Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uOW3CKYQvWz6HUBjD-V_7G7fghs.roa
File: uOW3CKYQvWz6HUBjD-V_7G7fghs.roa (raw, json)
Hash identifier: J6sH8jdanERrDk7Elv8ZvHR6F3o3Gy18B8GN6p5F/n8=
Subject key identifier: B8:E5:B7:08:A6:10:BD:6C:FA:1D:40:63:0F:E5:7F:EC:6E:DF:82:1B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14F8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uOW3CKYQvWz6HUBjD-V_7G7fghs.roa
Signing time: Wed 04 Jun 2025 01:09:17 +0000
ROA not before: Wed 04 Jun 2025 01:09:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5368 (0x14f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 01:09:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B8E5B708A610BD6CFA1D40630FE57FEC6EDF821B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fd:2a:d8:da:07:bc:18:bd:54:e6:17:87:49:
5c:4f:a1:b6:f6:58:f9:c1:4c:f9:ee:93:b6:66:1b:
e1:ad:cb:fa:d8:26:a1:53:8d:1a:07:ce:c5:fb:dd:
6a:fa:b9:9e:c5:12:43:24:a0:7e:6c:da:6c:f6:a5:
a0:e7:1e:c8:e4:c9:90:c6:1f:ad:87:04:7c:54:16:
2d:91:9d:0a:db:ca:19:40:b7:a0:58:a9:c1:4f:9e:
5a:f2:9a:7e:77:7a:f9:04:e5:7b:c0:2c:17:48:fc:
e8:92:09:29:62:d6:63:1f:3b:c8:6f:4c:90:03:75:
fa:68:e8:66:cc:56:49:75:d6:1c:15:1e:6d:8b:5d:
eb:b2:0c:86:a1:38:aa:43:f5:1d:01:84:d1:10:78:
a3:f0:80:9c:00:9f:0a:e4:de:5e:2a:c3:da:fd:75:
37:02:c5:bc:d0:66:9d:04:7f:5c:11:f5:7b:db:7b:
23:86:44:ab:de:b4:99:0c:bb:07:19:b7:36:9a:ef:
7a:27:23:e4:05:39:bd:5f:bc:4c:0a:b6:a2:3a:f3:
6f:99:b6:77:1f:3b:c7:26:c4:4c:ce:39:92:ac:1a:
02:a2:52:42:35:33:bf:ae:be:85:4f:a2:86:64:5f:
af:d0:b2:10:a7:0a:30:b9:e3:54:23:41:d2:7d:78:
f6:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E5:B7:08:A6:10:BD:6C:FA:1D:40:63:0F:E5:7F:EC:6E:DF:82:1B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uOW3CKYQvWz6HUBjD-V_7G7fghs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:77:85:55:ac:66:d2:6a:5d:d7:27:22:fc:7a:c2:42:62:55:
9f:8c:b8:8d:65:ca:18:79:99:66:22:9e:b0:32:29:8d:ac:c7:
25:4b:58:fd:c5:71:3b:b6:41:c2:1a:df:93:80:05:2c:3e:3f:
00:06:26:e2:57:25:91:6c:8b:ae:04:46:58:d7:b4:f5:06:f8:
d6:89:6c:43:94:de:eb:70:eb:da:a1:67:79:f4:68:a4:de:4d:
b2:8a:1c:4a:6f:ea:4a:94:5f:ab:5c:6e:8f:1e:79:27:0b:6c:
1b:22:31:f8:46:f9:aa:d6:91:ee:0f:b1:14:62:fb:28:8b:d2:
bc:0c:4b:36:71:73:8f:63:f3:0c:18:4f:45:93:22:12:52:45:
ec:64:5a:74:9e:23:1e:73:f7:f6:2d:4c:a0:59:29:9f:4e:41:
84:9f:98:b6:95:a2:d9:28:15:cf:7e:56:a9:fb:e2:50:97:b7:
56:61:93:9c:ee:85:80:ff:0f:0c:3d:4f:85:31:e7:e7:20:35:
a0:9f:d8:01:87:62:45:df:c6:b7:31:d5:ad:e1:47:d4:c5:cb:
57:db:de:13:54:e6:a9:0f:8c:5f:b8:f3:1a:0f:46:76:a1:51:
5f:9b:28:e6:b6:8e:f3:06:b5:62:16:7f:b8:00:a0:e8:ae:ac:
8f:b0:b4:c1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFPgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQw
MTA5MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI4RTVCNzA4QTYxMEJE
NkNGQTFENDA2MzBGRTU3RkVDNkVERjgyMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc/SrY2ge8GL1U5heHSVxPobb2WPnBTPnuk7ZmG+Gty/rYJqFT
jRoHzsX73Wr6uZ7FEkMkoH5s2mz2paDnHsjkyZDGH62HBHxUFi2RnQrbyhlAt6BY
qcFPnlrymn53evkE5XvALBdI/OiSCSli1mMfO8hvTJADdfpo6GbMVkl11hwVHm2L
XeuyDIahOKpD9R0BhNEQeKPwgJwAnwrk3l4qw9r9dTcCxbzQZp0Ef1wR9XvbeyOG
RKvetJkMuwcZtzaa73onI+QFOb1fvEwKtqI682+ZtncfO8cmxEzOOZKsGgKiUkI1
M7+uvoVPooZkX6/QshCnCjC541QjQdJ9ePaNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuOW3CKYQvWz6HUBjD+V/7G7fghswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91T1czQ0tZUXZXejZIVUJq
RC1WXzdHN2ZnaHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACJ3hVWsZtJqXdcnIvx6wkJiVZ+MuI1lyhh5
mWYinrAyKY2sxyVLWP3FcTu2QcIa35OABSw+PwAGJuJXJZFsi64ERljXtPUG+NaJ
bEOU3utw69qhZ3n0aKTeTbKKHEpv6kqUX6tcbo8eeScLbBsiMfhG+arWke4PsRRi
+yiL0rwMSzZxc49j8wwYT0WTIhJSRexkWnSeIx5z9/YtTKBZKZ9OQYSfmLaVotko
Fc9+Vqn74lCXt1Zhk5zuhYD/Dww9T4Ux5+cgNaCf2AGHYkXfxrcx1a3hR9TFy1fb
3hNU5qkPjF+48xoPRnahUV+bKOa2jvMGtWIWf7gAoOiurI+wtME=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:32:19 2025 by rpki-client