1:4c:d9:
08:9b:4c:a1:63:c0:8b:71:f8:56:dc:ca:df:91:74:
de:6c:e3:32:37:01:7e:06:d0:99:02:db:8e:b9:98:
19:2c:d5:ee:c7:a4:20:52:ea:4c:f3:37:ee:fc:5b:
4e:fb:48:99:cd:20:fb:91:96:f8:78:c1:d0:b8:9b:
ed:17:eb:56:40:21:38:7c:00:6f:79:46:9b:d9:6e:
7f:e8:90:ed:1f:99:20:d3:af:82:a4:39:d8:a7:00:
0e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:86:20:B1:D2:59:AB:48:85:B1:2D:2E:D2:56:20:52:30:56:F8:50
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ooYgsdJZq0iFsS0u0lYgUjBW-FA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:ec:1b:30:fb:ab:cd:10:a0:98:b4:08:2a:b8:69:04:95:70:
a3:8a:87:94:61:21:e5:7c:58:73:44:45:55:96:a0:c0:8f:bb:
d1:a2:9a:ba:cb:6c:3b:57:f7:0a:e3:ff:c0:ea:98:eb:4c:97:
cc:68:27:90:75:9f:e9:66:16:ed:87:2f:64:ef:90:db:f6:34:
2e:b8:48:5e:2e:88:15:bf:f3:89:8c:4c:f7:b4:3f:c9:43:a2:
b5:f6:4d:fe:94:8c:d5:94:b2:da:3a:81:64:7c:98:3a:8f:ae:
27:ad:75:e0:0d:3a:1a:d5:e6:40:7c:91:55:70:2f:f7:85:42:
74:d6:22:d4:f9:6b:7a:df:59:e3:d6:cf:eb:d3:59:98:38:1a:
15:ac:5f:41:4c:74:11:65:c9:21:0b:53:61:b4:1f:f9:3c:59:
ab:16:ec:ab:67:0d:45:31:f9:fc:86:e8:1a:c1:66:0b:91:06:
ef:b9:69:3c:0c:42:ef:5c:32:0f:61:59:2b:8b:e5:29:7e:bf:
bc:f6:72:3e:07:f5:6b:75:bb:2e:4e:b6:88:b7:e2:5a:62:55:
f1:42:6c:79:d0:4d:a6:f4:86:a6:2a:eb:1e:c0:26:ad:60:bc:
8b:4e:1c:39:f4:23:e0:0c:df:55:01:9f:01:75:9e:c7:9a:c4:
5c:78:a3:62
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICALwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
MjIzNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEyODYyMEIxRDI1OUFC
NDg4NUIxMkQyRUQyNTYyMDUyMzA1NkY4NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnY3VykPmfsStk6AKHTQb08o6d6RcCl4crMTurT/oxCQ6rEcK9
Hdu6IbcPQ6U+4dpw2cn6BmuFZmhby10awNCPs4ZIXlakLXq9BerOdQMtn5nBh4NV
UFgshqig1ar42NzvsZAR1NRCKa8cxmPqgqHmEm0DovMkvRS8RVCAvvGo1X4b/9Fx
zmT0dfaFZVo2GVKDgLB7rkLlWXf+3g7b5AJ2msFM2QibTKFjwItx+Fbcyt+RdN5s
4zI3AX4G0JkC2465mBks1e7HpCBS6kzzN+78W077SJnNIPuRlvh4wdC4m+0X61ZA
ITh8AG95RpvZbn/okO0fmSDTr4KkOdinAA4BAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUooYgsdJZq0iFsS0u0lYgUjBW+FAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vb1lnc2RKWnEwaUZzUzB1
MGxZZ1VqQlctRkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJDsGzD7q80QoJi0CCq4aQSVcKOKh5RhIeV8
WHNERVWWoMCPu9GimrrLbDtX9wrj/8DqmOtMl8xoJ5B1n+lmFu2HL2TvkNv2NC64
SF4uiBW/84mMTPe0P8lDorX2Tf6UjNWUsto6gWR8mDqPrietdeANOhrV5kB8kVVw
L/eFQnTWItT5a3rfWePWz+vTWZg4GhWsX0FMdBFlySELU2G0H/k8WasW7KtnDUUx
+fyG6BrBZguRBu+5aTwMQu9cMg9hWSuL5Sl+v7z2cj4H9Wt1uy5Otoi34lpiVfFC
bHnQTab0hqYq6x7AJq1gvItOHDn0I+AM31UBnwF1nseaxFx4o2I=
-----END CERTIFICATE-----
Generated at Sat Jun 21 11:30:36 2025 by rpki-client