Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mUl9rM20JgKI9roJFmKVZiHsOYE.roa
File: mUl9rM20JgKI9roJFmKVZiHsOYE.roa (raw, json)
Hash identifier: tB26mlJhc4Zk6n5l0qYi7y7PTg6jOAqsaDMRyrxzg/4=
Subject key identifier: 99:49:7D:AC:CD:B4:26:02:88:F6:BA:09:16:62:95:66:21:EC:39:81
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1284
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mUl9rM20JgKI9roJFmKVZiHsOYE.roa
Signing time: Sat 31 May 2025 18:39:10 +0000
ROA not before: Sat 31 May 2025 18:39:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4740 (0x1284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 18:39:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=99497DACCDB4260288F6BA091662956621EC3981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:65:1e:5e:aa:6e:8b:3a:d2:ef:fd:4e:3f:5b:
bd:06:fd:aa:7d:80:ad:26:2e:e9:62:2d:09:82:e5:
58:66:a5:cb:4c:a1:44:af:77:6d:a1:64:b0:76:9a:
c0:f1:67:d1:64:26:50:25:a5:ff:97:1b:a2:e9:e8:
fa:21:9e:3c:78:9b:df:38:e2:6c:7c:32:23:e7:b6:
6a:35:ff:a6:47:14:e3:d8:99:66:73:0f:06:4c:0d:
eb:58:61:78:0e:b8:75:75:ce:38:6f:74:20:f1:a1:
10:05:1c:dd:c2:a2:c2:60:fa:56:40:75:41:15:e3:
71:9d:e6:b5:d3:f5:91:b7:a1:70:f3:ec:3f:35:f1:
87:b2:0c:e6:a2:d3:65:22:6c:77:01:07:55:fc:24:
0b:2e:10:36:4e:6a:ac:12:00:90:bf:2e:1b:e5:90:
cc:ef:94:4f:32:c2:15:af:c3:c7:40:79:fb:9b:fc:
1f:01:da:4c:8f:19:6a:d7:21:45:ea:a1:71:63:9c:
8c:1e:8a:3b:eb:17:23:0a:40:0b:26:13:7e:ab:31:
4f:42:d5:9e:c9:ad:25:83:3d:18:24:6d:77:95:43:
60:44:5f:be:b8:79:73:0b:e5:11:60:bd:20:9e:10:
4a:74:75:b6:ee:66:2e:b9:27:68:b3:59:7d:89:33:
4d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:49:7D:AC:CD:B4:26:02:88:F6:BA:09:16:62:95:66:21:EC:39:81
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mUl9rM20JgKI9roJFmKVZiHsOYE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:70:c5:f9:85:47:34:e5:a4:a4:61:43:75:8e:c0:97:e0:87:
d9:6a:ca:6f:4b:10:98:5f:04:13:e9:77:2d:b7:18:d5:b7:40:
fa:3e:2b:3d:b8:e0:3b:94:b9:cf:c4:82:7e:97:f3:19:0a:98:
48:86:ad:32:5a:a7:67:d1:f5:22:10:1d:59:27:f0:ee:32:95:
c2:3e:fc:0f:53:18:5f:c4:9f:15:16:4f:9f:ba:94:c7:e1:4a:
29:a3:78:f2:08:9a:90:69:2a:dd:f4:fc:48:b8:37:e7:15:95:
24:4c:55:98:69:81:d7:ef:ff:2e:5d:2f:1a:78:ca:46:d9:8d:
81:34:2d:17:aa:bd:b2:77:d9:94:d5:aa:9b:7c:dc:ca:82:70:
9a:06:1b:57:4b:a1:2f:71:35:b9:08:0b:63:25:93:92:45:a0:
e4:83:10:bc:4b:06:c6:05:dd:d4:4f:55:cd:ff:b1:43:21:13:
02:80:c5:9c:22:a3:f9:a0:10:da:c0:76:bf:f7:c1:99:6e:54:
48:ae:be:3a:c3:fc:d0:78:9e:07:c5:98:a2:72:c9:c9:29:c3:
ee:11:7f:a2:0b:3e:b6:cf:f5:76:fd:9e:cf:85:dd:49:48:06:
13:e0:0c:eb:13:ce:ae:d5:de:b4:5b:1a:db:09:58:8b:9f:9d:
c1:5f:ac:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
ODM5MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk5NDk3REFDQ0RCNDI2
MDI4OEY2QkEwOTE2NjI5NTY2MjFFQzM5ODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8ZR5eqm6LOtLv/U4/W70G/ap9gK0mLuliLQmC5VhmpctMoUSv
d22hZLB2msDxZ9FkJlAlpf+XG6Lp6Pohnjx4m9844mx8MiPntmo1/6ZHFOPYmWZz
DwZMDetYYXgOuHV1zjhvdCDxoRAFHN3CosJg+lZAdUEV43Gd5rXT9ZG3oXDz7D81
8YeyDOai02UibHcBB1X8JAsuEDZOaqwSAJC/LhvlkMzvlE8ywhWvw8dAefub/B8B
2kyPGWrXIUXqoXFjnIweijvrFyMKQAsmE36rMU9C1Z7JrSWDPRgkbXeVQ2BEX764
eXML5RFgvSCeEEp0dbbuZi65J2izWX2JM03/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmUl9rM20JgKI9roJFmKVZiHsOYEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tVWw5ck0yMEpnS0k5cm9K
Rm1LVlppSHNPWUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK9wxfmFRzTlpKRhQ3WOwJfgh9lqym9LEJhf
BBPpdy23GNW3QPo+Kz244DuUuc/Egn6X8xkKmEiGrTJap2fR9SIQHVkn8O4ylcI+
/A9TGF/EnxUWT5+6lMfhSimjePIImpBpKt30/Ei4N+cVlSRMVZhpgdfv/y5dLxp4
ykbZjYE0LReqvbJ32ZTVqpt83MqCcJoGG1dLoS9xNbkIC2Mlk5JFoOSDELxLBsYF
3dRPVc3/sUMhEwKAxZwio/mgENrAdr/3wZluVEiuvjrD/NB4ngfFmKJyyckpw+4R
f6ILPrbP9Xb9ns+F3UlIBhPgDOsTzq7V3rRbGtsJWIufncFfrI0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:29:33 2025 by rpki-client