Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CQGGkpyMExGkbZUH59sjDVw1dQ4.roa
File: CQGGkpyMExGkbZUH59sjDVw1dQ4.roa (raw, json)
Hash identifier: IZLYGmbNBzIlVB9FAy00d1OEGI8MGFKgYx7ZWkZ1gfI=
Subject key identifier: 09:01:86:92:9C:8C:13:11:A4:6D:95:07:E7:DB:23:0D:5C:35:75:0E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D84
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CQGGkpyMExGkbZUH59sjDVw1dQ4.roa
Signing time: Sun 25 May 2025 02:38:35 +0000
ROA not before: Sun 25 May 2025 02:38:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3460 (0xd84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 02:38:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=090186929C8C1311A46D9507E7DB230D5C35750E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:42:aa:96:65:06:b0:51:78:97:84:7f:97:
0b:fe:68:0d:3b:f8:63:1b:6a:cf:2f:68:a1:3c:98:
d0:86:4f:70:e2:57:cc:63:bb:a5:2e:f4:1a:91:f0:
a3:4e:c0:72:06:41:b0:0d:8a:fd:d5:9a:b1:f6:45:
67:81:1d:53:74:9f:ec:82:80:1c:28:11:c3:6e:b8:
56:b1:ad:5c:ca:88:70:a6:6b:73:83:4a:be:e3:c4:
f5:ab:52:f1:f7:5c:24:ef:6b:73:c4:bf:a8:9e:9b:
37:33:67:58:88:0a:3a:5b:42:60:7b:30:9d:7f:a2:
55:4a:e3:0a:d7:b2:ea:42:53:ba:d0:d3:71:b2:c8:
96:d6:77:c2:9b:30:9c:61:5c:35:8a:52:ce:46:4e:
1a:03:87:98:d4:e3:4c:01:e1:40:c1:db:36:c0:07:
fd:92:2b:15:08:ce:84:8a:0c:e1:d0:4e:6d:fd:7c:
cd:bc:7c:ce:0b:af:49:86:22:15:c8:e0:3e:bf:36:
86:f0:43:de:89:20:b6:58:4d:93:df:3d:86:e4:19:
41:d3:44:81:1a:ec:0d:e5:3b:82:e7:86:69:6a:a1:
27:c1:0f:a9:e4:7e:46:60:39:f2:9e:e3:36:c9:00:
45:61:05:d9:82:f2:e1:27:30:14:13:a1:c6:56:d7:
52:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:01:86:92:9C:8C:13:11:A4:6D:95:07:E7:DB:23:0D:5C:35:75:0E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CQGGkpyMExGkbZUH59sjDVw1dQ4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:79:3f:10:79:93:8e:ff:c4:3e:7a:04:b7:3c:98:55:62:c4:
9c:11:df:07:12:81:06:9a:a4:30:0c:7a:40:6e:39:b3:42:58:
94:26:1d:0f:76:03:77:62:63:f8:a5:34:15:44:00:57:1d:7b:
82:0e:43:47:19:a0:83:8c:40:62:27:d8:32:f4:6d:fc:d8:0a:
a6:ba:ad:f5:09:e0:95:67:b3:d7:79:5c:6d:c2:1d:33:5b:80:
06:a4:e3:9a:6a:e3:05:1c:04:eb:64:75:08:61:9b:6d:eb:1d:
fa:98:e0:a5:c9:a8:c2:5e:9c:47:08:30:2f:c8:2e:28:41:ae:
31:ba:46:21:cb:06:eb:83:d6:a6:86:e8:8a:8f:68:80:e1:06:
b6:22:ad:e1:b2:e5:f3:12:35:2e:c8:66:10:24:99:b9:e2:18:
b8:90:32:d0:2d:72:73:f0:67:71:d9:82:3e:2a:ef:ed:bb:1a:
a3:8d:83:a8:a8:37:bf:dc:3c:b3:98:4f:1c:29:e9:48:0f:68:
89:20:ed:fd:24:69:d6:4c:25:67:94:fd:e8:58:12:14:c0:c6:
fb:f7:92:2c:a5:96:cf:cc:d7:27:1e:58:c0:64:9d:16:f6:b7:
73:3d:4f:cd:ef:f5:c0:6d:51:0c:93:6d:33:26:7c:dd:a2:78:
cc:96:4c:c6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDYQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
MjM4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA5MDE4NjkyOUM4QzEz
MTFBNDZEOTUwN0U3REIyMzBENUMzNTc1MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/4kKqlmUGsFF4l4R/lwv+aA07+GMbas8vaKE8mNCGT3DiV8xj
u6Uu9BqR8KNOwHIGQbANiv3VmrH2RWeBHVN0n+yCgBwoEcNuuFaxrVzKiHCma3OD
Sr7jxPWrUvH3XCTva3PEv6iemzczZ1iICjpbQmB7MJ1/olVK4wrXsupCU7rQ03Gy
yJbWd8KbMJxhXDWKUs5GThoDh5jU40wB4UDB2zbAB/2SKxUIzoSKDOHQTm39fM28
fM4Lr0mGIhXI4D6/NobwQ96JILZYTZPfPYbkGUHTRIEa7A3lO4LnhmlqoSfBD6nk
fkZgOfKe4zbJAEVhBdmC8uEnMBQTocZW11I5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCQGGkpyMExGkbZUH59sjDVw1dQ4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DUUdHa3B5TUV4R2tiWlVI
NTlzakRWdzFkUTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABx5PxB5k47/xD56BLc8mFVixJwR3wcSgQaa
pDAMekBuObNCWJQmHQ92A3diY/ilNBVEAFcde4IOQ0cZoIOMQGIn2DL0bfzYCqa6
rfUJ4JVns9d5XG3CHTNbgAak45pq4wUcBOtkdQhhm23rHfqY4KXJqMJenEcIMC/I
LihBrjG6RiHLBuuD1qaG6IqPaIDhBrYireGy5fMSNS7IZhAkmbniGLiQMtAtcnPw
Z3HZgj4q7+27GqONg6ioN7/cPLOYTxwp6UgPaIkg7f0kadZMJWeU/ehYEhTAxvv3
kiylls/M1yceWMBknRb2t3M9T83v9cBtUQyTbTMmfN2ieMyWTMY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:56:57 2025 by rpki-client