Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qKdhMRAmkCpuZcm5MTd2r_N54GQ.roa
File: qKdhMRAmkCpuZcm5MTd2r_N54GQ.roa (raw, json)
Hash identifier: pkJ09hWcmdAp+B9A0WxnzxvyD8gjRpx1hbtw6HmmR4M=
Subject key identifier: A8:A7:61:31:10:26:90:2A:6E:65:C9:B9:31:37:76:AF:F3:79:E0:64
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0548
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qKdhMRAmkCpuZcm5MTd2r_N54GQ.roa
Signing time: Wed 14 May 2025 03:08:00 +0000
ROA not before: Wed 14 May 2025 03:08:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1352 (0x548)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 03:08:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A8A761311026902A6E65C9B9313776AFF379E064
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:50:9d:96:62:67:c0:53:90:7d:92:7a:ef:03:
35:15:a9:79:2e:93:93:66:47:57:52:8d:f2:bc:1d:
2a:0d:00:62:32:ef:75:ed:a8:9b:8a:80:5e:f5:ac:
cc:77:83:3e:7d:64:f4:d0:bb:52:43:51:ef:6e:f3:
2d:70:b9:b7:15:ca:55:7c:5c:d3:3d:eb:a0:d1:2e:
06:01:45:3a:33:31:31:6e:d9:01:bb:77:08:c9:b4:
93:2f:a4:5f:09:d3:e4:9f:d3:1b:bd:6f:57:9a:f1:
0a:b0:ce:4e:2a:14:4d:81:9a:5f:e0:55:bc:2b:fe:
2f:9c:c3:a5:c8:9a:86:51:84:4e:25:24:5a:e9:d7:
5e:3e:94:ce:56:83:67:a9:0a:95:1a:5d:ea:72:1b:
e9:07:ed:6a:13:9d:72:3c:e3:cf:99:5f:30:5b:df:
ed:b3:a6:65:21:57:89:25:bb:10:87:c9:1c:25:e7:
42:9d:8c:f0:27:44:04:08:e8:af:ad:c0:26:69:88:
05:7c:cb:71:cf:28:98:b7:79:5f:19:06:7e:91:8a:
7d:80:ab:3d:58:f5:7f:f8:fa:75:d3:18:98:dd:90:
6d:12:8e:a1:dd:83:09:e0:59:a3:b8:a7:3b:65:78:
3b:58:60:32:73:74:68:5e:16:14:64:4c:3e:28:37:
74:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A7:61:31:10:26:90:2A:6E:65:C9:B9:31:37:76:AF:F3:79:E0:64
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qKdhMRAmkCpuZcm5MTd2r_N54GQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:44:f0:be:4b:33:91:b5:08:3b:63:c6:8a:af:b2:d6:3b:68:
08:42:04:cc:4b:59:ad:6c:37:60:7e:5c:14:3b:6c:2e:18:ea:
92:97:ca:28:be:92:bc:ad:15:f4:f8:d8:01:22:09:49:4d:56:
65:0f:cc:ab:c0:77:f5:e7:bb:87:07:83:b4:b5:6a:94:1c:c8:
13:16:6d:c6:df:11:4b:a0:df:5a:22:96:7f:34:38:31:1d:c3:
46:0a:4f:1d:b2:dc:84:1a:a6:04:34:82:9e:9a:fc:e5:9d:0d:
ee:94:02:71:06:42:18:86:18:cd:0e:9c:ac:60:6b:39:fe:f1:
24:82:68:33:08:f7:2d:2c:da:80:f1:f4:23:fd:4f:80:20:21:
02:ac:5e:64:83:c7:f3:90:92:27:9c:4f:29:91:e8:e7:eb:74:
84:dc:dd:02:a8:ba:6f:83:88:65:f6:2f:28:0c:2f:a9:fa:01:
1d:f0:f4:37:7c:56:40:08:fb:5e:a3:a5:9e:16:2c:36:a5:39:
f2:15:41:a7:6a:55:89:72:b6:57:a1:6d:c0:cd:66:99:26:53:
ae:23:9a:22:84:93:74:e9:ce:5a:19:d1:f4:34:f9:bf:e1:d6:
e5:d3:50:ff:4d:b7:5e:53:88:ae:16:4d:3b:a6:b3:e0:7a:6f:
5a:46:bc:56
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBUgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MzA4MDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE4QTc2MTMxMTAyNjkw
MkE2RTY1QzlCOTMxMzc3NkFGRjM3OUUwNjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1UJ2WYmfAU5B9knrvAzUVqXkuk5NmR1dSjfK8HSoNAGIy73Xt
qJuKgF71rMx3gz59ZPTQu1JDUe9u8y1wubcVylV8XNM966DRLgYBRTozMTFu2QG7
dwjJtJMvpF8J0+Sf0xu9b1ea8Qqwzk4qFE2Bml/gVbwr/i+cw6XImoZRhE4lJFrp
114+lM5Wg2epCpUaXepyG+kH7WoTnXI848+ZXzBb3+2zpmUhV4kluxCHyRwl50Kd
jPAnRAQI6K+twCZpiAV8y3HPKJi3eV8ZBn6Rin2Aqz1Y9X/4+nXTGJjdkG0SjqHd
gwngWaO4pztleDtYYDJzdGheFhRkTD4oN3QZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqKdhMRAmkCpuZcm5MTd2r/N54GQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xS2RoTVJBbWtDcHVaY201
TVRkMnJfTjU0R1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADBE8L5LM5G1CDtjxoqvstY7aAhCBMxLWa1s
N2B+XBQ7bC4Y6pKXyii+krytFfT42AEiCUlNVmUPzKvAd/Xnu4cHg7S1apQcyBMW
bcbfEUug31oiln80ODEdw0YKTx2y3IQapgQ0gp6a/OWdDe6UAnEGQhiGGM0OnKxg
azn+8SSCaDMI9y0s2oDx9CP9T4AgIQKsXmSDx/OQkiecTymR6OfrdITc3QKoum+D
iGX2LygML6n6AR3w9Dd8VkAI+16jpZ4WLDalOfIVQadqVYlytlehbcDNZpkmU64j
miKEk3TpzloZ0fQ0+b/h1uXTUP9Nt15TiK4WTTums+B6b1pGvFY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:04:02 2025 by rpki-client