Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JNF4OC3SceUe4oBI-NmEBmmXzR8.roa
File: JNF4OC3SceUe4oBI-NmEBmmXzR8.roa (raw, json)
Hash identifier: nAQg2gdFHGFYOzRnKoX9cZLngjNoJooUdN+0qlUErck=
Subject key identifier: 24:D1:78:38:2D:D2:71:E5:1E:E2:80:48:F8:D9:84:06:69:97:CD:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 168C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JNF4OC3SceUe4oBI-NmEBmmXzR8.roa
Signing time: Fri 06 Jun 2025 03:39:24 +0000
ROA not before: Fri 06 Jun 2025 03:39:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5772 (0x168c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 03:39:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=24D178382DD271E51EE28048F8D984066997CD1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3f:27:52:0e:3d:e2:32:ed:b8:41:ad:f4:b0:
83:80:fc:2a:83:8b:90:ff:7d:b1:38:ea:a8:a9:cc:
d1:24:92:1f:c9:cc:74:35:bc:1e:a0:34:b5:c1:1a:
f7:87:25:c1:c0:57:37:ce:25:8b:42:68:8e:65:f7:
e2:39:52:ab:a9:e1:72:ad:3c:4d:28:02:e8:2e:fb:
a5:01:4f:c7:ba:dc:ce:99:ff:31:87:ff:6d:ac:7b:
6a:e9:a3:01:17:be:44:89:57:e2:89:3e:51:9b:49:
26:30:b7:4e:1e:ce:e7:5b:e8:d0:32:ad:e4:62:b6:
70:2f:cd:70:f4:00:a4:09:8a:0e:62:d5:e3:99:f7:
9a:86:ca:5d:71:27:7c:9c:a2:d2:bc:36:f7:1d:0b:
60:d8:cd:6c:2c:a9:d7:e4:21:1c:d3:1f:83:41:76:
46:66:35:2d:4f:46:dd:5a:6e:d6:05:ea:b3:d1:9b:
c9:d3:9e:bb:fc:d3:db:80:c6:b8:b6:d8:f4:8e:67:
31:46:58:1a:2b:17:06:ba:d9:11:93:7c:c5:04:bd:
2e:d2:ba:50:9a:2f:58:c4:7a:bf:0d:35:ec:a9:f9:
66:5c:36:29:73:a2:f0:43:53:b3:2d:40:64:08:c4:
35:63:cd:0f:d6:da:67:16:90:6a:e4:25:67:c9:39:
19:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:D1:78:38:2D:D2:71:E5:1E:E2:80:48:F8:D9:84:06:69:97:CD:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JNF4OC3SceUe4oBI-NmEBmmXzR8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:50:77:5d:e1:7e:00:a8:73:da:e6:59:dc:8b:a8:5e:e7:1d:
ab:5c:3e:d1:62:c2:b3:54:b6:53:5c:b0:43:e8:1d:f0:01:ee:
aa:80:e0:3e:e2:bb:d8:e7:4c:91:0b:31:47:de:43:84:bf:c3:
e6:dd:cc:96:60:0e:20:23:74:b6:62:1b:e4:e8:7b:5d:19:30:
f9:eb:82:c5:75:61:b4:22:6a:6f:08:25:74:96:b6:65:a3:29:
1a:6d:17:b7:b8:0c:fe:21:ab:7a:f4:df:72:ed:71:59:52:7d:
8e:9b:7d:f9:e1:aa:29:ba:ae:98:46:13:b4:88:38:bc:0c:3c:
33:9c:34:09:c5:63:cc:5c:12:91:05:93:c1:19:97:20:14:79:
01:21:55:d9:05:16:2c:66:9f:21:3c:69:70:ad:78:cd:8d:7c:
e3:10:f7:c5:16:b7:b0:0c:bf:75:c9:77:30:a2:71:e0:26:70:
4c:a7:39:0d:c3:2c:93:92:7b:10:b8:1a:91:0d:85:1e:fe:0a:
94:06:de:c3:f2:b8:ae:e3:be:ca:4e:bf:fa:4e:c6:3d:15:9c:
4c:d6:e2:27:29:d7:86:ce:ed:cb:90:6b:12:8e:45:16:c2:fd:
02:7e:5b:33:5d:49:6e:85:81:15:0a:6a:f7:9f:b8:14:45:eb:
4a:54:3b:7e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
MzM5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI0RDE3ODM4MkREMjcx
RTUxRUUyODA0OEY4RDk4NDA2Njk5N0NEMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhPydSDj3iMu24Qa30sIOA/CqDi5D/fbE46qipzNEkkh/JzHQ1
vB6gNLXBGveHJcHAVzfOJYtCaI5l9+I5Uqup4XKtPE0oAugu+6UBT8e63M6Z/zGH
/22se2rpowEXvkSJV+KJPlGbSSYwt04ezudb6NAyreRitnAvzXD0AKQJig5i1eOZ
95qGyl1xJ3ycotK8NvcdC2DYzWwsqdfkIRzTH4NBdkZmNS1PRt1abtYF6rPRm8nT
nrv809uAxri22PSOZzFGWBorFwa62RGTfMUEvS7SulCaL1jEer8NNeyp+WZcNilz
ovBDU7MtQGQIxDVjzQ/W2mcWkGrkJWfJORlvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJNF4OC3SceUe4oBI+NmEBmmXzR8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KTkY0T0MzU2NlVWU0b0JJ
LU5tRUJtbVh6Ujgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACNQd13hfgCoc9rmWdyLqF7nHatcPtFiwrNU
tlNcsEPoHfAB7qqA4D7iu9jnTJELMUfeQ4S/w+bdzJZgDiAjdLZiG+Toe10ZMPnr
gsV1YbQiam8IJXSWtmWjKRptF7e4DP4hq3r033LtcVlSfY6bffnhqim6rphGE7SI
OLwMPDOcNAnFY8xcEpEFk8EZlyAUeQEhVdkFFixmnyE8aXCteM2NfOMQ98UWt7AM
v3XJdzCiceAmcEynOQ3DLJOSexC4GpENhR7+CpQG3sPyuK7jvspOv/pOxj0VnEzW
4icp14bO7cuQaxKORRbC/QJ+WzNdSW6FgRUKavefuBRF60pUO34=
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:39:58 2025 by rpki-client