Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qdwPNn3d1ZABDdellsTfuLS4VGU.roa
File: qdwPNn3d1ZABDdellsTfuLS4VGU.roa (raw, json)
Hash identifier: U+mdOW4JkpV9kUkzahPAP56COe3Uq+6FptayfrGpnyk=
Subject key identifier: A9:DC:0F:36:7D:DD:D5:90:01:0D:D7:A5:96:C4:DF:B8:B4:B8:54:65
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0A88
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qdwPNn3d1ZABDdellsTfuLS4VGU.roa
Signing time: Wed 21 May 2025 03:08:22 +0000
ROA not before: Wed 21 May 2025 03:08:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2696 (0xa88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 03:08:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A9DC0F367DDDD590010DD7A596C4DFB8B4B85465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:84:09:f7:9f:9e:09:5e:b5:c2:00:79:8f:97:
05:19:b9:a2:51:b0:e9:a9:7b:5c:bd:53:54:35:70:
e4:ec:7e:ca:1b:af:85:a3:f1:26:7e:b3:42:5b:98:
5d:f2:78:c8:f3:3a:94:00:53:eb:46:0f:df:ac:6b:
76:1b:2b:2f:24:50:8a:bf:8f:0c:6b:30:de:7c:90:
94:3e:a1:2d:c1:98:10:be:3b:f3:e1:26:81:c8:81:
8a:6e:c4:b4:d4:31:89:49:ae:b5:8e:3b:82:c1:59:
b3:2c:8f:e0:20:2b:e0:6b:e2:49:ec:76:09:59:84:
54:d7:b6:b7:95:ad:fa:ca:e0:1b:ce:ce:4e:e8:ec:
57:33:f8:3d:73:d2:73:24:59:04:d1:41:2a:33:a3:
2f:49:a1:63:a1:74:2b:75:27:0a:d0:a2:ab:e1:12:
b9:7c:78:8a:16:2c:b6:7a:c9:5d:88:b6:b9:d5:06:
1d:cd:1f:35:c0:97:aa:a3:55:98:27:28:67:a7:3f:
4a:bb:77:13:0e:1f:05:e0:06:7e:f1:9a:01:a3:f6:
ce:39:8c:6e:4b:8b:92:63:b5:0c:fc:28:f3:11:d5:
d6:8b:5e:8a:e2:09:28:73:02:b9:fe:2d:fc:52:ca:
cb:cd:5b:69:b2:36:5f:e9:41:70:60:77:86:ec:84:
74:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DC:0F:36:7D:DD:D5:90:01:0D:D7:A5:96:C4:DF:B8:B4:B8:54:65
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qdwPNn3d1ZABDdellsTfuLS4VGU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:b9:e6:d1:13:5d:34:82:fa:97:6b:31:bb:f8:1d:95:05:28:
44:94:2f:35:c0:6f:bb:31:80:b8:c1:a6:1d:fa:f4:60:4a:47:
6a:f7:92:19:c4:a3:ea:1f:9e:3e:dd:67:96:be:1e:08:11:ba:
79:5a:29:21:0a:a2:45:1b:d1:31:56:58:8f:3c:56:39:c8:04:
27:98:7b:e7:c9:59:8b:4d:20:41:9f:0e:f1:b5:74:61:2e:8b:
8d:bf:c5:ce:ad:14:df:5a:60:ab:c1:99:2b:4f:5c:e9:23:11:
72:fa:38:51:fe:4f:79:79:a9:6d:89:57:0f:ab:9a:cb:c9:d6:
d5:70:24:9e:6b:cb:b7:fe:33:b9:5c:19:71:1c:5e:45:4d:29:
20:a2:ad:e0:00:e8:e4:33:04:ca:a4:99:1b:7c:21:38:30:09:
65:1d:fa:43:5b:e9:81:86:31:26:70:09:a8:f1:70:40:6b:42:
7e:a1:ff:84:d8:99:0f:b0:cd:2a:86:5f:e1:0a:5f:5b:3b:58:
55:a3:18:42:50:24:0c:3e:74:97:85:fc:df:c8:9b:44:4a:b0:
b3:63:61:f5:c0:d0:bc:c8:1c:4f:f2:7f:a4:4b:c0:92:6a:ce:
fe:58:6b:fb:91:ec:69:26:99:11:bd:b0:3e:03:a6:49:12:63:
c5:9f:a9:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCogwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
MzA4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE5REMwRjM2N0REREQ1
OTAwMTBERDdBNTk2QzRERkI4QjRCODU0NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhhAn3n54JXrXCAHmPlwUZuaJRsOmpe1y9U1Q1cOTsfsobr4Wj
8SZ+s0JbmF3yeMjzOpQAU+tGD9+sa3YbKy8kUIq/jwxrMN58kJQ+oS3BmBC+O/Ph
JoHIgYpuxLTUMYlJrrWOO4LBWbMsj+AgK+Br4knsdglZhFTXtreVrfrK4BvOzk7o
7Fcz+D1z0nMkWQTRQSozoy9JoWOhdCt1JwrQoqvhErl8eIoWLLZ6yV2ItrnVBh3N
HzXAl6qjVZgnKGenP0q7dxMOHwXgBn7xmgGj9s45jG5Li5JjtQz8KPMR1daLXori
CShzArn+LfxSysvNW2myNl/pQXBgd4bshHQlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqdwPNn3d1ZABDdellsTfuLS4VGUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xZHdQTm4zZDFaQUJEZGVs
bHNUZnVMUzRWR1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABC55tETXTSC+pdrMbv4HZUFKESULzXAb7sx
gLjBph369GBKR2r3khnEo+ofnj7dZ5a+HggRunlaKSEKokUb0TFWWI88VjnIBCeY
e+fJWYtNIEGfDvG1dGEui42/xc6tFN9aYKvBmStPXOkjEXL6OFH+T3l5qW2JVw+r
msvJ1tVwJJ5ry7f+M7lcGXEcXkVNKSCireAA6OQzBMqkmRt8ITgwCWUd+kNb6YGG
MSZwCajxcEBrQn6h/4TYmQ+wzSqGX+EKX1s7WFWjGEJQJAw+dJeF/N/Im0RKsLNj
YfXA0LzIHE/yf6RLwJJqzv5Ya/uR7GkmmRG9sD4DpkkSY8WfqUc=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:51 2025 by rpki-client