Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KWJoBTGcRJOaTdB7XjiVMDN9fu0.roa
File: KWJoBTGcRJOaTdB7XjiVMDN9fu0.roa (raw, json)
Hash identifier: QpjKjshjTYsNYk/VNTUMOMz0y7Flh2iiA++FoahGKG0=
Subject key identifier: 29:62:68:05:31:9C:44:93:9A:4D:D0:7B:5E:38:95:30:33:7D:7E:ED
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2090
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KWJoBTGcRJOaTdB7XjiVMDN9fu0.roa
Signing time: Thu 19 Jun 2025 20:44:49 +0000
ROA not before: Thu 19 Jun 2025 20:44:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8336 (0x2090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 20:44:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=29626805319C44939A4DD07B5E389530337D7EED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:af:1a:67:c4:f0:8f:25:ad:ca:64:83:91:b8:
33:32:2c:a8:f0:44:51:7f:2f:7c:d2:b9:50:66:37:
db:3e:a6:ce:6f:8d:86:67:36:89:13:ba:eb:13:15:
86:1d:03:2c:13:1e:da:78:10:b3:66:6f:d9:c6:7c:
6f:ba:31:73:2c:31:a4:d4:e6:f1:8e:26:f0:ac:75:
5e:55:92:af:44:8a:24:9e:b8:33:ee:58:e5:22:0b:
6a:ff:15:f9:35:a3:a3:91:7b:5a:be:60:b5:3c:89:
74:0b:f5:58:3d:93:46:5f:00:ff:30:29:86:10:e2:
12:fa:ce:3d:93:16:0b:b1:f7:09:a8:73:fe:b0:5d:
30:50:3a:a4:d5:04:6f:1f:83:12:ff:bf:64:3b:82:
6e:2f:8c:d1:ce:e0:d1:7d:39:d6:26:92:60:23:d3:
b1:36:d9:9a:dc:af:c5:35:3a:1f:44:84:f3:67:bf:
32:51:cd:d2:f4:ad:42:b4:e8:07:20:ba:50:ec:9b:
0c:28:cd:3a:4b:2a:e6:c4:04:1a:d0:f2:d8:d7:4e:
24:22:05:3d:2b:9a:12:93:a3:9a:61:54:84:14:c2:
11:05:b4:d7:5b:3a:ec:8b:18:be:d7:5e:07:35:d0:
67:eb:20:3f:97:72:33:67:93:70:8b:6c:99:64:ed:
93:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:62:68:05:31:9C:44:93:9A:4D:D0:7B:5E:38:95:30:33:7D:7E:ED
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KWJoBTGcRJOaTdB7XjiVMDN9fu0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:7d:86:1e:4d:0e:5e:5e:57:8f:64:ed:7a:31:d3:a0:f6:42:
bc:10:47:e3:21:73:41:64:c6:48:b3:23:46:83:ca:0c:b4:6c:
12:c6:e7:4a:35:97:03:48:eb:99:62:5a:98:98:2a:62:f8:b0:
6a:91:eb:df:05:8d:fc:73:e2:84:3a:ff:3d:f7:3c:d6:48:bb:
42:40:95:21:ab:71:85:5c:1d:4c:df:fd:cc:d6:f4:42:52:99:
a3:c6:5d:23:69:ee:9c:56:5e:f6:fe:fa:52:65:f8:1f:f1:88:
72:49:c2:8f:91:d6:fc:22:35:76:4d:25:99:de:b3:2a:42:da:
b8:b0:93:90:19:4c:86:8c:46:7f:dc:98:26:06:fc:50:6b:04:
a8:d9:e9:b5:d9:d2:d6:ed:ac:a9:d4:3d:8c:89:22:6c:54:96:
30:49:c1:01:40:89:7d:4d:51:ae:f1:34:f5:7c:f5:02:f2:81:
d1:86:8e:64:e5:d9:51:8b:47:a5:d3:fb:c3:b1:4f:bc:59:ca:
b8:8b:b7:46:f7:af:c7:28:68:71:0a:2c:8c:53:33:d8:9e:f3:
54:1f:c1:5c:09:d6:23:97:f7:6d:f0:22:50:6a:62:6d:78:74:
88:0c:5b:52:94:dc:38:cc:cb:3d:d0:24:da:d3:38:72:64:4d:
28:70:34:e5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTky
MDQ0NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI5NjI2ODA1MzE5QzQ0
OTM5QTRERDA3QjVFMzg5NTMwMzM3RDdFRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRrxpnxPCPJa3KZIORuDMyLKjwRFF/L3zSuVBmN9s+ps5vjYZn
NokTuusTFYYdAywTHtp4ELNmb9nGfG+6MXMsMaTU5vGOJvCsdV5Vkq9EiiSeuDPu
WOUiC2r/Ffk1o6ORe1q+YLU8iXQL9Vg9k0ZfAP8wKYYQ4hL6zj2TFgux9wmoc/6w
XTBQOqTVBG8fgxL/v2Q7gm4vjNHO4NF9OdYmkmAj07E22Zrcr8U1Oh9EhPNnvzJR
zdL0rUK06AcgulDsmwwozTpLKubEBBrQ8tjXTiQiBT0rmhKTo5phVIQUwhEFtNdb
OuyLGL7XXgc10GfrID+XcjNnk3CLbJlk7ZPRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKWJoBTGcRJOaTdB7XjiVMDN9fu0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LV0pvQlRHY1JKT2FUZEI3
WGppVk1ETjlmdTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACp9hh5NDl5eV49k7Xox06D2QrwQR+Mhc0Fk
xkizI0aDygy0bBLG50o1lwNI65liWpiYKmL4sGqR698Fjfxz4oQ6/z33PNZIu0JA
lSGrcYVcHUzf/czW9EJSmaPGXSNp7pxWXvb++lJl+B/xiHJJwo+R1vwiNXZNJZne
sypC2riwk5AZTIaMRn/cmCYG/FBrBKjZ6bXZ0tbtrKnUPYyJImxUljBJwQFAiX1N
Ua7xNPV89QLygdGGjmTl2VGLR6XT+8OxT7xZyriLt0b3r8coaHEKLIxTM9ie81Qf
wVwJ1iOX923wIlBqYm14dIgMW1KU3DjMyz3QJNrTOHJkTShwNOU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:54:02 2025 by rpki-client