Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KDLquyKwyKVua7CYjN5mWENGT8U.roa
File: KDLquyKwyKVua7CYjN5mWENGT8U.roa (raw, json)
Hash identifier: oVnIAMnXmdxvdzkxm8P26eFGXW4Bu++fE7EJSXFg0C0=
Subject key identifier: 28:32:EA:BB:22:B0:C8:A5:6E:6B:B0:98:8C:DE:66:58:43:46:4F:C5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03F8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KDLquyKwyKVua7CYjN5mWENGT8U.roa
Signing time: Mon 12 May 2025 09:08:04 +0000
ROA not before: Mon 12 May 2025 09:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1016 (0x3f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 09:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2832EABB22B0C8A56E6BB0988CDE665843464FC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:24:12:84:43:e5:cd:5a:bd:51:c7:6d:3b:09:
f6:5f:cf:82:18:7b:b6:21:19:e3:af:5f:88:b1:a4:
42:4e:46:ab:19:45:6a:d6:a6:33:eb:ad:d2:ff:c6:
1b:a8:62:fd:8f:38:36:2b:3d:52:06:f2:dc:bd:ef:
25:55:f4:5a:7a:48:89:2b:9c:b0:5e:bc:eb:c2:55:
3f:07:c7:15:e6:34:be:a7:c5:43:31:3f:9a:4b:f6:
2d:09:ac:2c:df:65:e7:71:46:89:ca:86:f4:49:2a:
0b:56:35:df:5b:24:78:83:1a:59:f1:20:dc:e3:0a:
94:44:d5:5a:6e:fd:41:35:f7:26:57:a8:70:b2:d9:
4d:ed:27:9e:2a:ce:14:12:bd:7e:80:76:64:21:5e:
3c:4d:24:e3:4b:02:10:09:0e:c7:01:ee:88:8f:87:
03:33:57:aa:9c:8a:ee:03:66:50:25:21:18:97:9a:
54:14:83:2e:6d:4e:91:cd:98:74:b1:87:ba:86:90:
3e:58:ac:fb:64:3a:5d:f6:7e:10:cb:9e:c5:f2:6a:
3e:62:0f:2b:54:6c:65:c9:20:2a:3f:7d:16:2c:d0:
80:19:95:21:11:1e:58:fc:be:22:88:06:40:98:07:
29:a1:09:69:47:fe:23:d5:6b:9c:c1:0c:ff:b5:20:
7a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:32:EA:BB:22:B0:C8:A5:6E:6B:B0:98:8C:DE:66:58:43:46:4F:C5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KDLquyKwyKVua7CYjN5mWENGT8U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:68:5f:1a:98:24:9e:9f:42:6d:65:e0:c7:dd:3a:38:cd:b4:
bf:29:d4:07:7a:1c:5a:f4:b9:af:12:c1:c1:de:ec:a4:ab:ea:
65:fc:63:39:cb:36:6b:fa:15:54:8d:63:1d:dd:39:4a:77:cf:
d1:88:ec:8e:42:4f:e8:9d:ce:34:d7:99:7d:fe:75:3e:ad:b6:
19:be:85:48:de:48:2e:c4:e9:4f:66:fd:f1:63:ce:be:10:14:
43:e7:67:b0:b1:30:aa:52:19:a0:d1:69:10:9b:56:3a:a8:d0:
b1:a8:1b:d5:09:58:c0:da:d8:e9:ae:8b:b0:f8:f3:5e:6b:8e:
10:21:fa:81:1e:81:a5:e1:56:8c:c2:70:bb:81:01:0c:6f:3c:
41:de:01:e0:bc:ef:f4:1c:ac:93:e0:87:5f:eb:26:88:e6:a1:
62:27:f7:0e:e9:fe:2c:ad:2e:9b:a2:a6:b0:2b:03:9c:bc:c9:
d5:24:e8:90:53:0e:2f:04:28:44:6a:7f:be:af:3d:78:e6:96:
77:4f:c1:27:5d:a0:2d:3b:98:74:7a:c9:64:04:43:d3:f5:f0:
a0:6c:71:f1:a6:f8:6b:6d:c5:1f:53:99:70:02:ad:bc:b5:11:
db:4c:d8:ba:eb:1a:7a:67:2e:b1:b1:ca:d6:0d:b1:0b:e4:f9:
56:7b:33:f0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA/gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
OTA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI4MzJFQUJCMjJCMEM4
QTU2RTZCQjA5ODhDREU2NjU4NDM0NjRGQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3JBKEQ+XNWr1Rx207CfZfz4IYe7YhGeOvX4ixpEJORqsZRWrW
pjPrrdL/xhuoYv2PODYrPVIG8ty97yVV9Fp6SIkrnLBevOvCVT8HxxXmNL6nxUMx
P5pL9i0JrCzfZedxRonKhvRJKgtWNd9bJHiDGlnxINzjCpRE1Vpu/UE19yZXqHCy
2U3tJ54qzhQSvX6AdmQhXjxNJONLAhAJDscB7oiPhwMzV6qciu4DZlAlIRiXmlQU
gy5tTpHNmHSxh7qGkD5YrPtkOl32fhDLnsXyaj5iDytUbGXJICo/fRYs0IAZlSER
Hlj8viKIBkCYBymhCWlH/iPVa5zBDP+1IHp5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKDLquyKwyKVua7CYjN5mWENGT8UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LRExxdXlLd3lLVnVhN0NZ
ak41bVdFTkdUOFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACpoXxqYJJ6fQm1l4MfdOjjNtL8p1Ad6HFr0
ua8SwcHe7KSr6mX8YznLNmv6FVSNYx3dOUp3z9GI7I5CT+idzjTXmX3+dT6tthm+
hUjeSC7E6U9m/fFjzr4QFEPnZ7CxMKpSGaDRaRCbVjqo0LGoG9UJWMDa2Omui7D4
815rjhAh+oEegaXhVozCcLuBAQxvPEHeAeC87/QcrJPgh1/rJojmoWIn9w7p/iyt
LpuiprArA5y8ydUk6JBTDi8EKERqf76vPXjmlndPwSddoC07mHR6yWQEQ9P18KBs
cfGm+GttxR9TmXACrby1EdtM2LrrGnpnLrGxytYNsQvk+VZ7M/A=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:21:16 2025 by rpki-client