Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LM01m9cdqURYvdA81OjkfzoxKrY.roa
File: LM01m9cdqURYvdA81OjkfzoxKrY.roa (raw, json)
Hash identifier: n9ol5Y5EhBJblnt9oZ/S4kXKo4BOC9hOmXAWNB44AvA=
Subject key identifier: 2C:CD:35:9B:D7:1D:A9:44:58:BD:D0:3C:D4:E8:E4:7F:3A:31:2A:B6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1994
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LM01m9cdqURYvdA81OjkfzoxKrY.roa
Signing time: Tue 10 Jun 2025 04:39:43 +0000
ROA not before: Tue 10 Jun 2025 04:39:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6548 (0x1994)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 04:39:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2CCD359BD71DA94458BDD03CD4E8E47F3A312AB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b7:0e:ed:b2:27:13:df:13:b2:55:41:4a:03:
0c:52:ff:52:11:99:19:f1:3a:8b:ce:04:93:c3:88:
d8:a2:49:1a:b3:3f:8e:7a:a4:be:67:aa:57:5d:de:
07:92:fb:77:81:47:41:90:db:da:02:05:7b:37:20:
73:44:ad:25:33:4d:72:c0:25:52:e6:94:f3:23:47:
09:8f:d8:7f:18:73:19:80:b4:02:b3:63:7d:fd:1f:
05:c2:7a:68:be:5e:5f:eb:17:f0:e8:ee:c3:37:c9:
70:59:cc:e4:38:23:64:45:d0:76:e6:1a:a8:ea:42:
c2:c1:4d:c6:56:06:3e:a5:8e:24:ea:d8:bb:a3:6b:
c9:c3:07:47:a8:29:5e:db:03:8a:a5:ad:dc:4f:78:
bd:89:a7:da:0f:93:27:a8:e3:43:81:0f:ec:85:9d:
ba:83:54:37:c6:f3:24:fd:f7:20:72:1b:b6:d3:8f:
a3:29:cc:b3:96:0f:e8:e5:f2:50:10:a9:76:74:6e:
ab:15:fc:dc:c1:a3:a7:b4:87:76:22:db:1f:25:77:
75:77:cf:e1:78:dd:95:66:17:a1:7c:0a:ca:76:a6:
5a:5d:36:76:f0:3d:3e:ab:1b:9c:f1:9a:f5:b6:93:
ac:af:fe:f0:e4:1e:81:7b:49:9b:32:f9:ff:ff:74:
91:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:CD:35:9B:D7:1D:A9:44:58:BD:D0:3C:D4:E8:E4:7F:3A:31:2A:B6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LM01m9cdqURYvdA81OjkfzoxKrY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:e9:ec:58:35:e5:f8:a4:b1:73:92:6d:79:f0:c5:9c:ff:75:
12:cd:e7:4b:77:54:4a:20:77:95:38:1f:9f:49:53:8c:11:d4:
dd:df:5c:cb:5c:16:1d:06:49:48:ca:1d:2b:2d:15:52:93:f4:
df:1a:2e:a7:f4:71:a7:8c:29:e6:48:ab:f1:a7:6d:5b:49:fc:
e8:f5:df:74:9e:23:a4:62:9f:15:8b:26:89:65:59:53:73:b9:
45:a4:02:f5:ad:76:a4:d3:f4:84:90:28:68:8a:b4:d5:ac:53:
93:9a:20:d2:ab:aa:0d:eb:57:ad:7d:07:37:76:b9:af:ef:b0:
91:28:0e:bf:bb:5d:07:96:4a:bb:ef:ef:2d:bd:b5:26:a9:43:
38:29:79:49:9d:6f:27:48:c7:83:82:d5:ff:d2:61:74:1c:46:
f4:c4:27:fa:2e:89:1c:a4:18:94:53:0f:d3:d2:c5:be:97:23:
1c:a5:39:23:5b:5d:d8:ff:1d:56:ae:f3:ef:d0:9c:7f:67:36:
47:a8:7b:b2:bd:a5:af:7f:47:96:10:3a:ab:c7:c2:1b:34:48:
29:b3:cc:8f:0e:89:52:50:7b:e5:e8:07:ac:e5:cc:c7:fa:d0:
46:65:98:d6:3d:d9:44:58:ce:b1:bd:75:d4:c6:8b:08:be:4d:
da:82:e4:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGZQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAw
NDM5NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJDQ0QzNTlCRDcxREE5
NDQ1OEJERDAzQ0Q0RThFNDdGM0EzMTJBQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvtw7tsicT3xOyVUFKAwxS/1IRmRnxOovOBJPDiNiiSRqzP456
pL5nqldd3geS+3eBR0GQ29oCBXs3IHNErSUzTXLAJVLmlPMjRwmP2H8YcxmAtAKz
Y339HwXCemi+Xl/rF/Do7sM3yXBZzOQ4I2RF0HbmGqjqQsLBTcZWBj6ljiTq2Luj
a8nDB0eoKV7bA4qlrdxPeL2Jp9oPkyeo40OBD+yFnbqDVDfG8yT99yByG7bTj6Mp
zLOWD+jl8lAQqXZ0bqsV/NzBo6e0h3Yi2x8ld3V3z+F43ZVmF6F8Csp2plpdNnbw
PT6rG5zxmvW2k6yv/vDkHoF7SZsy+f//dJGlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULM01m9cdqURYvdA81OjkfzoxKrYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MTTAxbTljZHFVUll2ZEE4
MU9qa2Z6b3hLclkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAH3p7Fg15fiksXOSbXnwxZz/dRLN50t3VEog
d5U4H59JU4wR1N3fXMtcFh0GSUjKHSstFVKT9N8aLqf0caeMKeZIq/GnbVtJ/Oj1
33SeI6RinxWLJollWVNzuUWkAvWtdqTT9ISQKGiKtNWsU5OaINKrqg3rV619Bzd2
ua/vsJEoDr+7XQeWSrvv7y29tSapQzgpeUmdbydIx4OC1f/SYXQcRvTEJ/ouiRyk
GJRTD9PSxb6XIxylOSNbXdj/HVau8+/QnH9nNkeoe7K9pa9/R5YQOqvHwhs0SCmz
zI8OiVJQe+XoB6zlzMf60EZlmNY92URYzrG9ddTGiwi+TdqC5Dg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:06:27 2025 by rpki-client