Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/pO9fqCbjdg1IflF8droFt0BCvgQ.roa
File: pO9fqCbjdg1IflF8droFt0BCvgQ.roa (raw, json)
Hash identifier: p62ckcPo5jGRu8/uIP9DOoHViyAKhLWND0YwivSD5qc=
Subject key identifier: A4:EF:5F:A8:26:E3:76:0D:48:7E:51:7C:76:BA:05:B7:40:42:BE:04
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B90
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pO9fqCbjdg1IflF8droFt0BCvgQ.roa
Signing time: Thu 22 May 2025 12:08:24 +0000
ROA not before: Thu 22 May 2025 12:08:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2960 (0xb90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 12:08:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A4EF5FA826E3760D487E517C76BA05B74042BE04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:68:9d:6f:d7:73:1a:3f:55:fc:4b:55:df:a3:
26:c2:b1:a0:e6:0c:ce:43:82:d8:bf:ab:42:40:95:
49:e0:73:42:66:70:3b:6e:e6:c5:86:e2:b0:bf:19:
be:fa:7c:6d:f3:dc:b5:69:76:de:6f:51:4c:74:4b:
fb:9c:4f:8a:fb:ac:53:7e:f5:d9:c2:96:1c:d7:67:
1e:a8:dc:ae:f9:bc:4f:3a:a7:7e:42:f4:29:73:51:
4d:9b:c5:de:12:a9:f0:84:7b:a1:2e:43:dd:b5:1a:
44:58:bd:48:32:a3:3e:46:8f:61:50:08:98:9c:fd:
b3:3e:27:82:ce:49:de:d6:05:4f:58:ca:cc:9f:49:
e8:4f:1b:29:6f:d4:80:c5:f1:a8:e6:6e:67:03:38:
53:a0:09:6a:05:b6:46:b2:e8:cc:22:ec:ca:da:80:
c1:d0:4c:f3:92:1b:5f:a2:ea:43:d5:13:f2:57:b6:
bc:ff:09:77:8f:78:7f:53:4a:c9:9d:2a:5b:b0:59:
a4:cb:2b:45:3f:8b:df:a8:9c:39:92:93:9d:ba:a8:
90:15:a9:15:90:5d:03:a1:ca:1e:3c:b9:ca:f9:2d:
31:2e:9b:53:09:36:42:57:93:38:fc:a3:9d:b5:4b:
0c:ce:cc:2a:db:95:0a:6f:01:84:3e:9a:ba:13:a0:
06:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EF:5F:A8:26:E3:76:0D:48:7E:51:7C:76:BA:05:B7:40:42:BE:04
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pO9fqCbjdg1IflF8droFt0BCvgQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:d7:92:c8:99:fe:f8:3f:7b:11:60:ae:d1:dd:6e:22:e0:ac:
b0:ed:2d:96:03:e5:c8:e8:9c:31:c9:9d:db:dc:b9:99:b9:ed:
28:d1:b6:29:af:80:0a:b6:a7:c8:ca:fa:88:a3:b7:9a:9f:f9:
8c:2a:a0:82:cc:94:13:13:b1:8d:51:84:db:df:dc:3f:f8:5a:
a3:7b:a8:e2:b3:05:40:93:0b:29:75:6d:75:24:10:32:9f:8c:
8a:82:72:c0:48:19:a5:01:46:a2:e4:e2:7e:a6:fb:ea:74:99:
e4:96:49:91:54:9e:e2:a3:c4:d6:60:94:41:2d:48:98:8d:ac:
e6:ba:07:c1:53:74:67:97:c9:f3:d6:2e:91:1a:8a:a0:12:15:
c9:2d:19:06:a1:ca:6a:17:0d:4b:fc:49:38:04:45:b1:ff:61:
6a:7c:19:56:64:e6:dd:77:bd:aa:40:93:94:cd:c7:07:0d:7f:
cb:0b:84:2c:c8:a3:80:8b:00:5e:7d:5b:49:c2:3c:c5:f1:f0:
4a:d6:a0:dd:14:5b:ec:4a:46:47:df:cd:95:3c:81:fc:dd:42:
31:b2:44:1e:36:f3:c9:87:af:4e:b0:eb:23:d1:cd:14:54:7b:
89:45:74:ff:d0:4f:81:6c:a8:f4:3b:64:19:fb:19:f8:88:90:
34:c8:d5:c6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
MjA4MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE0RUY1RkE4MjZFMzc2
MEQ0ODdFNTE3Qzc2QkEwNUI3NDA0MkJFMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoaJ1v13MaP1X8S1XfoybCsaDmDM5Dgti/q0JAlUngc0JmcDtu
5sWG4rC/Gb76fG3z3LVpdt5vUUx0S/ucT4r7rFN+9dnClhzXZx6o3K75vE86p35C
9ClzUU2bxd4SqfCEe6EuQ921GkRYvUgyoz5Gj2FQCJic/bM+J4LOSd7WBU9Yysyf
SehPGylv1IDF8ajmbmcDOFOgCWoFtkay6Mwi7MragMHQTPOSG1+i6kPVE/JXtrz/
CXePeH9TSsmdKluwWaTLK0U/i9+onDmSk526qJAVqRWQXQOhyh48ucr5LTEum1MJ
NkJXkzj8o521SwzOzCrblQpvAYQ+mroToAYtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpO9fqCbjdg1IflF8droFt0BCvgQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wTzlmcUNiamRnMUlmbEY4
ZHJvRnQwQkN2Z1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAE7XksiZ/vg/exFgrtHdbiLgrLDtLZYD5cjo
nDHJndvcuZm57SjRtimvgAq2p8jK+oijt5qf+YwqoILMlBMTsY1RhNvf3D/4WqN7
qOKzBUCTCyl1bXUkEDKfjIqCcsBIGaUBRqLk4n6m++p0meSWSZFUnuKjxNZglEEt
SJiNrOa6B8FTdGeXyfPWLpEaiqASFcktGQahymoXDUv8STgERbH/YWp8GVZk5t13
vapAk5TNxwcNf8sLhCzIo4CLAF59W0nCPMXx8ErWoN0UW+xKRkffzZU8gfzdQjGy
RB4288mHr06w6yPRzRRUe4lFdP/QT4FsqPQ7ZBn7GfiIkDTI1cY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:56:14 2025 by rpki-client