Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-HuGyyvAZfYCQmzFV6lcDzDkcUg.roa
File: -HuGyyvAZfYCQmzFV6lcDzDkcUg.roa (raw, json)
Hash identifier: Ree//owtDnA8CdSCNVnJCXnaboZPt2uRwJyF/+5z0zg=
Subject key identifier: F8:7B:86:CB:2B:C0:65:F6:02:42:6C:C5:57:A9:5C:0F:30:E4:71:48
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06E8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-HuGyyvAZfYCQmzFV6lcDzDkcUg.roa
Signing time: Fri 16 May 2025 07:08:03 +0000
ROA not before: Fri 16 May 2025 07:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1768 (0x6e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 07:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F87B86CB2BC065F602426CC557A95C0F30E47148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:10:0d:0a:4d:74:2a:3e:55:9e:14:a6:ab:9b:
fb:a8:8d:41:b2:0d:be:81:a7:e9:00:c2:4e:6f:86:
e0:08:ad:92:c1:9e:1f:c1:55:45:1d:7d:4d:73:30:
24:3e:45:cc:c4:ec:63:41:e0:2c:a2:4f:25:72:e1:
f0:0d:5a:58:5b:45:ea:59:5c:8b:d9:53:37:1c:25:
34:a8:6d:26:a1:f6:d9:c8:4d:35:6e:5b:3c:8f:2c:
70:43:62:46:f8:37:a1:7f:0d:b5:54:40:35:54:cc:
dd:a3:5c:8c:f0:cc:5f:a3:ce:77:70:4a:24:52:3f:
f5:e6:d1:43:15:77:a4:ff:95:b6:8c:92:41:45:68:
1b:96:29:4d:d0:dc:54:71:93:67:90:fb:97:95:c9:
5d:71:bb:b0:25:03:ac:17:ca:7b:73:3c:7e:09:f9:
14:5d:b1:7e:14:08:a5:4a:b7:38:65:2e:18:87:a3:
87:d6:92:50:50:16:f8:ef:ef:1d:0d:22:c3:9c:5c:
8a:5c:11:50:2c:f3:20:4f:2f:0a:4f:a0:e0:8a:85:
0c:16:7d:a4:48:18:a8:4f:07:d0:72:91:48:56:76:
a9:64:37:e2:c8:9c:80:f6:e7:18:b4:10:fa:3e:48:
76:76:e6:41:51:d6:a9:83:05:a5:87:97:0e:e1:6f:
4d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7B:86:CB:2B:C0:65:F6:02:42:6C:C5:57:A9:5C:0F:30:E4:71:48
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-HuGyyvAZfYCQmzFV6lcDzDkcUg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:06:12:01:49:86:10:95:f0:a3:08:ee:ab:03:22:67:e6:8a:
fc:79:af:d5:66:fa:df:ee:1e:8d:e1:8e:ba:7f:0f:dd:0d:be:
22:10:a9:eb:9b:8b:5a:48:db:ef:34:1c:91:9b:70:af:32:2e:
24:38:be:4d:03:71:e1:5f:a4:ee:38:3b:5f:93:01:12:2d:cb:
d0:17:80:6a:81:9f:fd:4c:ff:12:63:f5:1b:28:74:6e:6f:0f:
bd:13:4f:68:22:50:45:f2:9a:36:ea:9a:09:0a:5c:fb:02:bd:
75:b1:c6:54:09:3d:6e:ac:de:63:ed:04:ab:2b:f6:8d:80:36:
bc:ae:88:e2:18:e6:c2:49:4d:98:57:da:54:72:d7:5e:93:7a:
cd:12:5d:d2:bf:96:ea:e7:9f:34:8a:7b:25:34:b8:29:c8:40:
f5:16:f2:9d:89:c6:f6:de:e7:38:60:b4:a5:4e:db:e4:c9:c8:
37:91:b7:81:96:82:ed:19:b2:0c:99:84:0d:ae:b8:09:c9:25:
a4:90:36:ca:83:00:8b:a4:75:6b:29:b7:27:2f:49:78:a8:70:
c6:4b:1e:d4:57:9d:ef:0b:a6:7d:7a:8f:66:7c:79:6f:de:34:
9d:d3:ad:d5:d2:0d:4f:24:ec:85:37:7e:30:f6:dc:9a:73:86:
3b:bf:29:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBugwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
NzA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY4N0I4NkNCMkJDMDY1
RjYwMjQyNkNDNTU3QTk1QzBGMzBFNDcxNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWEA0KTXQqPlWeFKarm/uojUGyDb6Bp+kAwk5vhuAIrZLBnh/B
VUUdfU1zMCQ+RczE7GNB4CyiTyVy4fANWlhbRepZXIvZUzccJTSobSah9tnITTVu
WzyPLHBDYkb4N6F/DbVUQDVUzN2jXIzwzF+jzndwSiRSP/Xm0UMVd6T/lbaMkkFF
aBuWKU3Q3FRxk2eQ+5eVyV1xu7AlA6wXyntzPH4J+RRdsX4UCKVKtzhlLhiHo4fW
klBQFvjv7x0NIsOcXIpcEVAs8yBPLwpPoOCKhQwWfaRIGKhPB9BykUhWdqlkN+LI
nID25xi0EPo+SHZ25kFR1qmDBaWHlw7hb02HAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+HuGyyvAZfYCQmzFV6lcDzDkcUgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tSHVHeXl2QVpmWUNRbXpG
VjZsY0R6RGtjVWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACMGEgFJhhCV8KMI7qsDImfmivx5r9Vm+t/u
Ho3hjrp/D90NviIQqeubi1pI2+80HJGbcK8yLiQ4vk0DceFfpO44O1+TARIty9AX
gGqBn/1M/xJj9RsodG5vD70TT2giUEXymjbqmgkKXPsCvXWxxlQJPW6s3mPtBKsr
9o2ANryuiOIY5sJJTZhX2lRy116Tes0SXdK/lurnnzSKeyU0uCnIQPUW8p2Jxvbe
5zhgtKVO2+TJyDeRt4GWgu0ZsgyZhA2uuAnJJaSQNsqDAIukdWsptycvSXiocMZL
HtRXne8Lpn16j2Z8eW/eNJ3TrdXSDU8k7IU3fjD23Jpzhju/KdU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:37:41 2025 by rpki-client