Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mh7UIqc5o1qQpX9QmnvC5nGjQ0o.roa
File: mh7UIqc5o1qQpX9QmnvC5nGjQ0o.roa (raw, json)
Hash identifier: yXI9da1AlW+X/LWJvhBjPR2e2ROk7+RQEWdRCpqFzjc=
Subject key identifier: 9A:1E:D4:22:A7:39:A3:5A:90:A5:7F:50:9A:7B:C2:E6:71:A3:43:4A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D00
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mh7UIqc5o1qQpX9QmnvC5nGjQ0o.roa
Signing time: Sat 24 May 2025 10:08:30 +0000
ROA not before: Sat 24 May 2025 10:08:30 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3328 (0xd00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 10:08:30 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9A1ED422A739A35A90A57F509A7BC2E671A3434A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8a:90:8a:21:d5:fd:75:1a:06:b6:bd:23:90:
f5:90:16:04:0a:f2:31:76:ae:b5:23:08:17:70:44:
e1:11:ca:e9:8b:81:c9:9c:33:a8:7e:6f:cd:1d:6b:
5c:e3:a4:44:63:53:2c:95:5b:0d:3d:35:14:08:5a:
5e:03:1e:cd:39:c4:3b:b4:e2:70:2b:6f:07:f7:4b:
34:fe:6c:9e:88:56:f2:ff:fd:88:ee:4b:ae:f1:d0:
a2:26:30:9c:8f:6b:89:ff:71:a8:57:92:23:ff:e3:
1d:4f:d7:70:1b:a5:f5:1b:a0:d8:b8:c3:24:44:60:
c8:30:be:56:2b:b2:d6:1f:f8:e9:a5:2d:78:f5:16:
d3:75:e7:4a:e6:b6:a8:7a:47:78:fa:08:90:26:7f:
e3:b4:a5:27:bc:17:64:68:29:4f:97:a2:d4:8f:c1:
88:0e:af:cd:a0:c5:7a:e6:64:da:77:06:40:f5:fe:
3f:06:93:16:2b:57:7b:eb:36:1b:aa:e1:eb:5f:51:
0b:2b:b4:a5:f4:2c:6b:c9:71:67:b3:b8:64:6e:52:
7f:4c:ec:c1:31:f9:24:45:f2:57:27:b8:1a:ce:45:
16:c9:dc:c9:05:13:8f:b1:3c:0c:81:b2:d2:75:ba:
af:89:53:58:79:1c:01:a8:df:22:b1:47:d2:c0:49:
df:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1E:D4:22:A7:39:A3:5A:90:A5:7F:50:9A:7B:C2:E6:71:A3:43:4A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mh7UIqc5o1qQpX9QmnvC5nGjQ0o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:d3:99:2a:58:bd:76:5f:a0:01:2b:2a:9c:23:7f:3b:30:f1:
6a:24:da:75:c0:dc:d2:62:02:b3:ab:5d:db:b3:1d:56:70:3f:
b3:96:3d:b8:cf:7b:a9:db:a9:34:04:06:00:cd:15:67:4d:6d:
90:ee:e2:6b:e8:fc:9f:fb:c5:0f:f8:bf:a0:1e:57:c7:ed:58:
d2:ad:f4:ac:a8:40:30:a2:bd:d2:47:26:02:b5:7f:0b:62:3a:
e8:5e:d5:1a:cc:e5:a0:ef:b8:a1:12:22:c9:ce:64:80:4c:95:
8b:4b:ee:7d:9a:f4:fe:21:1f:a0:46:e2:5b:95:16:ad:21:cf:
50:ba:c7:64:bb:68:3b:73:f8:29:89:cb:44:85:88:74:89:6e:
b1:54:da:dd:6f:4e:e2:71:d6:8f:66:77:1f:c4:62:83:f0:70:
16:ba:54:1b:49:15:78:6f:77:db:9b:4e:2b:3d:ba:27:67:20:
97:56:d2:f8:3e:df:d5:20:53:f4:4d:b7:b0:6c:80:67:2d:57:
8d:8a:7f:28:35:76:61:7d:85:0e:06:22:e8:9e:e0:59:bf:ae:
3a:0f:de:54:01:65:cb:dd:db:92:ed:ba:8c:5a:02:ca:9f:47:
db:90:ff:49:78:6f:bb:0c:d7:4b:ae:8b:66:f6:ca:dd:0d:f5:
6e:28:8e:4a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
MDA4MzBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlBMUVENDIyQTczOUEz
NUE5MEE1N0Y1MDlBN0JDMkU2NzFBMzQzNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZipCKIdX9dRoGtr0jkPWQFgQK8jF2rrUjCBdwROERyumLgcmc
M6h+b80da1zjpERjUyyVWw09NRQIWl4DHs05xDu04nArbwf3SzT+bJ6IVvL//Yju
S67x0KImMJyPa4n/cahXkiP/4x1P13AbpfUboNi4wyREYMgwvlYrstYf+OmlLXj1
FtN150rmtqh6R3j6CJAmf+O0pSe8F2RoKU+XotSPwYgOr82gxXrmZNp3BkD1/j8G
kxYrV3vrNhuq4etfUQsrtKX0LGvJcWezuGRuUn9M7MEx+SRF8lcnuBrORRbJ3MkF
E4+xPAyBstJ1uq+JU1h5HAGo3yKxR9LASd8XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmh7UIqc5o1qQpX9QmnvC5nGjQ0owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9taDdVSXFjNW8xcVFwWDlR
bW52QzVuR2pRMG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAbTmSpYvXZfoAErKpwjfzsw8Wok2nXA3NJi
ArOrXduzHVZwP7OWPbjPe6nbqTQEBgDNFWdNbZDu4mvo/J/7xQ/4v6AeV8ftWNKt
9KyoQDCivdJHJgK1fwtiOuhe1RrM5aDvuKESIsnOZIBMlYtL7n2a9P4hH6BG4luV
Fq0hz1C6x2S7aDtz+CmJy0SFiHSJbrFU2t1vTuJx1o9mdx/EYoPwcBa6VBtJFXhv
d9ubTis9uidnIJdW0vg+39UgU/RNt7BsgGctV42Kfyg1dmF9hQ4GIuie4Fm/rjoP
3lQBZcvd25LtuoxaAsqfR9uQ/0l4b7sM10uui2b2yt0N9W4ojko=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:18:00 2025 by rpki-client