Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/k91XHXY8uYlJPbYKnW2Q-4G52S0.roa
File: k91XHXY8uYlJPbYKnW2Q-4G52S0.roa (raw, json)
Hash identifier: HoiUYunK+rCurmx0DaqPeZSbDeO+gqx98Mcqa/eLS+M=
Subject key identifier: 93:DD:57:1D:76:3C:B9:89:49:3D:B6:0A:9D:6D:90:FB:81:B9:D9:2D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08E0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/k91XHXY8uYlJPbYKnW2Q-4G52S0.roa
Signing time: Sun 18 May 2025 22:08:08 +0000
ROA not before: Sun 18 May 2025 22:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2272 (0x8e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 22:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=93DD571D763CB989493DB60A9D6D90FB81B9D92D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:7c:c3:d2:97:d6:7a:fb:f1:a9:e2:d4:fb:
e7:d8:c1:51:c2:ce:0a:5a:c8:22:70:9e:8f:92:56:
27:24:96:a4:11:36:8a:13:4e:ac:af:37:b4:4b:98:
91:56:49:99:01:0f:c2:09:c6:3e:f2:c4:38:86:4b:
fc:ef:9c:05:75:23:48:2d:40:33:74:99:85:00:d4:
79:c3:05:b4:fe:ae:af:28:c9:22:f1:ff:6c:27:57:
9e:15:b3:b9:9c:80:90:42:0d:89:f3:f9:36:0a:25:
76:ba:0e:d0:f3:5d:6c:09:d1:2b:07:dc:20:eb:c9:
03:c3:2d:a9:6b:ac:c3:59:21:46:a2:95:91:27:b0:
87:fe:cb:ad:5a:3c:a7:4f:a7:b0:7a:86:a9:c6:fe:
df:9c:c0:6d:32:3a:7e:f4:8a:8a:03:b4:07:cc:b8:
09:28:2f:d9:48:e2:c2:5a:74:5d:66:9e:b4:2a:3a:
ee:f0:f0:de:a0:59:1b:f4:38:73:3e:7a:8e:17:12:
55:ce:8a:8f:75:49:8c:2c:eb:40:10:fd:b7:26:7c:
08:81:7a:33:32:b6:80:ff:bf:8c:01:75:ce:01:80:
08:45:85:62:b8:f6:58:5b:3f:48:1f:ff:fb:53:7c:
31:91:b6:5b:fb:42:a2:97:fc:cb:85:42:85:04:84:
99:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DD:57:1D:76:3C:B9:89:49:3D:B6:0A:9D:6D:90:FB:81:B9:D9:2D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/k91XHXY8uYlJPbYKnW2Q-4G52S0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:62:98:c1:bb:69:df:77:64:6b:e9:0a:78:96:be:f0:eb:42:
22:3c:5e:a6:37:21:bc:70:6e:b6:fa:67:12:43:0e:bd:44:be:
f2:9d:04:f5:49:fa:dc:01:21:66:eb:67:4d:ba:b7:03:c2:56:
74:89:04:64:a2:fd:f2:04:9e:48:a2:81:70:e1:9a:91:6c:0f:
6d:28:4d:47:b6:b2:70:97:06:47:b9:03:7b:d9:f6:d5:88:27:
7e:b5:d4:a9:78:c1:58:ee:83:ff:b6:ae:74:f7:5d:61:28:01:
27:a2:bc:50:5c:dc:36:ad:b5:28:88:70:d3:22:91:2a:46:14:
11:78:4a:79:50:ab:e2:51:75:82:49:a2:ea:14:9f:3c:42:0b:
cd:6a:aa:44:fd:97:d3:8e:ad:be:53:56:b3:38:6c:e0:27:e5:
79:55:10:8a:ac:8c:a7:0b:a4:f9:2d:21:6e:0c:ec:24:63:8d:
bb:4e:0a:25:c5:bd:5d:e8:b6:04:b3:2d:24:26:8b:1b:69:23:
15:c0:75:e8:cf:63:8d:d3:a2:85:80:b2:00:7c:8a:a5:5e:c3:
e9:5d:6c:43:32:f4:56:d2:b0:c9:89:3d:cb:1a:86:ca:c9:71:
f4:75:ef:34:be:50:50:d1:59:54:ca:b3:e2:9b:5e:3b:d9:33:
eb:2d:3e:64
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgy
MjA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkzREQ1NzFENzYzQ0I5
ODk0OTNEQjYwQTlENkQ5MEZCODFCOUQ5MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCFXzD0pfWevvxqeLU++fYwVHCzgpayCJwno+SVicklqQRNooT
TqyvN7RLmJFWSZkBD8IJxj7yxDiGS/zvnAV1I0gtQDN0mYUA1HnDBbT+rq8oySLx
/2wnV54Vs7mcgJBCDYnz+TYKJXa6DtDzXWwJ0SsH3CDryQPDLalrrMNZIUailZEn
sIf+y61aPKdPp7B6hqnG/t+cwG0yOn70iooDtAfMuAkoL9lI4sJadF1mnrQqOu7w
8N6gWRv0OHM+eo4XElXOio91SYws60AQ/bcmfAiBejMytoD/v4wBdc4BgAhFhWK4
9lhbP0gf//tTfDGRtlv7QqKX/MuFQoUEhJlDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUk91XHXY8uYlJPbYKnW2Q+4G52S0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rOTFYSFhZOHVZbEpQYllL
blcyUS00RzUyUzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHpimMG7ad93ZGvpCniWvvDrQiI8XqY3Ibxw
brb6ZxJDDr1EvvKdBPVJ+twBIWbrZ026twPCVnSJBGSi/fIEnkiigXDhmpFsD20o
TUe2snCXBke5A3vZ9tWIJ3611Kl4wVjug/+2rnT3XWEoASeivFBc3DattSiIcNMi
kSpGFBF4SnlQq+JRdYJJouoUnzxCC81qqkT9l9OOrb5TVrM4bOAn5XlVEIqsjKcL
pPktIW4M7CRjjbtOCiXFvV3otgSzLSQmixtpIxXAdejPY43TooWAsgB8iqVew+ld
bEMy9FbSsMmJPcsahsrJcfR17zS+UFDRWVTKs+KbXjvZM+stPmQ=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:34:26 2025 by rpki-client