Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aqxkM-9k4tQXoFeFXRq4KUrH3to.roa
File: aqxkM-9k4tQXoFeFXRq4KUrH3to.roa (raw, json)
Hash identifier: z2azd/FKRq6H/2agUtc7ErZv2xJOarz33BAced0h3aU=
Subject key identifier: 6A:AC:64:33:EF:64:E2:D4:17:A0:57:85:5D:1A:B8:29:4A:C7:DE:DA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F08
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aqxkM-9k4tQXoFeFXRq4KUrH3to.roa
Signing time: Tue 17 Jun 2025 11:10:16 +0000
ROA not before: Tue 17 Jun 2025 11:10:16 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7944 (0x1f08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 11:10:16 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6AAC6433EF64E2D417A057855D1AB8294AC7DEDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8e:70:a2:01:b9:a1:89:b0:ba:47:b8:25:cb:
4e:7d:02:3d:7e:20:d1:b6:ed:90:2f:bb:5c:90:29:
4f:96:0a:3d:fe:07:22:38:92:62:0e:e9:3d:65:d5:
0c:8b:7f:47:05:c8:bd:a0:98:81:c6:2a:7a:fc:65:
ca:4b:75:a5:75:06:31:2e:c0:b6:46:dd:c3:fb:a0:
9b:c5:2f:13:ac:07:d6:ea:36:69:b3:5d:0c:93:26:
13:7c:6a:ee:68:6b:7b:8e:c2:73:b5:05:16:07:5e:
25:71:7c:6f:fa:64:62:1b:64:2e:db:ff:46:a4:ff:
93:51:02:22:b7:ee:cd:9f:b1:6b:e8:4f:cb:c1:7b:
dd:2c:32:0f:0f:e9:6e:8d:af:8b:1c:06:23:8a:d3:
cf:89:59:dc:5b:f6:1b:bc:eb:44:07:1b:27:a7:e9:
04:f4:87:2e:f0:a9:61:9d:d4:ad:9a:f3:53:71:ec:
43:95:cb:03:ea:34:10:6f:f8:5e:67:73:24:a8:b5:
1b:ce:21:da:30:65:bf:78:84:35:1d:a4:2f:83:bc:
5d:65:8e:24:cd:2e:d0:fd:9b:5c:34:d2:f8:bb:52:
fd:7d:d3:e3:c1:d2:ae:85:0c:e5:41:68:21:60:d7:
8e:23:cd:0e:02:a1:9c:b7:a4:88:84:9a:77:c5:09:
46:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AC:64:33:EF:64:E2:D4:17:A0:57:85:5D:1A:B8:29:4A:C7:DE:DA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aqxkM-9k4tQXoFeFXRq4KUrH3to.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:17:c1:58:63:b2:85:c4:16:60:ff:ad:05:d4:aa:66:cc:ea:
73:53:e7:0e:f0:86:ad:d3:48:58:b1:3c:d2:04:cf:8d:78:5f:
a1:b2:95:1c:79:27:6a:26:c2:98:b6:bc:21:76:c1:ed:12:0e:
9b:62:7a:29:26:3b:61:1e:f2:e2:b7:e2:46:0d:0a:14:6b:8c:
0d:84:76:92:c4:8b:47:7e:bc:d2:9d:7f:13:35:6b:e8:71:0c:
4a:b6:1f:49:80:e2:80:47:0e:aa:6e:76:5a:2f:1c:5f:3e:fd:
5a:ef:55:34:d5:70:90:d9:fb:5d:f4:7f:50:6b:17:db:2e:18:
3a:76:9e:38:3e:9b:d1:f1:60:3d:f3:b8:e7:f1:92:26:18:39:
d7:c3:87:86:8f:74:ba:fc:a4:ed:aa:db:63:74:55:31:7a:80:
bc:b9:56:95:f3:e8:e9:cc:0f:e2:7a:5e:b5:36:6a:13:c3:bb:
fb:7c:69:4a:0a:dc:5c:ec:62:a5:9c:c4:46:7a:ab:a1:88:6c:
24:db:fc:8f:2c:94:e0:9f:c0:00:7e:e1:5d:73:83:08:cd:7f:
b2:b6:af:38:30:f2:8f:2b:c3:47:62:7f:e2:2c:21:c8:aa:97:
58:27:78:e6:1f:6f:d9:cf:92:2d:9d:e7:56:29:33:67:41:37:
15:cb:83:72
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHwgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcx
MTEwMTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZBQUM2NDMzRUY2NEUy
RDQxN0EwNTc4NTVEMUFCODI5NEFDN0RFREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPjnCiAbmhibC6R7gly059Aj1+ING27ZAvu1yQKU+WCj3+ByI4
kmIO6T1l1QyLf0cFyL2gmIHGKnr8ZcpLdaV1BjEuwLZG3cP7oJvFLxOsB9bqNmmz
XQyTJhN8au5oa3uOwnO1BRYHXiVxfG/6ZGIbZC7b/0ak/5NRAiK37s2fsWvoT8vB
e90sMg8P6W6Nr4scBiOK08+JWdxb9hu860QHGyen6QT0hy7wqWGd1K2a81Nx7EOV
ywPqNBBv+F5ncySotRvOIdowZb94hDUdpC+DvF1ljiTNLtD9m1w00vi7Uv190+PB
0q6FDOVBaCFg144jzQ4CoZy3pIiEmnfFCUZJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaqxkM+9k4tQXoFeFXRq4KUrH3towHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hcXhrTS05azR0UVhvRmVG
WFJxNEtVckgzdG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAH0XwVhjsoXEFmD/rQXUqmbM6nNT5w7whq3T
SFixPNIEz414X6GylRx5J2omwpi2vCF2we0SDptieikmO2Ee8uK34kYNChRrjA2E
dpLEi0d+vNKdfxM1a+hxDEq2H0mA4oBHDqpudlovHF8+/VrvVTTVcJDZ+130f1Br
F9suGDp2njg+m9HxYD3zuOfxkiYYOdfDh4aPdLr8pO2q22N0VTF6gLy5VpXz6OnM
D+J6XrU2ahPDu/t8aUoK3FzsYqWcxEZ6q6GIbCTb/I8slOCfwAB+4V1zgwjNf7K2
rzgw8o8rw0dif+IsIciql1gneOYfb9nPki2d51YpM2dBNxXLg3I=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:53 2025 by rpki-client