Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mW4U6j6Cd03nxkmYOTqhBCGLkNk.roa
File: mW4U6j6Cd03nxkmYOTqhBCGLkNk.roa (raw, json)
Hash identifier: jx0FXKnvvwVzt9XYY+wgT2fquTObU371AYOITiztyd8=
Subject key identifier: 99:6E:14:EA:3E:82:77:4D:E7:C6:49:98:39:3A:A1:04:21:8B:90:D9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22AC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mW4U6j6Cd03nxkmYOTqhBCGLkNk.roa
Signing time: Sun 22 Jun 2025 19:11:51 +0000
ROA not before: Sun 22 Jun 2025 19:11:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8876 (0x22ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 19:11:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=996E14EA3E82774DE7C64998393AA104218B90D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:95:ab:07:20:bb:6a:e9:79:21:e5:f9:d2:a0:
88:fc:23:8f:91:e2:c8:cd:c3:05:79:af:4c:b8:4e:
c9:de:7e:32:fe:41:c4:72:3b:79:c8:ca:f2:be:6b:
17:d8:2c:e8:8b:17:4d:24:c6:10:43:e8:4b:68:7e:
7b:41:4c:90:61:4f:7a:0f:be:d5:b5:23:38:22:b9:
ed:57:7a:9a:19:1f:5a:2c:62:e4:eb:93:5d:d4:5e:
d7:9b:3a:fe:e5:a2:03:03:df:f7:d2:1b:92:32:41:
af:68:d8:b1:66:5a:76:49:36:48:aa:08:c9:74:c3:
08:6f:79:84:23:13:81:f5:10:9a:41:12:fe:cb:9e:
9b:6b:78:c2:b7:f2:27:40:a1:10:c6:0c:31:8a:c5:
5f:e0:d6:7e:c9:e3:c2:75:37:5d:92:f4:b8:0c:8d:
28:23:97:a1:a6:9f:6f:cd:85:b6:99:71:19:66:20:
72:02:f5:41:c9:56:73:e1:45:18:d2:df:72:f3:2b:
de:17:76:62:c8:dd:0f:4a:41:c0:ea:5c:14:cf:c9:
17:96:bd:99:d1:0e:7c:57:e7:57:e9:76:98:1d:35:
48:53:5e:04:ba:d0:06:95:d6:a1:88:09:e4:af:a0:
de:d7:4d:b3:3f:09:19:42:12:89:26:c7:77:15:ef:
d9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6E:14:EA:3E:82:77:4D:E7:C6:49:98:39:3A:A1:04:21:8B:90:D9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mW4U6j6Cd03nxkmYOTqhBCGLkNk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:32:e9:fc:2d:57:2c:e3:45:28:b7:9d:1b:7f:f3:87:ba:35:
57:7a:cb:a4:56:58:6c:d1:50:3f:ce:06:24:03:af:0a:cc:ea:
b0:f1:9e:e0:b6:3b:43:43:69:4b:2e:45:ac:94:d1:23:bd:91:
d4:c9:37:b1:aa:5c:0f:ab:d2:94:af:db:34:b4:c2:86:3f:d7:
a2:71:a3:da:8e:29:87:09:5b:4f:f1:86:59:28:0e:a9:c1:de:
14:25:03:1e:f3:0c:3f:e9:3f:53:fd:76:12:e7:67:b3:de:c4:
20:c4:e9:bd:55:5f:b5:66:04:b6:56:09:b5:c0:39:54:0c:02:
bb:a8:da:5d:47:83:89:db:d7:91:d6:61:3b:0f:c4:26:4c:d6:
12:46:2d:a9:60:05:5c:03:a1:05:b5:02:77:f1:b5:c4:8e:51:
00:c8:fa:b7:34:c7:b8:bb:95:fd:ad:c9:f1:d9:09:83:be:3e:
dd:3f:b2:d2:4f:88:19:69:b5:6a:f6:0a:c0:24:bd:7d:ba:87:
5e:c3:7f:db:11:39:3f:91:0f:57:16:5c:7e:b1:19:c6:b9:e2:
0f:1f:d1:70:53:79:d2:e8:88:1e:d1:9e:5a:54:c8:44:85:a7:
c7:1d:3b:25:94:0b:66:0f:58:6e:4a:ec:f2:cc:75:4e:0d:32:
fa:d6:69:0d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
OTExNTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk5NkUxNEVBM0U4Mjc3
NERFN0M2NDk5ODM5M0FBMTA0MjE4QjkwRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLlasHILtq6Xkh5fnSoIj8I4+R4sjNwwV5r0y4TsnefjL+QcRy
O3nIyvK+axfYLOiLF00kxhBD6EtofntBTJBhT3oPvtW1Izgiue1XepoZH1osYuTr
k13UXtebOv7logMD3/fSG5IyQa9o2LFmWnZJNkiqCMl0wwhveYQjE4H1EJpBEv7L
nptreMK38idAoRDGDDGKxV/g1n7J48J1N12S9LgMjSgjl6Gmn2/NhbaZcRlmIHIC
9UHJVnPhRRjS33LzK94XdmLI3Q9KQcDqXBTPyReWvZnRDnxX51fpdpgdNUhTXgS6
0AaV1qGICeSvoN7XTbM/CRlCEokmx3cV79l1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmW4U6j6Cd03nxkmYOTqhBCGLkNkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tVzRVNmo2Q2QwM254a21Z
T1RxaEJDR0xrTmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAA8y6fwtVyzjRSi3nRt/84e6NVd6y6RWWGzR
UD/OBiQDrwrM6rDxnuC2O0NDaUsuRayU0SO9kdTJN7GqXA+r0pSv2zS0woY/16Jx
o9qOKYcJW0/xhlkoDqnB3hQlAx7zDD/pP1P9dhLnZ7PexCDE6b1VX7VmBLZWCbXA
OVQMAruo2l1Hg4nb15HWYTsPxCZM1hJGLalgBVwDoQW1AnfxtcSOUQDI+rc0x7i7
lf2tyfHZCYO+Pt0/stJPiBlptWr2CsAkvX26h17Df9sROT+RD1cWXH6xGca54g8f
0XBTedLoiB7RnlpUyESFp8cdOyWUC2YPWG5K7PLMdU4NMvrWaQ0=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:37:50 2025 by rpki-client