Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/q2l7qnr8nLJsU8Ce2vcyOYXSsmg.roa
File: q2l7qnr8nLJsU8Ce2vcyOYXSsmg.roa (raw, json)
Hash identifier: YQ1vO3CvZ15/uKEIinFFFXCerTlp28JiXhX5lms+rZo=
Subject key identifier: AB:69:7B:AA:7A:FC:9C:B2:6C:53:C0:9E:DA:F7:32:39:85:D2:B2:68
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BAC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/q2l7qnr8nLJsU8Ce2vcyOYXSsmg.roa
Signing time: Thu 22 May 2025 15:38:36 +0000
ROA not before: Thu 22 May 2025 15:38:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2988 (0xbac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 15:38:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AB697BAA7AFC9CB26C53C09EDAF7323985D2B268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1b:42:b6:60:88:f4:39:b3:34:a6:31:fa:b7:
f8:7d:fa:fa:6e:04:c4:03:2d:c0:98:39:7f:e2:60:
d3:51:16:52:0a:01:3e:68:0f:c0:b1:8c:f3:cf:bf:
4c:41:84:ea:de:84:07:6b:13:d7:2b:36:4a:f4:92:
92:76:88:ad:48:cd:de:ed:eb:a6:cb:d9:41:28:22:
35:16:36:8b:90:cd:41:5e:af:45:d8:2a:09:98:c7:
d6:b4:52:a9:81:e7:37:c4:6a:95:f1:bd:cc:e9:e9:
2f:6c:13:67:7e:86:0d:f0:51:3f:16:07:57:f2:b7:
e4:a0:e9:6e:b2:5b:31:27:21:be:ac:a0:d3:ef:00:
e2:00:c8:db:3d:48:31:80:c2:7b:a9:fd:63:22:20:
d4:9a:7b:1a:b2:54:85:07:f0:ab:de:16:36:2c:1e:
38:34:34:7a:b6:36:f9:a7:f3:c4:1b:20:2c:3c:e7:
89:85:0d:c1:93:09:ee:10:54:26:fd:79:fd:6d:2b:
9e:8a:c0:1c:8d:97:8a:20:f8:e0:fe:34:e1:6c:81:
bf:d4:c4:ce:3b:9d:db:51:99:fa:4c:bb:c3:12:e3:
4d:a3:51:bf:c0:92:c3:6b:14:74:a2:ae:c2:6c:8b:
41:fb:01:ad:9c:74:0f:01:42:87:3e:b2:93:7f:1a:
20:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:69:7B:AA:7A:FC:9C:B2:6C:53:C0:9E:DA:F7:32:39:85:D2:B2:68
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/q2l7qnr8nLJsU8Ce2vcyOYXSsmg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:47:19:c6:64:41:1b:15:d1:24:8d:4c:92:b0:cf:46:05:a7:
89:5a:23:fe:4a:b2:08:fc:54:9c:c9:ef:b3:7c:e2:91:41:a1:
33:35:36:cb:d5:7c:79:64:29:7e:1f:14:bd:e1:19:29:75:38:
5c:38:bc:04:54:81:ec:32:90:d4:66:03:e5:b2:fc:39:bf:0a:
5e:ff:10:78:a7:69:6e:a2:05:5b:82:e3:a0:13:28:25:f0:92:
4f:42:80:d6:6c:80:36:cf:2f:54:f7:d2:9f:eb:ee:9e:45:88:
f0:d1:40:17:a3:58:45:12:fe:6c:d9:9c:20:9c:43:ad:69:3a:
1f:e4:b3:8a:41:20:2e:ed:eb:2c:ff:3f:3d:61:c9:e7:34:da:
7b:80:14:58:ea:b9:69:02:c9:9a:0f:0b:2f:73:e9:83:cf:bc:
8b:27:d0:fe:4b:4a:fb:c2:9c:a4:87:fc:fc:20:51:69:ca:c7:
8d:3a:d2:42:b3:f0:11:6d:0e:b8:65:af:b8:2c:00:a1:2c:58:
c0:29:71:73:5f:e7:e2:f8:6e:89:c2:a4:05:ab:92:2b:5b:57:
49:40:ca:c8:22:8a:2f:ff:ff:2e:ba:f5:1f:cf:4c:03:a0:70:
ce:cb:6c:a8:9a:bb:90:cb:5c:e1:b6:a3:1b:87:e1:5c:c6:e9:
4b:0d:45:5f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
NTM4MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFCNjk3QkFBN0FGQzlD
QjI2QzUzQzA5RURBRjczMjM5ODVEMkIyNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeG0K2YIj0ObM0pjH6t/h9+vpuBMQDLcCYOX/iYNNRFlIKAT5o
D8CxjPPPv0xBhOrehAdrE9crNkr0kpJ2iK1Izd7t66bL2UEoIjUWNouQzUFer0XY
KgmYx9a0UqmB5zfEapXxvczp6S9sE2d+hg3wUT8WB1fyt+Sg6W6yWzEnIb6soNPv
AOIAyNs9SDGAwnup/WMiINSaexqyVIUH8KveFjYsHjg0NHq2Nvmn88QbICw854mF
DcGTCe4QVCb9ef1tK56KwByNl4og+OD+NOFsgb/UxM47ndtRmfpMu8MS402jUb/A
ksNrFHSirsJsi0H7Aa2cdA8BQoc+spN/GiBxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUq2l7qnr8nLJsU8Ce2vcyOYXSsmgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xMmw3cW5yOG5MSnNVOENl
MnZjeU9ZWFNzbWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAJHGcZkQRsV0SSNTJKwz0YFp4laI/5Ksgj8
VJzJ77N84pFBoTM1NsvVfHlkKX4fFL3hGSl1OFw4vARUgewykNRmA+Wy/Dm/Cl7/
EHinaW6iBVuC46ATKCXwkk9CgNZsgDbPL1T30p/r7p5FiPDRQBejWEUS/mzZnCCc
Q61pOh/ks4pBIC7t6yz/Pz1hyec02nuAFFjquWkCyZoPCy9z6YPPvIsn0P5LSvvC
nKSH/PwgUWnKx4060kKz8BFtDrhlr7gsAKEsWMApcXNf5+L4bonCpAWrkitbV0lA
ysgiii///y669R/PTAOgcM7LbKiau5DLXOG2oxuH4VzG6UsNRV8=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:57:39 2025 by rpki-client