Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HKJ6Oqawqvm35Unxtb-10XbAd8M.roa
File: HKJ6Oqawqvm35Unxtb-10XbAd8M.roa (raw, json)
Hash identifier: bdphRjnHOmc/5L2cMCgTFuuQTxhXsgYSR33xufS+fx8=
Subject key identifier: 1C:A2:7A:3A:A6:B0:AA:F9:B7:E5:49:F1:B5:BF:B5:D1:76:C0:77:C3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06C0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HKJ6Oqawqvm35Unxtb-10XbAd8M.roa
Signing time: Fri 16 May 2025 02:08:01 +0000
ROA not before: Fri 16 May 2025 02:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1728 (0x6c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 02:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1CA27A3AA6B0AAF9B7E549F1B5BFB5D176C077C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f7:a2:d3:8d:0e:2d:2e:57:0b:df:3e:bb:07:
b0:8d:06:cc:88:f3:6d:5f:ec:c6:b4:7b:9e:b5:da:
a2:61:6c:b0:05:63:fd:f4:f3:56:23:48:39:a9:82:
73:df:35:4c:ec:38:a5:54:ab:eb:69:07:11:b0:d4:
2d:55:39:b6:77:4b:3d:27:e5:df:e4:64:46:eb:c3:
4b:32:0c:13:cb:3f:4f:4a:6c:34:f3:4c:f1:18:21:
e8:96:c4:63:8a:fe:1d:58:50:f9:da:27:15:ad:ce:
04:03:de:e7:2d:49:a9:63:cf:98:dc:17:98:54:07:
b1:7b:f4:38:f9:ba:e4:e8:f7:8b:8f:8d:7f:b3:a5:
4c:b7:62:9d:0a:61:2f:68:85:64:76:73:b8:70:93:
aa:14:9c:3b:6e:74:92:10:50:80:d1:5b:b9:08:27:
d1:ee:44:3a:2e:e6:9f:d0:31:fd:04:0c:42:fc:4d:
dc:5e:20:2b:09:20:72:59:40:be:ef:91:7b:63:87:
6e:21:71:34:50:81:64:1e:45:b6:9f:13:c0:4b:bd:
47:f6:2c:29:38:33:b4:57:73:e8:6f:35:de:15:84:
52:95:a0:4b:eb:7e:72:60:a4:3b:87:08:5a:29:5e:
99:3a:c0:c7:6d:57:30:6e:3d:9d:fd:cb:ef:b5:30:
3a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A2:7A:3A:A6:B0:AA:F9:B7:E5:49:F1:B5:BF:B5:D1:76:C0:77:C3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HKJ6Oqawqvm35Unxtb-10XbAd8M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:99:6f:a6:2b:75:d8:e2:78:4f:60:6f:83:5b:2f:0f:56:de:
db:cc:ad:89:58:47:e5:af:eb:65:23:f5:4e:3c:3c:d1:0b:16:
c3:38:4a:47:28:14:9d:60:37:e0:f7:9f:4a:f2:82:9a:28:1d:
ce:10:9b:da:dd:33:08:be:49:e9:28:cc:2a:ae:86:8c:c4:46:
b9:69:00:dc:43:c9:53:bd:ac:49:17:69:8d:15:4d:05:df:6e:
c5:88:4d:e9:7c:22:fd:bc:cf:28:01:f6:0b:72:cc:ad:02:aa:
4c:2d:65:a0:cf:38:01:4b:59:dc:09:02:98:cf:f0:fd:d7:0e:
7f:ca:ab:48:23:1c:ab:05:ab:ed:30:4e:3d:1b:de:8d:33:aa:
15:11:0d:f3:07:bf:9d:b1:13:84:bd:d2:a5:76:8e:f9:84:7f:
8f:ff:42:da:a0:e2:6b:08:34:9f:e3:83:ea:60:67:27:f0:d4:
35:98:32:d7:14:c3:73:82:c1:bd:e1:17:f6:02:61:1c:4c:64:
b1:71:d8:55:62:72:a2:0c:cf:12:5b:1d:c6:13:c2:d3:db:b2:
6c:88:d3:ff:48:f9:af:0c:d4:7f:f3:29:20:d3:53:9d:50:78:
3f:c6:33:1f:28:18:e1:f3:3d:52:7e:77:24:b6:3d:14:f2:bb:
df:9a:12:eb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBsAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
MjA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFDQTI3QTNBQTZCMEFB
RjlCN0U1NDlGMUI1QkZCNUQxNzZDMDc3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl96LTjQ4tLlcL3z67B7CNBsyI821f7Ma0e5612qJhbLAFY/30
81YjSDmpgnPfNUzsOKVUq+tpBxGw1C1VObZ3Sz0n5d/kZEbrw0syDBPLP09KbDTz
TPEYIeiWxGOK/h1YUPnaJxWtzgQD3uctSaljz5jcF5hUB7F79Dj5uuTo94uPjX+z
pUy3Yp0KYS9ohWR2c7hwk6oUnDtudJIQUIDRW7kIJ9HuRDou5p/QMf0EDEL8Tdxe
ICsJIHJZQL7vkXtjh24hcTRQgWQeRbafE8BLvUf2LCk4M7RXc+hvNd4VhFKVoEvr
fnJgpDuHCFopXpk6wMdtVzBuPZ39y++1MDo3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHKJ6Oqawqvm35Unxtb+10XbAd8MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IS0o2T3Fhd3F2bTM1VW54
dGItMTBYYkFkOE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAH2Zb6YrddjieE9gb4NbLw9W3tvMrYlYR+Wv
62Uj9U48PNELFsM4SkcoFJ1gN+D3n0rygpooHc4Qm9rdMwi+SekozCquhozERrlp
ANxDyVO9rEkXaY0VTQXfbsWITel8Iv28zygB9gtyzK0CqkwtZaDPOAFLWdwJApjP
8P3XDn/Kq0gjHKsFq+0wTj0b3o0zqhURDfMHv52xE4S90qV2jvmEf4//Qtqg4msI
NJ/jg+pgZyfw1DWYMtcUw3OCwb3hF/YCYRxMZLFx2FVicqIMzxJbHcYTwtPbsmyI
0/9I+a8M1H/zKSDTU51QeD/GMx8oGOHzPVJ+dyS2PRTyu9+aEus=
-----END CERTIFICATE-----
Generated at Sun May 18 03:34:49 2025 by rpki-client