Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/m4cOtCBIoyI5aJza_Y3sOqrHYgc.roa
File: m4cOtCBIoyI5aJza_Y3sOqrHYgc.roa (raw, json)
Hash identifier: kJ1jp4fvncnFPizi6FYec5W6nBW6NiAev6HNfe7APBo=
Subject key identifier: 9B:87:0E:B4:20:48:A3:22:39:68:9C:DA:FD:8D:EC:3A:AA:C7:62:07
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0534
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/m4cOtCBIoyI5aJza_Y3sOqrHYgc.roa
Signing time: Wed 14 May 2025 00:37:58 +0000
ROA not before: Wed 14 May 2025 00:37:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1332 (0x534)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 00:37:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9B870EB42048A32239689CDAFD8DEC3AAAC76207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:90:84:81:eb:06:0d:c0:c3:ff:21:22:73:
08:1c:68:21:3b:12:0b:af:44:26:6a:0a:df:ea:3b:
1b:38:09:d1:4e:f0:22:89:29:f5:11:e7:b4:8e:e9:
93:b1:a6:0c:ce:89:1d:4a:43:54:dd:2f:a0:e5:78:
54:73:2a:9a:38:02:9d:0e:10:e5:5f:90:89:f6:4c:
c6:8c:e2:d7:cc:0f:9f:0c:d6:86:1b:6f:2c:ac:cf:
a5:bd:db:83:a7:f2:8c:e5:59:1c:76:db:be:ef:ae:
25:e1:b6:40:94:2f:ef:f3:73:b6:47:40:56:ba:f9:
87:9c:50:bd:c4:fd:d5:2c:6f:63:78:b7:44:3a:b9:
30:3a:51:c8:1a:9e:ce:e6:b0:d9:12:6b:ae:f3:89:
82:ee:fb:40:28:23:80:d8:60:ab:87:ac:ea:22:09:
3a:ef:9a:88:12:a5:84:df:bb:eb:62:0f:c9:79:0f:
3b:52:17:68:d7:7d:c1:3a:b7:b4:a2:a0:8e:61:2e:
ce:ab:a6:71:f0:a7:d8:69:e4:f7:6f:76:77:b1:ec:
e2:ea:03:6e:93:d4:e6:4d:0e:a0:ef:90:0b:97:b9:
bb:21:1c:f1:59:cf:a9:4d:6d:f7:d0:86:fd:d3:4a:
10:9d:20:73:4d:e7:cc:ae:bf:52:e8:ae:6a:ec:4c:
70:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:87:0E:B4:20:48:A3:22:39:68:9C:DA:FD:8D:EC:3A:AA:C7:62:07
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/m4cOtCBIoyI5aJza_Y3sOqrHYgc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:d7:c7:9c:17:68:d8:e2:f0:c0:db:f2:51:52:65:c9:f7:3c:
2e:b1:02:a2:01:82:ca:8e:ab:a1:5e:10:02:8c:6f:48:7d:d5:
82:25:36:01:46:12:39:61:39:1c:e1:fa:f9:9a:c9:17:c2:9a:
59:c6:ee:e7:b4:3f:30:fc:bb:c0:1c:c8:e5:15:f2:f4:bd:f4:
a4:83:b8:6a:12:d2:ee:e7:70:52:4a:ee:5c:e3:92:02:50:12:
c5:17:c7:f2:78:3e:f9:2f:d4:ac:e0:05:07:38:2f:a1:d5:19:
34:c4:c3:b4:b4:09:1c:69:aa:2a:58:d6:92:f0:b1:61:04:66:
8e:a1:fd:67:6b:b8:3b:83:87:fe:20:26:d8:dd:77:e3:88:b4:
db:44:68:d0:e8:bc:9f:46:43:b8:3e:0c:bc:10:22:03:dc:07:
9c:54:8e:fa:05:bf:5b:37:ea:9f:38:98:c1:44:d5:fa:78:08:
3e:5c:17:91:a9:d0:8a:f3:d8:d9:da:16:a2:d3:a7:09:d3:2f:
65:45:81:a2:e9:7c:e2:4d:05:f8:13:5b:9e:1e:e2:ee:a3:5c:
4d:9d:01:d0:dc:7b:bd:29:9c:1a:b1:04:82:97:f3:06:1a:bd:
29:af:44:3d:4a:e6:26:e7:b6:01:7c:66:1d:27:f3:b7:fa:d3:
25:74:bf:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBTQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MDM3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlCODcwRUI0MjA0OEEz
MjIzOTY4OUNEQUZEOERFQzNBQUFDNzYyMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC65JCEgesGDcDD/yEicwgcaCE7EguvRCZqCt/qOxs4CdFO8CKJ
KfUR57SO6ZOxpgzOiR1KQ1TdL6DleFRzKpo4Ap0OEOVfkIn2TMaM4tfMD58M1oYb
byysz6W924On8ozlWRx2277vriXhtkCUL+/zc7ZHQFa6+YecUL3E/dUsb2N4t0Q6
uTA6Ucgans7msNkSa67ziYLu+0AoI4DYYKuHrOoiCTrvmogSpYTfu+tiD8l5DztS
F2jXfcE6t7SioI5hLs6rpnHwp9hp5Pdvdnex7OLqA26T1OZNDqDvkAuXubshHPFZ
z6lNbffQhv3TShCdIHNN58yuv1LormrsTHBzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUm4cOtCBIoyI5aJza/Y3sOqrHYgcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tNGNPdENCSW95STVhSnph
X1kzc09xckhZZ2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFbXx5wXaNji8MDb8lFSZcn3PC6xAqIBgsqO
q6FeEAKMb0h91YIlNgFGEjlhORzh+vmayRfCmlnG7ue0PzD8u8AcyOUV8vS99KSD
uGoS0u7ncFJK7lzjkgJQEsUXx/J4Pvkv1KzgBQc4L6HVGTTEw7S0CRxpqipY1pLw
sWEEZo6h/WdruDuDh/4gJtjdd+OItNtEaNDovJ9GQ7g+DLwQIgPcB5xUjvoFv1s3
6p84mMFE1fp4CD5cF5Gp0Irz2NnaFqLTpwnTL2VFgaLpfOJNBfgTW54e4u6jXE2d
AdDce70pnBqxBIKX8wYavSmvRD1K5ibntgF8Zh0n87f60yV0vzA=
-----END CERTIFICATE-----
Generated at Sun May 18 20:42:55 2025 by rpki-client