Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JuMJ-aNOMqG64n0DUg0mwKymCLo.roa
File: JuMJ-aNOMqG64n0DUg0mwKymCLo.roa (raw, json)
Hash identifier: N1nhDuolvMvZv6on0kCWc6M0bW021KmNPjpVvmPxRA4=
Subject key identifier: 26:E3:09:F9:A3:4E:32:A1:BA:E2:7D:03:52:0D:26:C0:AC:A6:08:BA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22C4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JuMJ-aNOMqG64n0DUg0mwKymCLo.roa
Signing time: Sun 22 Jun 2025 22:11:51 +0000
ROA not before: Sun 22 Jun 2025 22:11:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8900 (0x22c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 22:11:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=26E309F9A34E32A1BAE27D03520D26C0ACA608BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:80:f2:3d:0e:b7:f0:a5:b0:5b:f3:7e:a0:aa:
71:24:d4:c6:bb:b4:75:36:80:a6:39:2a:b2:5c:26:
a0:82:92:dd:94:60:06:a9:f3:f6:4a:46:21:48:0b:
f2:a7:e5:db:28:25:08:dd:b2:1c:c3:2b:6f:16:ea:
f3:06:81:99:9d:37:c0:5d:1e:94:c6:0b:df:5c:3e:
03:d4:67:8e:f3:97:c1:98:e8:e8:91:19:06:b5:41:
55:54:c6:39:f4:3a:07:42:c3:f2:e0:15:6e:59:7d:
a2:ff:d2:5d:9f:fb:a4:47:99:7a:b1:2a:f3:22:ac:
a0:c1:5d:3f:44:81:e6:e4:c9:8f:a9:c1:5f:05:c9:
16:15:76:6e:38:85:34:32:59:fc:24:bd:55:00:d6:
ce:80:7a:9c:3c:54:06:4f:a9:6f:97:39:c2:3a:78:
a2:a1:4c:72:76:85:fc:03:cd:07:b7:d0:e1:12:33:
33:f7:e2:47:66:72:72:04:d4:c2:4e:61:55:0e:77:
08:e4:bd:9e:2b:fa:db:f8:6a:e9:89:3f:f3:77:e3:
dd:15:63:22:b6:3a:68:82:23:a4:29:b5:b8:fe:08:
10:b3:ff:7b:55:b7:9e:03:be:36:bc:5e:23:08:86:
cf:1c:74:6b:9f:25:d9:ee:a6:fb:93:7b:2e:ba:57:
4a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E3:09:F9:A3:4E:32:A1:BA:E2:7D:03:52:0D:26:C0:AC:A6:08:BA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JuMJ-aNOMqG64n0DUg0mwKymCLo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:20:5e:e8:fa:df:aa:c5:d6:ae:d6:d8:5c:6e:c7:8f:56:c0:
e3:ed:c5:c9:ce:95:21:01:fe:17:ee:f8:c0:06:6c:22:95:23:
ff:77:3b:bc:32:89:2c:de:c3:b6:8b:6c:37:59:0a:98:c2:d0:
ad:1d:e9:07:8a:a8:11:10:aa:7c:a7:70:5f:e4:9a:e4:57:65:
cc:ac:1f:8f:3d:c2:ab:ee:06:7f:4b:ea:41:fd:18:59:97:45:
77:95:5c:58:dc:a0:e2:7e:9a:47:9d:1b:5d:9b:3d:76:84:4a:
47:4a:7e:7f:81:80:a1:5b:46:86:d7:84:14:b5:2d:0e:bb:4a:
c6:1a:2f:fc:77:86:7a:49:e2:14:47:28:73:47:37:69:97:36:
e1:74:7a:55:6b:d8:61:1f:99:65:e5:c5:e7:d9:d1:62:bf:7e:
f2:3a:c9:b7:92:1c:1a:83:13:88:5c:da:65:5c:5f:32:52:11:
f0:ec:b0:2c:e7:f1:44:b2:39:ca:97:15:18:a1:40:0d:97:c5:
a6:9a:95:74:eb:b1:11:e8:ab:6c:5e:1e:ad:a3:e2:34:0c:e7:
bc:34:54:e2:11:3f:d8:67:60:2e:31:4e:0b:d0:98:ca:60:6e:
f9:2e:4d:f4:10:8a:27:ac:06:95:ef:af:4e:3a:3a:5d:86:a0:
ac:0f:61:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIy
MjExNTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI2RTMwOUY5QTM0RTMy
QTFCQUUyN0QwMzUyMEQyNkMwQUNBNjA4QkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzgPI9DrfwpbBb836gqnEk1Ma7tHU2gKY5KrJcJqCCkt2UYAap
8/ZKRiFIC/Kn5dsoJQjdshzDK28W6vMGgZmdN8BdHpTGC99cPgPUZ47zl8GY6OiR
GQa1QVVUxjn0OgdCw/LgFW5ZfaL/0l2f+6RHmXqxKvMirKDBXT9EgebkyY+pwV8F
yRYVdm44hTQyWfwkvVUA1s6Aepw8VAZPqW+XOcI6eKKhTHJ2hfwDzQe30OESMzP3
4kdmcnIE1MJOYVUOdwjkvZ4r+tv4aumJP/N3490VYyK2OmiCI6Qptbj+CBCz/3tV
t54Dvja8XiMIhs8cdGufJdnupvuTey66V0oBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJuMJ+aNOMqG64n0DUg0mwKymCLowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KdU1KLWFOT01xRzY0bjBE
VWcwbXdLeW1DTG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEwgXuj636rF1q7W2Fxux49WwOPtxcnOlSEB
/hfu+MAGbCKVI/93O7wyiSzew7aLbDdZCpjC0K0d6QeKqBEQqnyncF/kmuRXZcys
H489wqvuBn9L6kH9GFmXRXeVXFjcoOJ+mkedG12bPXaESkdKfn+BgKFbRobXhBS1
LQ67SsYaL/x3hnpJ4hRHKHNHN2mXNuF0elVr2GEfmWXlxefZ0WK/fvI6ybeSHBqD
E4hc2mVcXzJSEfDssCzn8USyOcqXFRihQA2XxaaalXTrsRHoq2xeHq2j4jQM57w0
VOIRP9hnYC4xTgvQmMpgbvkuTfQQiiesBpXvr046Ol2GoKwPYaE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:06:55 2025 by rpki-client