Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lSQmMd8YludJMElGUTQiKmqJ3gA.roa
File: lSQmMd8YludJMElGUTQiKmqJ3gA.roa (raw, json)
Hash identifier: Sh4MOFOiiy8bDUduyWvQ4lchDi0Bz27lzZRNP3Pe0Dc=
Subject key identifier: 95:24:26:31:DF:18:96:E7:49:30:49:46:51:34:22:2A:6A:89:DE:00
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 140C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lSQmMd8YludJMElGUTQiKmqJ3gA.roa
Signing time: Mon 02 Jun 2025 19:39:13 +0000
ROA not before: Mon 02 Jun 2025 19:39:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5132 (0x140c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 19:39:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=95242631DF1896E7493049465134222A6A89DE00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5b:f8:d0:be:a1:f5:34:6b:82:94:09:e7:e2:
ae:7a:04:84:01:d5:ff:d4:11:af:76:4e:c0:57:68:
d4:20:74:cb:55:f6:5d:70:d8:af:df:f3:38:b4:9d:
1d:02:64:3a:f8:aa:f0:75:d3:05:f2:30:c2:b6:3d:
a1:cb:f2:b1:ae:2e:21:43:e2:87:51:4f:26:98:7b:
95:16:5e:0a:a1:e1:07:cc:6d:2c:84:53:9b:8e:37:
cf:65:18:8a:c1:b5:df:97:f7:a1:f4:7c:fe:a2:14:
be:9e:07:83:26:0e:0a:4f:00:eb:39:39:2f:c4:89:
1b:3a:87:5d:aa:12:06:77:dd:fe:85:cf:53:ef:42:
ec:28:aa:2f:c1:cb:8b:9e:e2:cf:f0:d1:49:5d:18:
30:20:e8:3e:93:25:85:b8:e8:c5:4d:ab:5b:18:f3:
0e:9a:49:3e:07:3d:9a:a6:eb:56:79:7e:81:81:3a:
f1:bc:f0:30:c4:07:aa:c5:b2:2c:91:00:57:b9:e6:
73:3d:26:19:44:d2:04:e5:f6:d9:10:93:00:af:1d:
d9:27:93:fa:26:01:93:a7:92:9d:08:f6:54:60:2a:
aa:6b:41:99:1f:ea:bc:53:de:e5:35:f0:05:2b:ac:
f7:67:21:1c:4f:79:36:cb:a2:71:c9:95:46:60:2e:
27:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:24:26:31:DF:18:96:E7:49:30:49:46:51:34:22:2A:6A:89:DE:00
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lSQmMd8YludJMElGUTQiKmqJ3gA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:43:69:63:07:47:53:b5:98:77:93:2b:e6:e1:2b:ce:53:43:
65:8b:c1:a8:9b:d7:4e:d3:92:38:df:22:4d:9d:b7:34:f4:88:
ca:2b:23:2f:23:f6:f8:db:04:85:cb:a4:4a:34:af:19:c9:87:
1d:77:31:a3:66:50:5f:23:19:d2:8a:24:6d:eb:27:95:95:2e:
df:ce:9c:b3:c8:37:88:63:c2:92:19:a8:e2:e9:bb:85:2c:01:
4d:af:b2:de:87:4a:e7:b0:9c:8e:ff:24:a1:cb:66:da:ae:46:
55:0f:d6:e6:f6:b3:ee:6c:87:87:0e:b1:81:40:1b:93:9a:50:
b6:ac:8f:94:21:05:a8:40:2d:3b:cb:3a:2e:6b:b8:ff:6c:0f:
da:66:fd:fa:2c:e9:25:73:98:c4:39:b7:4d:2a:2b:f4:45:5e:
f3:f2:e2:a0:80:1b:2b:89:34:83:56:6b:4f:98:3f:6d:fb:a9:
2c:32:c0:b7:ff:82:41:75:8f:a2:39:0b:c1:94:e9:61:42:8e:
e3:6a:3a:be:96:89:55:22:f9:0e:f2:0b:94:df:97:ec:83:d7:
15:1e:b9:d7:f0:a0:58:27:f4:16:c8:84:24:5f:2a:e7:70:1d:
c9:67:4f:a4:70:35:23:be:21:e8:a6:2d:e6:4f:df:2d:f7:89:
aa:d6:1a:e0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
OTM5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1MjQyNjMxREYxODk2
RTc0OTMwNDk0NjUxMzQyMjJBNkE4OURFMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyW/jQvqH1NGuClAnn4q56BIQB1f/UEa92TsBXaNQgdMtV9l1w
2K/f8zi0nR0CZDr4qvB10wXyMMK2PaHL8rGuLiFD4odRTyaYe5UWXgqh4QfMbSyE
U5uON89lGIrBtd+X96H0fP6iFL6eB4MmDgpPAOs5OS/EiRs6h12qEgZ33f6Fz1Pv
Quwoqi/By4ue4s/w0UldGDAg6D6TJYW46MVNq1sY8w6aST4HPZqm61Z5foGBOvG8
8DDEB6rFsiyRAFe55nM9JhlE0gTl9tkQkwCvHdknk/omAZOnkp0I9lRgKqprQZkf
6rxT3uU18AUrrPdnIRxPeTbLonHJlUZgLieNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlSQmMd8YludJMElGUTQiKmqJ3gAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sU1FtTWQ4WWx1ZEpNRWxH
VVRRaUttcUozZ0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAtDaWMHR1O1mHeTK+bhK85TQ2WLwaib107T
kjjfIk2dtzT0iMorIy8j9vjbBIXLpEo0rxnJhx13MaNmUF8jGdKKJG3rJ5WVLt/O
nLPIN4hjwpIZqOLpu4UsAU2vst6HSuewnI7/JKHLZtquRlUP1ub2s+5sh4cOsYFA
G5OaULasj5QhBahALTvLOi5ruP9sD9pm/fos6SVzmMQ5t00qK/RFXvPy4qCAGyuJ
NINWa0+YP237qSwywLf/gkF1j6I5C8GU6WFCjuNqOr6WiVUi+Q7yC5Tfl+yD1xUe
udfwoFgn9BbIhCRfKudwHclnT6RwNSO+IeimLeZP3y33iarWGuA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:11:50 2025 by rpki-client