Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/na1ngHFiId6PSQnLFjiHFB2xTEk.roa
File: na1ngHFiId6PSQnLFjiHFB2xTEk.roa (raw, json)
Hash identifier: rGD4XnajrSWA2Jo2son1f+3yBBKM91tesOzj4YOVEiM=
Subject key identifier: 9D:AD:67:80:71:62:21:DE:8F:49:09:CB:16:38:87:14:1D:B1:4C:49
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2270
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/na1ngHFiId6PSQnLFjiHFB2xTEk.roa
Signing time: Sun 22 Jun 2025 11:41:51 +0000
ROA not before: Sun 22 Jun 2025 11:41:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8816 (0x2270)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 11:41:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9DAD6780716221DE8F4909CB163887141DB14C49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:75:b6:2e:b3:5b:4f:ec:64:a8:cd:16:13:62:
fa:01:be:02:cd:5c:a5:e6:09:cc:26:30:f8:ff:46:
e1:d1:7a:12:ee:39:71:fd:63:ac:e2:d4:a8:75:8b:
cc:03:73:e3:6b:da:2f:e8:bc:9f:1c:a3:16:9a:9c:
91:45:43:36:07:ac:09:31:6f:6b:72:ce:cd:f1:5a:
3a:69:25:a4:ab:af:ab:e8:ae:f3:9b:09:66:ce:0a:
14:cb:94:79:85:6c:ae:9e:ba:ed:86:b0:b4:3d:f2:
2c:ff:1e:90:39:93:f2:8d:15:d1:92:f1:30:4e:65:
52:e3:0c:d6:9a:b4:5d:d2:93:b5:28:29:ed:ea:f7:
2a:5f:71:76:50:40:5b:f7:05:90:f0:72:71:13:2c:
bb:77:35:0e:5d:62:88:06:61:7a:24:9e:49:50:27:
74:46:55:db:e6:95:51:b6:02:69:df:b5:7b:1d:d8:
97:98:6e:f0:c8:b6:3b:aa:ba:ee:65:06:70:9a:de:
cf:05:32:fb:a3:1d:6b:3b:ed:9f:b7:1d:cf:52:93:
f1:f8:8d:c3:c5:1d:7e:e9:88:2a:3b:a9:5c:3a:6a:
40:97:95:10:68:86:63:6c:63:c3:c5:e2:b9:51:e8:
89:78:ee:3c:38:94:81:d4:ef:19:4a:4c:7e:4a:da:
df:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AD:67:80:71:62:21:DE:8F:49:09:CB:16:38:87:14:1D:B1:4C:49
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/na1ngHFiId6PSQnLFjiHFB2xTEk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:e5:67:30:dc:a3:15:55:91:a4:b9:d6:ab:dd:18:0e:f6:9f:
fa:91:01:1e:9f:fa:98:e9:64:7a:02:ff:d8:db:0d:e3:1f:c0:
7a:49:0e:2d:f8:cf:72:19:6c:b2:99:ee:b1:52:bf:b0:0f:5c:
bb:b7:6d:b1:2d:6a:bd:2b:cb:11:d2:e3:3e:2b:7c:25:b3:b5:
2a:5e:da:b2:d9:cd:9e:14:fb:21:40:b4:24:20:a0:27:ff:4a:
1c:95:f4:81:f6:6d:ce:54:3b:a4:d3:83:b0:3d:f7:25:89:4c:
ff:09:30:41:96:a5:f3:2f:f2:0b:16:ca:fd:f3:6c:5f:80:34:
64:43:66:d8:db:a8:42:ad:af:bf:ed:e2:bb:34:f7:68:94:44:
35:f0:bd:ab:d0:bb:2b:17:15:77:fd:5a:cd:bf:1a:a1:6d:37:
fc:52:5a:67:e0:51:d1:df:a8:b2:77:6c:a3:2a:7e:ba:9e:20:
59:0b:e2:3d:ca:4b:8f:31:a1:8b:37:d4:d2:17:d5:12:f5:01:
30:05:4d:d8:3f:bb:60:91:1a:f3:04:e8:a7:c2:21:98:26:72:
49:a8:6b:6c:9b:11:08:20:f1:06:e2:55:35:b3:fe:e2:06:cf:
fd:aa:83:df:08:52:65:a5:f2:0c:fd:34:cc:40:9a:b6:c7:85:
03:13:3f:1c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICInAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
MTQxNTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlEQUQ2NzgwNzE2MjIx
REU4RjQ5MDlDQjE2Mzg4NzE0MURCMTRDNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwdbYus1tP7GSozRYTYvoBvgLNXKXmCcwmMPj/RuHRehLuOXH9
Y6zi1Kh1i8wDc+Nr2i/ovJ8coxaanJFFQzYHrAkxb2tyzs3xWjppJaSrr6vorvOb
CWbOChTLlHmFbK6euu2GsLQ98iz/HpA5k/KNFdGS8TBOZVLjDNaatF3Sk7UoKe3q
9ypfcXZQQFv3BZDwcnETLLt3NQ5dYogGYXoknklQJ3RGVdvmlVG2AmnftXsd2JeY
bvDItjuquu5lBnCa3s8FMvujHWs77Z+3Hc9Sk/H4jcPFHX7piCo7qVw6akCXlRBo
hmNsY8PF4rlR6Il47jw4lIHU7xlKTH5K2t8hAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUna1ngHFiId6PSQnLFjiHFB2xTEkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uYTFuZ0hGaUlkNlBTUW5M
RmppSEZCMnhURWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEflZzDcoxVVkaS51qvdGA72n/qRAR6f+pjp
ZHoC/9jbDeMfwHpJDi34z3IZbLKZ7rFSv7APXLu3bbEtar0ryxHS4z4rfCWztSpe
2rLZzZ4U+yFAtCQgoCf/ShyV9IH2bc5UO6TTg7A99yWJTP8JMEGWpfMv8gsWyv3z
bF+ANGRDZtjbqEKtr7/t4rs092iURDXwvavQuysXFXf9Ws2/GqFtN/xSWmfgUdHf
qLJ3bKMqfrqeIFkL4j3KS48xoYs31NIX1RL1ATAFTdg/u2CRGvME6KfCIZgmckmo
a2ybEQgg8QbiVTWz/uIGz/2qg98IUmWl8gz9NMxAmrbHhQMTPxw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:51 2025 by rpki-client