Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/96xSkLdoNhWXd9aOsefqNiRucHs.roa
File: 96xSkLdoNhWXd9aOsefqNiRucHs.roa (raw, json)
Hash identifier: rQJPTKXlWwQ+rKlno+RvnEeRzn7jJLkGs5K2xqXyUBE=
Subject key identifier: F7:AC:52:90:B7:68:36:15:97:77:D6:8E:B1:E7:EA:36:24:6E:70:7B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D54
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/96xSkLdoNhWXd9aOsefqNiRucHs.roa
Signing time: Sat 24 May 2025 20:38:49 +0000
ROA not before: Sat 24 May 2025 20:38:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3412 (0xd54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 20:38:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F7AC5290B76836159777D68EB1E7EA36246E707B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6a:f7:8b:7e:a9:06:07:5f:14:7b:40:49:9c:
77:26:dc:b1:71:84:2e:45:46:54:6f:26:ab:d8:e6:
48:fc:fe:6c:2b:1e:48:54:ab:70:f2:89:15:e9:6c:
95:b0:8e:04:bb:44:22:79:4e:68:06:42:c0:e2:0b:
da:6b:b5:2b:05:2c:50:dd:f1:61:76:78:d4:c5:63:
91:42:7d:cf:7c:80:e2:83:74:e0:5b:77:d7:11:72:
85:fd:22:de:92:6d:e1:bb:da:ea:ea:5c:52:16:ff:
06:62:34:e4:cb:25:4d:f3:5d:3f:14:ab:35:4e:98:
29:08:c0:75:fa:df:f5:44:db:e3:96:e8:0a:27:e5:
fe:4e:c1:f9:0e:01:f0:66:c7:7c:5a:07:0c:19:19:
0f:75:1a:41:e6:27:e1:17:64:03:6f:8a:38:8f:38:
7a:ca:dd:bb:c4:a5:df:44:96:cd:a6:29:83:f4:c7:
b7:b4:fc:df:62:34:70:22:e5:aa:e1:75:63:38:0d:
9f:75:f2:59:78:04:1c:83:39:ef:70:43:35:4a:be:
9c:a2:a2:45:13:75:69:23:35:d2:88:f3:93:46:d9:
05:58:05:73:46:1c:13:bc:2f:42:21:d4:c2:19:87:
4d:07:e3:07:cf:17:d4:82:32:50:c8:42:52:d6:32:
db:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:AC:52:90:B7:68:36:15:97:77:D6:8E:B1:E7:EA:36:24:6E:70:7B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/96xSkLdoNhWXd9aOsefqNiRucHs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:71:6b:21:7f:18:0b:6a:28:c1:a4:cb:85:57:03:ba:e8:65:
61:fc:63:25:5d:1e:11:a4:f6:7f:ef:c8:0c:f2:b5:f3:2c:c7:
20:bb:89:f6:e4:3b:37:af:5c:6c:a8:3d:e1:33:a7:86:4e:35:
3c:4f:60:58:4b:d6:6c:99:62:15:b1:da:11:71:1a:ce:1b:d7:
86:da:00:7a:80:03:47:c5:b9:d7:45:72:6d:a3:5a:55:35:f5:
e3:4b:e6:8d:6f:bf:ad:f2:bf:59:a0:bf:9a:f9:16:9b:9c:74:
51:9c:e7:0a:e7:3c:04:35:01:48:a7:3c:fe:9f:e8:4a:7a:33:
41:37:fd:e0:da:a6:98:cd:8b:34:84:f5:51:90:7c:a6:fa:b1:
f0:83:9c:60:6e:23:d3:f4:23:64:59:70:b4:cd:56:2f:4f:07:
fc:75:b8:b4:7c:79:28:59:59:49:d0:31:b4:a4:7f:2a:0d:64:
7a:f7:14:18:a1:a9:1b:9c:03:00:d5:a7:4a:90:7b:a5:93:4e:
ff:a4:a8:bb:d1:4e:ea:dd:08:35:95:bc:ae:3e:f8:62:f5:36:
4e:cd:87:d0:4d:21:d4:f2:d3:5f:80:a5:40:fe:96:6d:46:53:
4a:37:da:97:71:a6:c8:b9:ba:93:0f:a9:b8:c2:53:0a:dc:89:
bf:15:79:44
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDVQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQy
MDM4NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY3QUM1MjkwQjc2ODM2
MTU5Nzc3RDY4RUIxRTdFQTM2MjQ2RTcwN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMaveLfqkGB18Ue0BJnHcm3LFxhC5FRlRvJqvY5kj8/mwrHkhU
q3DyiRXpbJWwjgS7RCJ5TmgGQsDiC9prtSsFLFDd8WF2eNTFY5FCfc98gOKDdOBb
d9cRcoX9It6SbeG72urqXFIW/wZiNOTLJU3zXT8UqzVOmCkIwHX63/VE2+OW6Aon
5f5OwfkOAfBmx3xaBwwZGQ91GkHmJ+EXZANvijiPOHrK3bvEpd9Els2mKYP0x7e0
/N9iNHAi5arhdWM4DZ918ll4BByDOe9wQzVKvpyiokUTdWkjNdKI85NG2QVYBXNG
HBO8L0Ih1MIZh00H4wfPF9SCMlDIQlLWMtshAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU96xSkLdoNhWXd9aOsefqNiRucHswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85NnhTa0xkb05oV1hkOWFP
c2VmcU5pUnVjSHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFBxayF/GAtqKMGky4VXA7roZWH8YyVdHhGk
9n/vyAzytfMsxyC7ifbkOzevXGyoPeEzp4ZONTxPYFhL1myZYhWx2hFxGs4b14ba
AHqAA0fFuddFcm2jWlU19eNL5o1vv63yv1mgv5r5FpucdFGc5wrnPAQ1AUinPP6f
6Ep6M0E3/eDappjNizSE9VGQfKb6sfCDnGBuI9P0I2RZcLTNVi9PB/x1uLR8eShZ
WUnQMbSkfyoNZHr3FBihqRucAwDVp0qQe6WTTv+kqLvRTurdCDWVvK4++GL1Nk7N
h9BNIdTy01+ApUD+lm1GU0o32pdxpsi5upMPqbjCUwrcib8VeUQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:32:11 2025 by rpki-client