Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nVdI6aoGseYJyoJ-xh1_q-_4epI.roa
File: nVdI6aoGseYJyoJ-xh1_q-_4epI.roa (raw, json)
Hash identifier: aIxmKKUOrMzimmqUDGjYlasW3nv7oIhmaHor5TDFHGQ=
Subject key identifier: 9D:57:48:E9:AA:06:B1:E6:09:CA:82:7E:C6:1D:7F:AB:EF:F8:7A:92
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0AD0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nVdI6aoGseYJyoJ-xh1_q-_4epI.roa
Signing time: Wed 21 May 2025 12:08:28 +0000
ROA not before: Wed 21 May 2025 12:08:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2768 (0xad0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 12:08:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9D5748E9AA06B1E609CA827EC61D7FABEFF87A92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:02:d8:26:14:d7:21:b9:4f:f7:10:0a:10:b5:
77:93:16:a6:9e:eb:42:d8:d2:8d:57:09:19:59:49:
b9:c7:b2:3d:c7:f1:16:cc:a4:5c:24:09:bd:b6:5e:
1a:8a:fe:a5:e5:93:1c:ae:f8:d6:02:69:52:a9:0d:
51:92:22:f4:f4:e7:2c:ca:66:b9:0d:68:9c:48:32:
98:85:22:a5:7b:84:8f:65:4f:9e:4e:79:5a:e5:db:
da:d4:03:05:e2:ed:63:e8:92:b4:ef:c9:4a:00:a1:
12:f4:a0:13:35:3d:98:a9:e8:29:d2:c9:28:83:40:
ac:28:03:cc:1f:e6:d2:34:99:62:54:02:6b:21:2a:
f4:a6:12:a6:7f:dd:79:96:62:b3:b9:ed:8b:be:65:
e5:c3:fb:11:c9:85:f7:50:f7:8d:68:1b:c8:f8:8f:
57:2f:85:bf:91:c4:23:04:f7:04:13:ce:a8:ff:10:
8c:7c:29:26:4b:7d:54:4f:85:4c:eb:db:05:4b:d9:
3b:0f:7a:29:a1:71:5a:c2:67:d3:70:b8:bb:c8:cd:
2c:6c:55:5f:39:f2:8e:b4:cf:4b:f7:d9:65:66:04:
5c:8c:04:90:89:c8:69:ac:c9:1d:c7:26:19:a9:13:
58:e2:54:47:00:9c:af:68:11:c9:8f:a6:f9:52:e0:
48:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:57:48:E9:AA:06:B1:E6:09:CA:82:7E:C6:1D:7F:AB:EF:F8:7A:92
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nVdI6aoGseYJyoJ-xh1_q-_4epI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:58:84:30:78:04:2b:cc:eb:2e:0a:6e:8d:e6:7b:5f:23:cf:
5f:02:24:e5:04:45:06:5c:a7:f8:fb:a9:51:f4:32:5f:e1:45:
8b:f0:13:21:88:83:ff:90:91:6b:05:c6:ae:18:c6:63:41:3b:
3f:e2:d8:06:3c:74:26:6c:67:3c:2d:d9:fd:02:52:c2:f9:d1:
4b:c8:ab:6b:16:c8:e1:e4:ce:65:48:fb:6c:b5:7a:0e:7d:95:
dd:80:6b:30:0d:51:ce:78:20:bf:88:7d:1a:25:d8:6a:49:23:
82:ac:64:f7:e2:3d:8c:b2:b8:b9:74:73:8a:b7:50:db:e1:ec:
ba:b9:2f:61:99:7c:c9:8f:89:36:ec:e5:b0:d5:a3:a9:b7:e9:
19:bd:6f:26:5e:f4:e9:fd:37:33:95:bc:24:82:bc:72:2a:44:
86:b4:63:15:32:09:10:3e:f0:46:a5:f7:d0:ee:af:dd:ef:79:
ee:2e:c3:a8:7a:b4:39:c7:87:cb:58:0e:ba:df:b0:c3:dd:df:
83:4d:4e:53:23:a3:c1:19:ec:ec:e4:75:bc:eb:22:25:1f:52:
9f:bf:3d:e2:58:27:7f:b3:a7:9e:fc:a6:03:2c:3c:94:df:3b:
50:ce:2d:2b:90:f1:e8:17:71:09:05:65:96:29:5c:99:d8:b4:
d0:21:76:bf
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCtAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEx
MjA4MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlENTc0OEU5QUEwNkIx
RTYwOUNBODI3RUM2MUQ3RkFCRUZGODdBOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsAtgmFNchuU/3EAoQtXeTFqae60LY0o1XCRlZSbnHsj3H8RbM
pFwkCb22XhqK/qXlkxyu+NYCaVKpDVGSIvT05yzKZrkNaJxIMpiFIqV7hI9lT55O
eVrl29rUAwXi7WPokrTvyUoAoRL0oBM1PZip6CnSySiDQKwoA8wf5tI0mWJUAmsh
KvSmEqZ/3XmWYrO57Yu+ZeXD+xHJhfdQ941oG8j4j1cvhb+RxCME9wQTzqj/EIx8
KSZLfVRPhUzr2wVL2TsPeimhcVrCZ9NwuLvIzSxsVV858o60z0v32WVmBFyMBJCJ
yGmsyR3HJhmpE1jiVEcAnK9oEcmPpvlS4EjtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnVdI6aoGseYJyoJ+xh1/q+/4epIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uVmRJNmFvR3NlWUp5b0ot
eGgxX3EtXzRlcEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADFYhDB4BCvM6y4Kbo3me18jz18CJOUERQZc
p/j7qVH0Ml/hRYvwEyGIg/+QkWsFxq4YxmNBOz/i2AY8dCZsZzwt2f0CUsL50UvI
q2sWyOHkzmVI+2y1eg59ld2AazANUc54IL+IfRol2GpJI4KsZPfiPYyyuLl0c4q3
UNvh7Lq5L2GZfMmPiTbs5bDVo6m36Rm9byZe9On9NzOVvCSCvHIqRIa0YxUyCRA+
8Eal99Dur93vee4uw6h6tDnHh8tYDrrfsMPd34NNTlMjo8EZ7OzkdbzrIiUfUp+/
PeJYJ3+zp578pgMsPJTfO1DOLSuQ8egXcQkFZZYpXJnYtNAhdr8=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:38:42 2025 by rpki-client