Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9wbdeOUx_xvOGGipt07SMaL83b8.roa
File: 9wbdeOUx_xvOGGipt07SMaL83b8.roa (raw, json)
Hash identifier: hJa1YS9S806M8PnIzBxiTktTR/OnykeCtPgrnRS34M0=
Subject key identifier: F7:06:DD:78:E5:31:FF:1B:CE:18:68:A9:B7:4E:D2:31:A2:FC:DD:BF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01C4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9wbdeOUx_xvOGGipt07SMaL83b8.roa
Signing time: Fri 09 May 2025 10:38:13 +0000
ROA not before: Fri 09 May 2025 10:38:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452 (0x1c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 10:38:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F706DD78E531FF1BCE1868A9B74ED231A2FCDDBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:99:b6:a7:3a:96:27:8d:dd:1e:fc:da:4a:57:
52:d6:e9:4d:b2:9e:85:f5:47:6d:e7:3c:88:46:41:
69:64:42:cf:9e:ec:24:e7:dd:02:dd:d8:a6:eb:7e:
db:1e:bd:5e:76:72:43:0c:45:bf:8a:31:47:67:3d:
b7:38:3b:f9:03:48:98:f9:28:ba:15:07:6b:2b:c9:
c7:11:14:10:52:63:fe:f6:13:ff:a6:3a:5d:7f:f6:
df:68:e9:88:4d:45:b6:ab:45:bf:ff:77:96:46:82:
b0:76:10:20:a5:89:0d:f8:9d:0b:a1:73:d1:41:7c:
68:66:23:d8:25:81:44:19:4a:c6:d5:61:5e:92:41:
21:af:59:ce:69:1f:0b:3f:21:b3:6c:71:0e:0d:f4:
28:6b:e8:60:e9:bf:88:b0:a2:76:19:05:9d:1c:be:
18:b5:cc:94:d0:12:d4:50:3e:3a:eb:a4:ab:72:2d:
34:91:b8:ea:f6:67:5d:2c:82:9c:5d:48:2c:3a:39:
1b:39:52:b4:01:33:1a:b0:e1:78:59:61:c4:93:f5:
8f:16:5d:f0:7a:92:7a:97:4e:64:a2:d5:ce:13:98:
ed:28:73:c5:4e:35:04:62:98:cf:e0:3f:0d:e4:a2:
04:d3:dd:e6:95:c9:80:ce:ac:a5:31:cc:6b:c0:77:
36:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:06:DD:78:E5:31:FF:1B:CE:18:68:A9:B7:4E:D2:31:A2:FC:DD:BF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9wbdeOUx_xvOGGipt07SMaL83b8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:95:d7:e0:25:f9:ac:9a:12:94:13:9c:f9:0a:5a:75:57:36:
46:f2:72:27:5e:21:bb:89:09:68:df:ec:81:70:bf:95:7c:80:
dd:4c:48:56:ac:2c:41:77:dd:5f:1c:5f:97:37:61:a5:b5:7e:
67:6d:48:6d:be:45:ef:a5:ff:5a:4a:9d:8c:af:b1:54:eb:60:
26:29:21:f6:d1:db:3d:af:0f:b3:45:b3:12:83:12:7d:00:a3:
91:90:13:cc:6e:14:87:c3:33:89:d3:03:e2:14:0a:be:0f:63:
1e:ea:d0:ef:44:87:1f:af:e4:b0:ee:54:3f:ca:4f:bf:74:db:
99:5e:1c:e4:65:a5:8e:3f:39:0e:39:fc:06:c8:a4:06:64:94:
64:73:e3:61:ce:05:4c:48:80:5a:e9:53:0a:ff:58:67:47:00:
ce:a3:15:89:3b:06:fd:bd:b5:ee:cf:56:8f:f4:f6:3f:7c:62:
93:20:26:cf:bb:8d:c2:af:f9:81:1e:2c:85:a8:31:e8:4a:33:
59:9e:52:26:e9:ce:07:1c:68:7e:71:e2:b1:d7:e7:df:f1:d0:
a0:02:67:3d:1c:4e:6c:7f:21:41:a8:7a:bd:e0:eb:f7:18:03:
5f:45:8e:fd:c9:99:25:bb:aa:97:22:69:44:f3:d5:da:b3:e1:
d0:23:b8:0f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAcQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
MDM4MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY3MDZERDc4RTUzMUZG
MUJDRTE4NjhBOUI3NEVEMjMxQTJGQ0REQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDmbanOpYnjd0e/NpKV1LW6U2ynoX1R23nPIhGQWlkQs+e7CTn
3QLd2KbrftsevV52ckMMRb+KMUdnPbc4O/kDSJj5KLoVB2sryccRFBBSY/72E/+m
Ol1/9t9o6YhNRbarRb//d5ZGgrB2ECCliQ34nQuhc9FBfGhmI9glgUQZSsbVYV6S
QSGvWc5pHws/IbNscQ4N9Chr6GDpv4iwonYZBZ0cvhi1zJTQEtRQPjrrpKtyLTSR
uOr2Z10sgpxdSCw6ORs5UrQBMxqw4XhZYcST9Y8WXfB6knqXTmSi1c4TmO0oc8VO
NQRimM/gPw3kogTT3eaVyYDOrKUxzGvAdzZZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9wbdeOUx/xvOGGipt07SMaL83b8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85d2JkZU9VeF94dk9HR2lw
dDA3U01hTDgzYjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAqV1+Al+ayaEpQTnPkKWnVXNkbycideIbuJ
CWjf7IFwv5V8gN1MSFasLEF33V8cX5c3YaW1fmdtSG2+Re+l/1pKnYyvsVTrYCYp
IfbR2z2vD7NFsxKDEn0Ao5GQE8xuFIfDM4nTA+IUCr4PYx7q0O9Ehx+v5LDuVD/K
T79025leHORlpY4/OQ45/AbIpAZklGRz42HOBUxIgFrpUwr/WGdHAM6jFYk7Bv29
te7PVo/09j98YpMgJs+7jcKv+YEeLIWoMehKM1meUibpzgccaH5x4rHX59/x0KAC
Zz0cTmx/IUGoer3g6/cYA19Fjv3JmSW7qpciaUTz1dqz4dAjuA8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:56:40 2025 by rpki-client