Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jConMCWJYqR_-KwhbYv8eojWrKw.roa
File: jConMCWJYqR_-KwhbYv8eojWrKw.roa (raw, json)
Hash identifier: uTm8bO3C7iHvtgmEHn+8x5Dc6YKiByXB3iJljAyBYvk=
Subject key identifier: 8C:2A:27:30:25:89:62:A4:7F:F8:AC:21:6D:8B:FC:7A:88:D6:AC:AC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0A14
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jConMCWJYqR_-KwhbYv8eojWrKw.roa
Signing time: Tue 20 May 2025 12:38:23 +0000
ROA not before: Tue 20 May 2025 12:38:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2580 (0xa14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 12:38:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8C2A2730258962A47FF8AC216D8BFC7A88D6ACAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:4a:fa:c0:74:9d:0c:5e:a1:87:b6:8e:f1:8b:
92:a6:c2:fb:b2:52:55:43:8d:5c:e4:65:c1:41:40:
76:6d:e9:e7:61:bf:7e:86:cc:7e:e6:92:75:04:f6:
ae:16:51:81:b8:93:3d:50:aa:a4:55:52:c4:88:64:
aa:72:10:cc:d5:2b:63:44:64:9b:f6:a0:7c:b6:8d:
00:ee:6d:08:a1:79:98:5b:eb:91:a9:76:3b:23:e0:
1d:e1:85:20:9f:c0:4a:93:a0:9b:85:ef:b8:bc:60:
db:86:c9:c1:2f:3a:8f:40:6b:77:83:9a:a5:a8:e9:
52:7c:2c:8a:6e:8e:3e:a9:f6:a2:72:25:3f:7e:52:
8b:e1:b6:6a:da:2e:a6:a9:3a:47:fe:09:25:df:c5:
91:5b:36:5c:50:23:b6:a3:1d:56:bd:d7:04:fe:de:
47:18:e5:96:fe:c2:d5:be:4d:7e:e6:0b:e3:b2:db:
1b:01:a5:bd:70:07:44:4d:75:7c:82:eb:83:5c:94:
da:b0:5e:d1:a2:47:6e:2d:84:58:c5:c5:cc:9a:d2:
a0:4d:12:79:b6:cc:01:fb:6c:95:ca:8d:8b:ac:07:
47:04:7d:af:1d:47:9d:98:eb:67:c1:d2:6f:62:33:
7f:f8:6d:c3:bb:48:0e:1a:e8:8e:c1:f1:72:b0:85:
b4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2A:27:30:25:89:62:A4:7F:F8:AC:21:6D:8B:FC:7A:88:D6:AC:AC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jConMCWJYqR_-KwhbYv8eojWrKw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:12:b6:c8:b0:6b:28:f9:c7:79:7b:be:ad:57:3d:ed:42:50:
32:7b:d2:50:b0:24:53:4d:23:33:0d:8c:cf:85:f0:90:b3:b9:
1b:40:bc:c4:88:86:31:e4:ab:05:99:87:20:6b:48:d0:70:c0:
00:dc:ff:a4:56:80:fc:4b:50:56:16:66:28:71:2b:97:57:75:
76:48:1a:92:1d:a2:07:03:41:2f:69:32:97:bc:40:f8:4c:fc:
6d:05:43:16:26:cf:34:93:e4:f6:fe:a9:cd:77:73:52:bd:02:
3e:81:d4:78:39:44:94:a4:3c:6e:bf:41:2f:2a:10:0a:86:87:
14:ca:7c:af:f9:01:27:76:aa:f1:54:1d:71:59:56:ea:21:0c:
80:76:88:fe:cb:a6:8a:34:f5:3e:4e:57:09:0b:f7:eb:ec:0e:
7e:c3:cf:01:39:e6:99:d4:78:6a:b4:58:c5:fc:3a:25:a4:66:
61:62:d8:46:5d:b1:dd:79:a4:22:c8:f9:ff:54:93:3d:c6:dc:
0f:07:34:bd:25:96:b4:63:b2:11:99:8b:3b:bd:5d:07:a1:b0:
b3:fa:ee:de:bd:15:3c:69:eb:56:32:df:0c:9b:fc:0f:22:34:
a1:f5:5e:88:6d:45:78:e0:e0:fc:15:fa:27:60:07:20:0b:4e:
64:d5:41:9d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICChQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAx
MjM4MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhDMkEyNzMwMjU4OTYy
QTQ3RkY4QUMyMTZEOEJGQzdBODhENkFDQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGSvrAdJ0MXqGHto7xi5KmwvuyUlVDjVzkZcFBQHZt6edhv36G
zH7mknUE9q4WUYG4kz1QqqRVUsSIZKpyEMzVK2NEZJv2oHy2jQDubQiheZhb65Gp
djsj4B3hhSCfwEqToJuF77i8YNuGycEvOo9Aa3eDmqWo6VJ8LIpujj6p9qJyJT9+
UovhtmraLqapOkf+CSXfxZFbNlxQI7ajHVa91wT+3kcY5Zb+wtW+TX7mC+Oy2xsB
pb1wB0RNdXyC64NclNqwXtGiR24thFjFxcya0qBNEnm2zAH7bJXKjYusB0cEfa8d
R52Y62fB0m9iM3/4bcO7SA4a6I7B8XKwhbTrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjConMCWJYqR/+KwhbYv8eojWrKwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qQ29uTUNXSllxUl8tS3do
Yll2OGVvaldyS3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKoStsiwayj5x3l7vq1XPe1CUDJ70lCwJFNN
IzMNjM+F8JCzuRtAvMSIhjHkqwWZhyBrSNBwwADc/6RWgPxLUFYWZihxK5dXdXZI
GpIdogcDQS9pMpe8QPhM/G0FQxYmzzST5Pb+qc13c1K9Aj6B1Hg5RJSkPG6/QS8q
EAqGhxTKfK/5ASd2qvFUHXFZVuohDIB2iP7Lpoo09T5OVwkL9+vsDn7DzwE55pnU
eGq0WMX8OiWkZmFi2EZdsd15pCLI+f9Ukz3G3A8HNL0llrRjshGZizu9XQehsLP6
7t69FTxp61Yy3wyb/A8iNKH1XohtRXjg4PwV+idgByALTmTVQZ0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 07:52:34 2025 by rpki-client