Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xq4flQAIGBAjU7ryIxnIcZNMwac.roa
File: xq4flQAIGBAjU7ryIxnIcZNMwac.roa (raw, json)
Hash identifier: uPg6vKQXDXDdifqTOACRLlLju/le/I2oc8kIfTpW4bY=
Subject key identifier: C6:AE:1F:95:00:08:18:10:23:53:BA:F2:23:19:C8:71:93:4C:C1:A7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EFC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xq4flQAIGBAjU7ryIxnIcZNMwac.roa
Signing time: Tue 17 Jun 2025 09:40:03 +0000
ROA not before: Tue 17 Jun 2025 09:40:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7932 (0x1efc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 09:40:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C6AE1F95000818102353BAF22319C871934CC1A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:6b:99:d7:21:85:b5:d5:ab:ac:b9:d3:9a:2c:
13:0e:45:7c:53:f0:b4:c6:96:4c:fa:2d:b0:7a:35:
38:a9:c6:0c:80:f9:b1:15:b5:ae:29:e8:a7:5a:27:
59:d9:e4:79:dc:ff:09:6c:de:ad:c6:77:23:c1:be:
76:b3:81:e0:96:81:55:54:be:6d:9b:f7:fc:18:91:
c1:9f:a9:c9:dc:c9:14:3b:e7:59:86:69:0e:49:f6:
e9:80:39:94:ab:a4:26:56:ad:42:be:47:eb:5d:fb:
c5:53:28:c2:ba:89:61:4b:77:ab:af:c4:e9:01:42:
7b:72:6b:f6:60:48:a5:f2:1f:f3:07:26:69:d8:ce:
da:5f:00:46:3d:e4:20:99:c4:c1:36:7a:41:23:ec:
41:79:14:3e:b1:93:cd:81:b0:30:e4:2d:c4:13:a2:
33:98:20:39:89:d2:42:19:31:56:bc:4c:09:fb:ca:
6a:81:53:96:4d:81:46:6d:97:29:8c:bd:6f:7e:b0:
b4:fc:6b:6a:95:37:71:00:68:3d:f2:0f:97:eb:7e:
31:5d:dd:ae:36:6a:dd:c6:4c:03:2d:ed:f9:f7:25:
1e:f0:77:43:20:4d:1d:59:0b:e2:07:6b:cb:79:dc:
bd:fc:39:fd:f0:25:5b:87:e7:af:8e:f4:7d:43:59:
97:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AE:1F:95:00:08:18:10:23:53:BA:F2:23:19:C8:71:93:4C:C1:A7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xq4flQAIGBAjU7ryIxnIcZNMwac.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:29:ed:f3:bb:84:11:71:db:92:2f:56:46:1c:2d:ad:a7:98:
ee:33:b1:f7:6c:20:32:64:04:4e:1c:c6:a1:c5:99:22:4e:2d:
40:4e:b6:6a:9a:c3:13:d7:b3:61:b4:12:6c:d9:15:05:60:96:
8f:76:f8:95:04:b7:7e:ac:d2:39:94:f6:09:41:ab:79:c1:f7:
a2:41:44:fc:6c:61:dd:af:62:c5:a0:fc:a2:b7:1d:6a:e3:40:
96:6c:0a:70:bf:c8:45:79:0a:ac:ee:df:b0:52:c7:de:cd:3f:
ac:ad:0f:13:dd:b3:5d:bd:bf:45:84:de:e1:8b:30:bc:7b:70:
9b:3c:c6:80:ec:79:e4:ef:80:22:e1:ee:49:b5:8d:46:94:7e:
76:fb:c7:1f:64:7e:d4:93:3a:db:ef:a0:6e:a5:02:3c:c7:79:
70:14:71:44:71:b4:9d:8c:23:7c:a7:75:58:9a:a6:20:b9:b7:
4f:3a:34:c9:63:28:5c:a7:d2:af:38:68:3e:ad:3c:03:46:9a:
53:0e:20:d1:3f:d2:9a:d4:99:56:67:de:7a:b5:c8:ea:53:bc:
8c:05:34:02:7e:36:1d:3a:0e:66:8e:67:31:a6:90:c3:ac:ef:
34:71:e8:38:df:ee:c3:ac:0c:08:f6:68:d7:3c:49:fa:28:37:
96:d1:d3:84
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHvwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
OTQwMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM2QUUxRjk1MDAwODE4
MTAyMzUzQkFGMjIzMTlDODcxOTM0Q0MxQTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1a5nXIYW11ausudOaLBMORXxT8LTGlkz6LbB6NTipxgyA+bEV
ta4p6KdaJ1nZ5Hnc/wls3q3GdyPBvnazgeCWgVVUvm2b9/wYkcGfqcncyRQ751mG
aQ5J9umAOZSrpCZWrUK+R+td+8VTKMK6iWFLd6uvxOkBQntya/ZgSKXyH/MHJmnY
ztpfAEY95CCZxME2ekEj7EF5FD6xk82BsDDkLcQTojOYIDmJ0kIZMVa8TAn7ymqB
U5ZNgUZtlymMvW9+sLT8a2qVN3EAaD3yD5frfjFd3a42at3GTAMt7fn3JR7wd0Mg
TR1ZC+IHa8t53L38Of3wJVuH56+O9H1DWZc7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxq4flQAIGBAjU7ryIxnIcZNMwacwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94cTRmbFFBSUdCQWpVN3J5
SXhuSWNaTk13YWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJAp7fO7hBFx25IvVkYcLa2nmO4zsfdsIDJk
BE4cxqHFmSJOLUBOtmqawxPXs2G0EmzZFQVglo92+JUEt36s0jmU9glBq3nB96JB
RPxsYd2vYsWg/KK3HWrjQJZsCnC/yEV5Cqzu37BSx97NP6ytDxPds129v0WE3uGL
MLx7cJs8xoDseeTvgCLh7km1jUaUfnb7xx9kftSTOtvvoG6lAjzHeXAUcURxtJ2M
I3yndViapiC5t086NMljKFyn0q84aD6tPANGmlMOINE/0prUmVZn3nq1yOpTvIwF
NAJ+Nh06DmaOZzGmkMOs7zRx6Djf7sOsDAj2aNc8SfooN5bR04Q=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:46:50 2025 by rpki-client