Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/koJrUgdB5_RKLVU3qFQaHDnRlfk.roa
File: koJrUgdB5_RKLVU3qFQaHDnRlfk.roa (raw, json)
Hash identifier: aF3vuTxmcMS2U6LTLY73vcvxe1Q0Pl5MypsHlK7fkCc=
Subject key identifier: 92:82:6B:52:07:41:E7:F4:4A:2D:55:37:A8:54:1A:1C:39:D1:95:F9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14E0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/koJrUgdB5_RKLVU3qFQaHDnRlfk.roa
Signing time: Tue 03 Jun 2025 22:09:17 +0000
ROA not before: Tue 03 Jun 2025 22:09:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5344 (0x14e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 22:09:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=92826B520741E7F44A2D5537A8541A1C39D195F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b4:7b:8b:b0:73:12:ab:e5:8a:ca:8a:24:e1:
98:98:ae:86:0d:6e:05:b2:8e:58:24:bb:b0:9c:83:
28:0a:39:1e:db:65:ba:d2:14:b3:83:43:fd:be:7d:
44:f1:95:c6:bd:5c:e5:d2:61:ae:c3:64:12:22:05:
a0:37:33:40:06:3b:d3:45:9e:25:41:19:0b:63:a6:
6f:e9:6a:42:91:cf:0f:8d:35:63:01:a5:b3:02:84:
91:f8:75:24:fd:9b:92:64:b4:3e:fe:ed:1d:1f:bc:
ad:77:97:68:34:5d:ed:8a:c3:7f:a6:fd:84:99:3d:
ce:8f:13:ca:cc:54:0c:8d:01:42:99:56:eb:cf:23:
f5:ed:a2:e3:b7:8a:c7:5b:d3:55:f2:16:2a:17:24:
e0:41:b5:e6:44:c6:34:d4:16:03:d2:c5:b7:10:fa:
0d:24:60:11:5d:59:77:96:20:df:68:2e:a6:8f:6c:
11:d5:43:3d:90:bb:01:a4:fd:95:52:85:0a:95:39:
a6:1c:b3:83:ae:af:6f:1f:5b:d5:f1:70:c6:ce:80:
6e:1c:a7:2d:cb:c8:33:84:80:33:79:a4:26:40:ed:
97:a7:8a:9c:78:03:cf:54:42:b8:1c:94:64:17:1d:
27:f9:62:71:3b:a4:d4:f0:b9:2f:58:04:12:20:2a:
5e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:82:6B:52:07:41:E7:F4:4A:2D:55:37:A8:54:1A:1C:39:D1:95:F9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/koJrUgdB5_RKLVU3qFQaHDnRlfk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:f2:ba:a3:fe:30:f0:4a:06:26:71:8a:7a:07:f1:33:c8:48:
1b:0f:8a:ad:d5:78:b9:6d:2e:2c:ec:da:d5:ac:4e:55:ee:6f:
be:44:eb:e1:88:a7:e3:84:40:5d:9a:1d:af:0f:c7:ff:ab:d1:
37:d3:37:ba:87:92:99:4b:ac:f3:a6:a2:ec:fb:2f:cc:7f:bc:
45:4c:6a:4f:57:9d:d3:69:b6:ca:d7:dc:77:62:ff:b2:a0:39:
7d:a4:1c:cb:57:47:ce:69:d2:a5:59:44:78:ed:4b:a8:57:f1:
5a:88:9f:57:13:54:dd:32:aa:55:76:96:3d:19:df:20:aa:21:
52:2a:5b:a2:2a:32:53:83:93:8f:18:21:05:c3:3c:74:78:e0:
43:0f:75:69:d6:d7:0f:0c:eb:2b:63:f9:d2:1c:a1:52:fe:20:
3e:63:a7:78:a6:1e:0f:18:2d:e4:1e:17:08:fe:8a:ff:15:54:
25:4e:a6:1a:0f:ad:39:ca:6c:ea:f8:ed:1b:d6:8b:b2:26:14:
ce:f2:37:d8:2b:f4:78:bd:a5:4d:42:72:24:40:f2:71:be:6e:
b2:15:0a:aa:3e:19:c8:25:8c:56:09:1e:ce:17:07:ba:9a:72:
b3:f0:21:78:dd:74:28:5e:a2:70:44:c2:92:d8:ff:be:4e:77:
eb:ac:c2:59
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMy
MjA5MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkyODI2QjUyMDc0MUU3
RjQ0QTJENTUzN0E4NTQxQTFDMzlEMTk1RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXtHuLsHMSq+WKyook4ZiYroYNbgWyjlgku7CcgygKOR7bZbrS
FLODQ/2+fUTxlca9XOXSYa7DZBIiBaA3M0AGO9NFniVBGQtjpm/pakKRzw+NNWMB
pbMChJH4dST9m5JktD7+7R0fvK13l2g0Xe2Kw3+m/YSZPc6PE8rMVAyNAUKZVuvP
I/XtouO3isdb01XyFioXJOBBteZExjTUFgPSxbcQ+g0kYBFdWXeWIN9oLqaPbBHV
Qz2QuwGk/ZVShQqVOaYcs4Our28fW9XxcMbOgG4cpy3LyDOEgDN5pCZA7Zenipx4
A89UQrgclGQXHSf5YnE7pNTwuS9YBBIgKl5dAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkoJrUgdB5/RKLVU3qFQaHDnRlfkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rb0pyVWdkQjVfUktMVlUz
cUZRYUhEblJsZmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJ/yuqP+MPBKBiZxinoH8TPISBsPiq3VeLlt
Lizs2tWsTlXub75E6+GIp+OEQF2aHa8Px/+r0TfTN7qHkplLrPOmouz7L8x/vEVM
ak9XndNptsrX3Hdi/7KgOX2kHMtXR85p0qVZRHjtS6hX8VqIn1cTVN0yqlV2lj0Z
3yCqIVIqW6IqMlODk48YIQXDPHR44EMPdWnW1w8M6ytj+dIcoVL+ID5jp3imHg8Y
LeQeFwj+iv8VVCVOphoPrTnKbOr47RvWi7ImFM7yN9gr9Hi9pU1CciRA8nG+brIV
Cqo+GcgljFYJHs4XB7qacrPwIXjddCheonBEwpLY/75Od+uswlk=
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:40:34 2025 by rpki-client