Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/J38Lr4_F-yHktlDP0dZ-wYoFYxo.roa
File: J38Lr4_F-yHktlDP0dZ-wYoFYxo.roa (raw, json)
Hash identifier: cso9ao87ykgt7qqvFaHU/LtVJCUV1b4eT9VVhiIgmfw=
Subject key identifier: 27:7F:0B:AF:8F:C5:FB:21:E4:B6:50:CF:D1:D6:7E:C1:8A:05:63:1A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01D8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/J38Lr4_F-yHktlDP0dZ-wYoFYxo.roa
Signing time: Fri 09 May 2025 13:08:17 +0000
ROA not before: Fri 09 May 2025 13:08:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472 (0x1d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 13:08:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=277F0BAF8FC5FB21E4B650CFD1D67EC18A05631A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:38:7b:2c:8e:92:b0:28:c5:9d:bf:c3:3c:
e0:3a:94:71:90:4d:67:73:5c:08:1d:09:fa:8e:cf:
43:99:b2:df:df:4d:a0:31:5b:95:87:43:f5:1f:92:
56:59:ab:1b:ec:3c:20:75:78:e7:45:61:ce:bc:9c:
fd:7c:71:fd:a8:61:80:28:84:c1:da:33:d9:50:3c:
f8:78:56:1c:92:87:dc:4e:da:4c:e0:9f:b7:86:0a:
c6:38:1a:38:96:66:32:b7:31:48:91:12:b8:e2:e4:
9d:a7:b6:a4:f1:bc:12:56:4d:05:32:e2:04:d9:11:
16:d8:ba:18:75:c0:a1:2d:da:61:e9:c0:6c:0e:e1:
c5:f4:fb:70:07:07:f9:00:66:e9:9c:58:0d:f2:fd:
cd:e3:99:53:f1:2d:42:10:a1:b7:99:73:38:34:fd:
c3:72:64:2f:95:39:7a:a4:39:ac:14:31:a2:52:0d:
01:e1:5d:d3:c9:6a:ec:6a:fc:a3:8d:20:92:f1:86:
ee:37:11:39:25:dd:2f:ab:b1:37:ae:31:ee:b2:fc:
92:7b:f8:a5:56:5e:5a:dc:1a:0f:ac:f6:b6:2a:4a:
13:1a:df:0b:53:98:f5:45:7e:f4:7a:bf:2a:7e:af:
56:8b:b1:66:9e:b5:e0:b2:7c:4b:42:dc:db:1d:de:
d9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:7F:0B:AF:8F:C5:FB:21:E4:B6:50:CF:D1:D6:7E:C1:8A:05:63:1A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/J38Lr4_F-yHktlDP0dZ-wYoFYxo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:5e:9b:2e:2a:69:ce:4b:ec:85:ff:43:f1:90:93:da:77:ed:
41:ce:fb:0a:b3:20:33:ef:a9:b7:67:c0:e7:0e:20:80:51:9b:
78:3a:45:a0:25:3f:0c:69:e1:f9:ed:45:e4:cf:a8:a5:aa:8d:
07:42:ca:e3:27:2f:04:e1:a7:3e:25:82:f1:b2:b9:66:51:ef:
8b:ad:48:f2:53:4e:c5:7c:b5:b4:10:e8:c3:ab:f0:1d:18:3d:
b0:02:1c:ad:b3:d6:74:45:94:05:6a:44:d8:49:c5:2b:74:4c:
93:11:67:2e:2f:57:a0:7f:69:cc:a5:a7:53:80:59:c7:54:14:
fc:72:21:12:98:05:69:67:29:c0:60:6f:19:f7:6f:ee:b0:12:
7f:00:d2:8a:40:ba:d5:3a:0a:df:44:28:ed:24:a3:12:3a:26:
1d:a2:89:b1:5c:d3:b4:c6:c8:a5:96:c4:83:e7:fd:01:ed:b3:
99:eb:4b:72:42:62:b7:43:f0:14:c9:b0:c6:41:ee:f4:6f:0d:
03:24:be:f7:b9:95:0c:0d:34:35:0e:e4:d9:e6:78:31:7d:8e:
92:a0:55:ae:a9:d9:17:1a:82:11:67:ad:17:6f:61:59:ba:4f:
72:2b:b6:82:78:e0:e5:56:51:75:87:3c:93:a6:17:da:c5:bf:
fe:15:d0:d8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAdgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
MzA4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI3N0YwQkFGOEZDNUZC
MjFFNEI2NTBDRkQxRDY3RUMxOEEwNTYzMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC66Th7LI6SsCjFnb/DPOA6lHGQTWdzXAgdCfqOz0OZst/fTaAx
W5WHQ/UfklZZqxvsPCB1eOdFYc68nP18cf2oYYAohMHaM9lQPPh4VhySh9xO2kzg
n7eGCsY4GjiWZjK3MUiRErji5J2ntqTxvBJWTQUy4gTZERbYuhh1wKEt2mHpwGwO
4cX0+3AHB/kAZumcWA3y/c3jmVPxLUIQobeZczg0/cNyZC+VOXqkOawUMaJSDQHh
XdPJauxq/KONIJLxhu43ETkl3S+rsTeuMe6y/JJ7+KVWXlrcGg+s9rYqShMa3wtT
mPVFfvR6vyp+r1aLsWaeteCyfEtC3Nsd3tkhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJ38Lr4/F+yHktlDP0dZ+wYoFYxowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KMzhMcjRfRi15SGt0bERQ
MGRaLXdZb0ZZeG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ5emy4qac5L7IX/Q/GQk9p37UHO+wqzIDPv
qbdnwOcOIIBRm3g6RaAlPwxp4fntReTPqKWqjQdCyuMnLwThpz4lgvGyuWZR74ut
SPJTTsV8tbQQ6MOr8B0YPbACHK2z1nRFlAVqRNhJxSt0TJMRZy4vV6B/acylp1OA
WcdUFPxyIRKYBWlnKcBgbxn3b+6wEn8A0opAutU6Ct9EKO0koxI6Jh2iibFc07TG
yKWWxIPn/QHts5nrS3JCYrdD8BTJsMZB7vRvDQMkvve5lQwNNDUO5NnmeDF9jpKg
Va6p2RcaghFnrRdvYVm6T3IrtoJ44OVWUXWHPJOmF9rFv/4V0Ng=
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:17 2025 by rpki-client