Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qWhJ2P3f5pGy4TqCd80ldJ5fqbk.roa
File: qWhJ2P3f5pGy4TqCd80ldJ5fqbk.roa (raw, json)
Hash identifier: kR595Yd6a7DAlPOf7vPKLRJWFZcsTzBiml1Ld1dplIA=
Subject key identifier: A9:68:49:D8:FD:DF:E6:91:B2:E1:3A:82:77:CD:25:74:9E:5F:A9:B9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12E4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qWhJ2P3f5pGy4TqCd80ldJ5fqbk.roa
Signing time: Sun 01 Jun 2025 06:39:13 +0000
ROA not before: Sun 01 Jun 2025 06:39:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4836 (0x12e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 06:39:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A96849D8FDDFE691B2E13A8277CD25749E5FA9B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:27:90:18:21:a8:96:ae:21:6d:c0:cb:b5:0f:
99:4a:47:1b:e3:a6:21:16:0f:36:48:fd:fb:44:1e:
8c:21:7d:23:29:c4:6b:bb:7d:3a:08:0a:5a:57:3c:
61:50:1c:c1:eb:dc:cc:3b:f3:d1:1b:86:f7:f5:64:
66:e7:fd:e4:b5:f0:ac:be:bc:7d:b9:24:e0:83:2a:
94:ab:1b:ca:e9:60:4f:20:07:58:b4:e0:9f:65:60:
97:c8:46:5b:cd:31:57:f1:d6:4c:74:2c:ab:8e:93:
41:1e:f1:5f:4b:e0:18:e6:4e:f3:81:56:db:6a:9a:
6e:f2:29:76:a3:7a:e3:0a:96:c5:fa:c1:13:86:5e:
0a:cd:77:cf:04:a6:81:fb:54:70:ec:9c:50:8c:06:
e4:d3:ae:45:5a:df:57:8c:c2:4c:0d:77:db:cd:a6:
97:51:62:91:fc:ad:18:be:b6:ac:c7:f8:ee:44:54:
38:dc:ec:35:55:ac:9d:eb:b6:75:69:72:60:45:17:
e0:83:b8:69:eb:47:0e:3f:b5:5d:6c:fe:e9:b0:2a:
65:26:cd:1b:f1:cc:73:dd:c7:aa:95:17:45:4d:05:
b4:da:a9:3b:9b:5a:03:5a:9c:61:6c:c4:f1:c7:3d:
cb:b5:5c:7f:a0:98:3b:04:a7:f2:6a:8d:87:e0:95:
3d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:68:49:D8:FD:DF:E6:91:B2:E1:3A:82:77:CD:25:74:9E:5F:A9:B9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qWhJ2P3f5pGy4TqCd80ldJ5fqbk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:1c:1e:c4:55:ee:69:9c:a4:63:35:06:df:c1:6f:57:bd:73:
d6:d6:34:53:06:30:5a:db:a8:24:74:4d:03:30:32:0e:6a:eb:
ef:75:57:20:1f:c0:53:13:1c:b7:d6:e2:89:25:df:0a:55:ec:
55:54:a1:8c:92:58:84:f0:4a:20:c1:b1:85:48:35:8a:79:8f:
d3:2f:9b:3e:9d:fd:ef:08:ce:2b:ec:0b:f1:65:f4:7b:18:6a:
42:e9:b6:3f:ee:c8:a0:8b:7e:e3:f7:13:18:50:fb:81:67:31:
56:19:5f:7d:45:f0:f4:9b:44:a0:ad:1c:37:ee:15:5c:64:14:
1f:4f:fb:9c:a8:b8:67:94:69:97:3f:d4:b4:dd:e1:b8:dd:03:
a4:1a:2a:5d:6b:c2:b8:05:14:9e:ac:9e:19:8f:66:a1:b9:e8:
27:e9:81:59:45:d9:1a:ac:f1:02:6e:4c:9b:dd:bf:16:ca:d9:
ec:03:88:e9:fe:88:a2:83:27:c6:d4:76:1e:f5:5e:d6:d7:fc:
85:49:f1:e3:a8:a3:2b:21:e7:d9:45:f4:a4:5b:65:ea:56:39:
aa:78:71:1f:fb:0a:58:a0:55:1e:07:67:8d:57:3c:c7:21:3b:
44:5f:16:c4:1b:56:d4:5b:e5:b1:8d:4d:84:5a:f7:a2:5d:35:
b6:34:fe:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEuQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEw
NjM5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE5Njg0OUQ4RkRERkU2
OTFCMkUxM0E4Mjc3Q0QyNTc0OUU1RkE5QjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTJ5AYIaiWriFtwMu1D5lKRxvjpiEWDzZI/ftEHowhfSMpxGu7
fToIClpXPGFQHMHr3Mw789Ebhvf1ZGbn/eS18Ky+vH25JOCDKpSrG8rpYE8gB1i0
4J9lYJfIRlvNMVfx1kx0LKuOk0Ee8V9L4BjmTvOBVttqmm7yKXajeuMKlsX6wROG
XgrNd88EpoH7VHDsnFCMBuTTrkVa31eMwkwNd9vNppdRYpH8rRi+tqzH+O5EVDjc
7DVVrJ3rtnVpcmBFF+CDuGnrRw4/tV1s/umwKmUmzRvxzHPdx6qVF0VNBbTaqTub
WgNanGFsxPHHPcu1XH+gmDsEp/JqjYfglT0ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqWhJ2P3f5pGy4TqCd80ldJ5fqbkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xV2hKMlAzZjVwR3k0VHFD
ZDgwbGRKNWZxYmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAscHsRV7mmcpGM1Bt/Bb1e9c9bWNFMGMFrb
qCR0TQMwMg5q6+91VyAfwFMTHLfW4okl3wpV7FVUoYySWITwSiDBsYVINYp5j9Mv
mz6d/e8IzivsC/Fl9HsYakLptj/uyKCLfuP3ExhQ+4FnMVYZX31F8PSbRKCtHDfu
FVxkFB9P+5youGeUaZc/1LTd4bjdA6QaKl1rwrgFFJ6snhmPZqG56CfpgVlF2Rqs
8QJuTJvdvxbK2ewDiOn+iKKDJ8bUdh71XtbX/IVJ8eOooysh59lF9KRbZepWOap4
cR/7CligVR4HZ41XPMchO0RfFsQbVtRb5bGNTYRa96JdNbY0/pI=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:01:52 2025 by rpki-client