Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/urSM-IHkKOTBOEEDIh46dVHnEVI.roa
File: urSM-IHkKOTBOEEDIh46dVHnEVI.roa (raw, json)
Hash identifier: Rjy3jG5wtiaspsm1zGtwR64LQmC7gMgk3JK5xByIdSQ=
Subject key identifier: BA:B4:8C:F8:81:E4:28:E4:C1:38:41:03:22:1E:3A:75:51:E7:11:52
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 190C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/urSM-IHkKOTBOEEDIh46dVHnEVI.roa
Signing time: Mon 09 Jun 2025 11:39:38 +0000
ROA not before: Mon 09 Jun 2025 11:39:38 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6412 (0x190c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 11:39:38 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BAB48CF881E428E4C1384103221E3A7551E71152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:38:42:5b:23:94:b5:33:01:ec:2a:0f:53:85:
e6:ea:9d:53:40:a7:f4:f5:56:fa:fe:7d:83:8f:9b:
79:e4:ed:dc:8d:bd:fe:9a:5a:98:24:1b:82:f5:b7:
02:3b:36:15:92:1d:c7:bd:bc:1f:be:c5:94:83:fe:
aa:67:0e:0e:a9:b9:54:4f:76:58:68:fa:f0:14:86:
db:65:26:6b:4f:d0:4c:ef:a2:51:64:a7:ef:20:69:
ac:6b:a0:e3:aa:10:2e:4f:1e:26:5c:33:f7:9b:1f:
13:fb:ba:d9:e6:0b:31:89:e8:d6:ae:61:79:4f:67:
b0:99:6b:a1:d1:26:c4:12:02:b8:32:bf:d6:75:41:
71:09:b8:07:76:09:e2:1a:8c:c8:d4:48:3c:2e:8a:
41:e7:34:a1:fa:a5:ca:31:3e:0c:82:97:46:e3:2f:
e6:2b:e5:97:a0:2b:ea:66:cb:53:0f:de:3a:eb:03:
dd:30:7b:ce:12:e6:c4:8d:b2:82:24:b8:ed:e5:6d:
85:84:00:26:9a:26:a2:67:d2:fe:d2:7e:2c:fa:28:
74:23:31:f1:b8:5a:f8:d2:39:eb:8c:b2:51:2b:b0:
1d:db:4c:88:ca:de:b9:21:fc:c0:aa:fc:28:a5:5d:
2b:4f:9b:d7:63:1d:bc:f3:eb:8e:bd:4d:2f:95:47:
b5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B4:8C:F8:81:E4:28:E4:C1:38:41:03:22:1E:3A:75:51:E7:11:52
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/urSM-IHkKOTBOEEDIh46dVHnEVI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:af:4f:eb:92:7b:fa:40:c0:ab:e0:1c:29:fe:a6:d1:8f:2e:
27:ac:8e:74:9f:de:6a:e5:86:55:3b:9d:1e:f4:b9:0a:5b:a8:
e9:93:05:dd:1c:c2:51:e3:e9:75:c3:a8:08:0a:eb:c0:12:a2:
32:c3:16:3c:25:0e:da:15:f4:e0:70:67:53:1b:f0:30:19:15:
58:54:c8:6b:58:d7:08:73:24:85:11:8c:0d:a4:48:d1:90:f4:
39:12:0c:ee:74:98:6a:a2:54:3b:76:53:ff:1d:01:69:7d:bf:
ef:dd:41:51:e7:b5:94:f6:7b:e5:ce:4f:94:e0:88:cf:f5:5c:
db:db:db:e7:a0:a8:9e:b0:c7:aa:d5:2d:11:60:8f:82:98:aa:
b3:b2:36:0c:20:8e:b4:15:e9:97:c8:3e:bc:96:44:f6:69:32:
e5:c2:16:72:cc:24:f6:aa:a9:08:b1:2c:7c:3b:9a:c3:de:70:
e8:a3:d6:00:c8:0d:dc:43:18:02:53:28:b9:7b:16:01:ec:f3:
b8:44:9e:a5:8f:3f:e1:2d:f0:92:ec:0a:33:53:53:bc:0c:31:
7e:f3:11:28:29:5f:da:16:82:fd:04:78:d8:34:3d:12:78:2e:
a0:89:39:aa:89:dd:9a:d3:17:eb:80:f3:49:79:73:c4:fa:a1:
b3:c6:4c:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGQwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkx
MTM5MzhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJBQjQ4Q0Y4ODFFNDI4
RTRDMTM4NDEwMzIyMUUzQTc1NTFFNzExNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmOEJbI5S1MwHsKg9ThebqnVNAp/T1Vvr+fYOPm3nk7dyNvf6a
WpgkG4L1twI7NhWSHce9vB++xZSD/qpnDg6puVRPdlho+vAUhttlJmtP0EzvolFk
p+8gaaxroOOqEC5PHiZcM/ebHxP7utnmCzGJ6NauYXlPZ7CZa6HRJsQSArgyv9Z1
QXEJuAd2CeIajMjUSDwuikHnNKH6pcoxPgyCl0bjL+Yr5ZegK+pmy1MP3jrrA90w
e84S5sSNsoIkuO3lbYWEACaaJqJn0v7Sfiz6KHQjMfG4WvjSOeuMslErsB3bTIjK
3rkh/MCq/CilXStPm9djHbzz6469TS+VR7VRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUurSM+IHkKOTBOEEDIh46dVHnEVIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91clNNLUlIa0tPVEJPRUVE
SWg0NmRWSG5FVkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAB2vT+uSe/pAwKvgHCn+ptGPLiesjnSf3mrl
hlU7nR70uQpbqOmTBd0cwlHj6XXDqAgK68ASojLDFjwlDtoV9OBwZ1Mb8DAZFVhU
yGtY1whzJIURjA2kSNGQ9DkSDO50mGqiVDt2U/8dAWl9v+/dQVHntZT2e+XOT5Tg
iM/1XNvb2+egqJ6wx6rVLRFgj4KYqrOyNgwgjrQV6ZfIPryWRPZpMuXCFnLMJPaq
qQixLHw7msPecOij1gDIDdxDGAJTKLl7FgHs87hEnqWPP+Et8JLsCjNTU7wMMX7z
ESgpX9oWgv0EeNg0PRJ4LqCJOaqJ3ZrTF+uA80l5c8T6obPGTB0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:15:03 2025 by rpki-client