Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mhYVuWUqTrM4mKJRGB3vh3KrTEA.roa
File: mhYVuWUqTrM4mKJRGB3vh3KrTEA.roa (raw, json)
Hash identifier: i3zTJc4Sbqk87lfN/JIiBK5YAauxqiYuiWV/MFYif9w=
Subject key identifier: 9A:16:15:B9:65:2A:4E:B3:38:98:A2:51:18:1D:EF:87:72:AB:4C:40
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0324
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mhYVuWUqTrM4mKJRGB3vh3KrTEA.roa
Signing time: Sun 11 May 2025 06:37:50 +0000
ROA not before: Sun 11 May 2025 06:37:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 804 (0x324)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 06:37:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9A1615B9652A4EB33898A251181DEF8772AB4C40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3f:3a:3e:00:71:54:96:fd:8e:23:08:ea:9a:
11:38:c5:7f:53:fe:85:2a:14:28:4b:92:d5:39:fa:
6b:e7:d8:98:cf:7e:8b:e3:c2:c6:7d:a2:60:b9:77:
2a:9d:92:89:b4:16:63:ec:42:94:18:c6:cf:9e:36:
28:d7:e1:28:de:66:fa:9e:84:3d:de:f8:e3:c8:d8:
77:93:d1:f8:e5:40:02:14:b7:38:f8:7c:c1:ba:01:
7d:76:57:57:a8:39:a2:a9:9a:6f:d1:d2:e8:ce:c6:
9a:52:8b:8c:ea:64:32:2b:f0:cd:85:7b:8d:00:b0:
a4:da:ea:99:30:9b:1d:d6:58:46:88:8b:cc:56:49:
f5:9a:7e:fb:eb:4c:fc:89:c7:77:6a:10:fb:45:07:
03:54:0e:de:86:7f:e2:32:c2:4b:cb:64:da:7b:2e:
35:28:98:d7:1f:fd:e7:8d:52:6f:5b:be:d9:34:4e:
d9:88:15:9b:f9:ea:e8:0d:63:2f:ba:35:08:b7:30:
b8:3d:cf:0f:31:85:c4:68:d2:ec:85:80:99:a9:78:
73:2b:4c:9b:fe:62:3b:24:af:49:6e:e8:71:3c:27:
85:ac:bb:e4:9f:85:35:8e:a7:3f:3e:4a:ff:67:1b:
cc:f4:18:53:5c:bb:10:73:54:c6:86:6f:3e:17:1c:
37:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:16:15:B9:65:2A:4E:B3:38:98:A2:51:18:1D:EF:87:72:AB:4C:40
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mhYVuWUqTrM4mKJRGB3vh3KrTEA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:d6:20:24:8b:3b:a7:5a:c5:52:45:8e:43:df:3e:f2:6c:08:
be:f1:19:5b:5e:c1:39:bf:5b:65:42:5c:0c:1c:0b:22:75:66:
4c:df:6a:05:84:a2:ad:96:f5:62:75:a0:a0:17:45:cb:bc:29:
45:33:47:68:85:ac:fc:ae:fb:62:78:f5:64:75:ce:b1:62:fb:
a5:32:80:57:92:3d:55:73:89:13:ac:3a:97:3f:7a:94:1f:5a:
26:7c:33:52:9d:f3:48:6e:b1:69:b0:c3:80:0b:5e:5e:bf:f4:
77:15:b8:1d:33:45:99:f9:58:33:c7:da:f8:59:9b:07:09:f4:
59:01:77:3d:bf:e6:a8:31:92:8b:4c:83:2c:e7:4b:d6:ca:83:
71:b1:22:45:62:07:1b:71:4b:d7:84:02:ca:d5:17:db:e8:57:
3e:ec:3f:13:a4:25:26:7c:b2:d5:24:06:84:51:08:a9:0d:f8:
a5:52:db:f2:1c:cf:b6:36:0a:70:6e:36:67:19:69:7e:5b:bf:
2d:df:09:42:b8:a4:58:47:06:58:91:c9:e9:b8:09:d2:55:9a:
e0:9a:18:82:e0:d6:62:50:28:41:44:7b:ea:46:3e:85:bc:64:
fb:7b:e2:18:4c:95:e4:13:ab:0b:46:70:4e:55:72:95:b0:98:
21:b4:9b:0b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAyQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
NjM3NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlBMTYxNUI5NjUyQTRF
QjMzODk4QTI1MTE4MURFRjg3NzJBQjRDNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJPzo+AHFUlv2OIwjqmhE4xX9T/oUqFChLktU5+mvn2JjPfovj
wsZ9omC5dyqdkom0FmPsQpQYxs+eNijX4SjeZvqehD3e+OPI2HeT0fjlQAIUtzj4
fMG6AX12V1eoOaKpmm/R0ujOxppSi4zqZDIr8M2Fe40AsKTa6pkwmx3WWEaIi8xW
SfWafvvrTPyJx3dqEPtFBwNUDt6Gf+IywkvLZNp7LjUomNcf/eeNUm9bvtk0TtmI
FZv56ugNYy+6NQi3MLg9zw8xhcRo0uyFgJmpeHMrTJv+Yjskr0lu6HE8J4Wsu+Sf
hTWOpz8+Sv9nG8z0GFNcuxBzVMaGbz4XHDf7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmhYVuWUqTrM4mKJRGB3vh3KrTEAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9taFlWdVdVcVRyTTRtS0pS
R0IzdmgzS3JURUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAA7WICSLO6daxVJFjkPfPvJsCL7xGVtewTm/
W2VCXAwcCyJ1ZkzfagWEoq2W9WJ1oKAXRcu8KUUzR2iFrPyu+2J49WR1zrFi+6Uy
gFeSPVVziROsOpc/epQfWiZ8M1Kd80husWmww4ALXl6/9HcVuB0zRZn5WDPH2vhZ
mwcJ9FkBdz2/5qgxkotMgyznS9bKg3GxIkViBxtxS9eEAsrVF9voVz7sPxOkJSZ8
stUkBoRRCKkN+KVS2/Icz7Y2CnBuNmcZaX5bvy3fCUK4pFhHBliRyem4CdJVmuCa
GILg1mJQKEFEe+pGPoW8ZPt74hhMleQTqwtGcE5VcpWwmCG0mws=
-----END CERTIFICATE-----
Generated at Sat May 17 19:50:12 2025 by rpki-client