Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LMwbWMs_DLusGoRgs9DYEm1VyYk.roa
File: LMwbWMs_DLusGoRgs9DYEm1VyYk.roa (raw, json)
Hash identifier: 9jtOoI/dop+cyUj1lvLNI6kGj0yEElMWV3bSb0rtKeE=
Subject key identifier: 2C:CC:1B:58:CB:3F:0C:BB:AC:1A:84:60:B3:D0:D8:12:6D:55:C9:89
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2490
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LMwbWMs_DLusGoRgs9DYEm1VyYk.roa
Signing time: Wed 25 Jun 2025 07:42:59 +0000
ROA not before: Wed 25 Jun 2025 07:42:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9360 (0x2490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 25 07:42:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2CCC1B58CB3F0CBBAC1A8460B3D0D8126D55C989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:34:3e:35:db:f0:fa:85:b4:3b:57:8a:3a:b4:
83:d3:09:ed:e1:bd:31:dd:5c:8f:c6:e7:dd:4d:c8:
ee:24:25:52:c2:76:9a:df:d1:0f:64:2a:04:67:2a:
5d:02:27:6b:9a:c0:26:ab:c4:b2:a4:b1:52:a4:ac:
cb:52:2d:cd:df:7c:c1:00:cc:68:d2:64:1e:aa:72:
d5:e3:ad:73:27:2c:24:e6:d3:6c:12:61:41:71:bf:
2c:17:a1:a3:4d:ee:60:d3:95:52:a3:bb:23:5c:88:
a9:dc:6c:21:ae:4a:ab:32:25:2b:5d:f3:fe:c3:3d:
c1:7d:44:a1:d3:51:b4:a0:e7:d3:01:c4:18:a4:7e:
33:df:c7:94:d1:a0:c5:75:4d:84:dd:59:e9:d9:35:
7a:07:86:39:84:90:95:24:62:9f:4d:56:58:f7:d7:
13:1c:54:9e:89:7d:70:dc:be:a9:1a:26:5b:3a:80:
07:57:71:23:a6:dc:c0:34:5e:4a:42:4a:81:a8:98:
6b:47:76:f0:45:f7:ce:05:9d:9f:75:c5:fa:91:73:
d2:c2:dd:23:9e:e3:11:88:c9:f8:17:e3:51:5e:50:
7c:11:65:af:6c:f1:a8:05:a5:27:d4:d6:a0:93:f8:
20:be:62:64:14:df:94:b6:ad:9d:3b:2f:4f:8c:91:
9d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CC:1B:58:CB:3F:0C:BB:AC:1A:84:60:B3:D0:D8:12:6D:55:C9:89
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LMwbWMs_DLusGoRgs9DYEm1VyYk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:2d:79:9c:9e:e3:8a:90:a0:a5:2a:31:3c:4f:14:6b:9d:4e:
90:91:bb:ea:bf:95:ee:1d:cc:1b:9f:2a:de:f9:7b:39:90:29:
ad:ae:67:03:75:72:cc:7d:31:82:7a:9d:ef:b3:0d:8b:57:44:
29:b1:c3:82:54:11:45:e8:7e:2b:38:e6:e6:d9:4a:ad:b1:cc:
f3:9a:4f:e1:3e:3b:82:e1:e8:28:69:aa:f0:92:ab:02:c5:5f:
ae:d8:bf:ec:52:a7:26:ce:4b:b4:56:10:7d:65:34:44:b3:c7:
6f:bd:18:37:73:8f:ce:71:40:cf:cf:4a:fa:00:2f:dc:79:b5:
0a:e1:6f:f2:07:eb:fe:86:cd:cc:6b:09:3d:87:20:c4:4a:f6:
e9:86:d5:3d:91:00:8f:b8:49:87:61:c3:c8:aa:f5:ca:54:34:
35:fc:49:c7:41:bf:86:f0:73:8f:8c:d4:e4:ab:cb:10:bf:47:
f7:9c:d6:00:04:95:e0:52:0c:92:36:68:06:19:05:a8:14:6f:
7a:51:4d:11:9a:55:e1:e0:5e:b5:20:c9:11:92:dc:c2:f6:5e:
eb:4a:ed:b8:97:79:c6:6d:af:e0:fe:8c:a9:36:fc:b6:f0:d1:
d4:d6:88:dc:40:c0:3d:23:a7:8b:18:4a:24:be:41:db:8b:3b:
48:e5:d4:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjUw
NzQyNTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJDQ0MxQjU4Q0IzRjBD
QkJBQzFBODQ2MEIzRDBEODEyNkQ1NUM5ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZND412/D6hbQ7V4o6tIPTCe3hvTHdXI/G591NyO4kJVLCdprf
0Q9kKgRnKl0CJ2uawCarxLKksVKkrMtSLc3ffMEAzGjSZB6qctXjrXMnLCTm02wS
YUFxvywXoaNN7mDTlVKjuyNciKncbCGuSqsyJStd8/7DPcF9RKHTUbSg59MBxBik
fjPfx5TRoMV1TYTdWenZNXoHhjmEkJUkYp9NVlj31xMcVJ6JfXDcvqkaJls6gAdX
cSOm3MA0XkpCSoGomGtHdvBF984FnZ91xfqRc9LC3SOe4xGIyfgX41FeUHwRZa9s
8agFpSfU1qCT+CC+YmQU35S2rZ07L0+MkZ1fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULMwbWMs/DLusGoRgs9DYEm1VyYkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MTXdiV01zX0RMdXNHb1Jn
czlEWUVtMVZ5WWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACQteZye44qQoKUqMTxPFGudTpCRu+q/le4d
zBufKt75ezmQKa2uZwN1csx9MYJ6ne+zDYtXRCmxw4JUEUXofis45ubZSq2xzPOa
T+E+O4Lh6ChpqvCSqwLFX67Yv+xSpybOS7RWEH1lNESzx2+9GDdzj85xQM/PSvoA
L9x5tQrhb/IH6/6GzcxrCT2HIMRK9umG1T2RAI+4SYdhw8iq9cpUNDX8ScdBv4bw
c4+M1OSryxC/R/ec1gAEleBSDJI2aAYZBagUb3pRTRGaVeHgXrUgyRGS3ML2XutK
7biXecZtr+D+jKk2/Lbw0dTWiNxAwD0jp4sYSiS+QduLO0jl1J8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:52:00 2025 by rpki-client