Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OQQD3_IV5OJlMgNt3izmBjPPTYc.roa
File: OQQD3_IV5OJlMgNt3izmBjPPTYc.roa (raw, json)
Hash identifier: pPwrgKFqdrI5aKVbQmW67/fEvg4gslp/YaAAGGcNNeY=
Subject key identifier: 39:04:03:DF:F2:15:E4:E2:65:32:03:6D:DE:2C:E6:06:33:CF:4D:87
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A2C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OQQD3_IV5OJlMgNt3izmBjPPTYc.roa
Signing time: Tue 10 Jun 2025 23:39:49 +0000
ROA not before: Tue 10 Jun 2025 23:39:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6700 (0x1a2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 23:39:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=390403DFF215E4E26532036DDE2CE60633CF4D87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b5:c8:9e:06:c0:1e:4a:2e:95:1f:9c:1d:94:
65:f4:5b:25:64:5b:bd:29:6d:08:ce:19:d7:9c:78:
8c:7f:a8:4c:ae:7c:54:dc:19:ff:f9:43:5f:d5:65:
ab:c5:e2:19:4d:51:82:29:1c:5d:c0:77:76:8a:72:
e8:08:85:0f:e4:5c:93:23:72:2c:25:03:89:f3:fb:
b9:70:56:74:8e:d0:99:69:de:de:73:4d:39:28:a3:
6d:75:f5:4d:da:a2:a7:d4:0c:47:28:a1:9b:9e:d3:
f3:b4:69:bf:af:1e:b2:13:92:f8:1a:53:7e:b0:d4:
a1:21:7b:28:01:be:7c:e9:c2:50:f5:e4:37:59:fd:
1a:60:0d:a4:05:d4:ee:e1:6b:fa:7f:5b:6f:ac:cd:
65:8a:ef:7a:99:8f:fb:b2:de:92:0f:16:48:e3:22:
c5:4a:7e:6b:c9:61:c5:dd:1c:06:20:73:c6:df:2a:
e6:a8:69:7b:3c:ca:98:4d:8c:54:04:91:18:10:76:
d1:86:78:41:ed:23:4a:d1:2c:8d:8f:54:76:71:57:
07:d0:cb:f5:90:67:71:bb:dd:1e:26:1e:44:23:d9:
6e:5f:8f:b2:79:30:c5:09:3b:3e:ac:77:ce:c1:45:
e9:b2:f6:79:4a:b3:f4:30:8d:59:60:a0:ac:3f:5c:
b8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:04:03:DF:F2:15:E4:E2:65:32:03:6D:DE:2C:E6:06:33:CF:4D:87
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OQQD3_IV5OJlMgNt3izmBjPPTYc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:61:fd:c3:eb:37:0d:74:80:51:12:79:f7:45:2a:9b:37:6b:
e0:99:45:fd:67:1d:5d:a5:5d:93:7e:ff:54:f7:6a:4a:1f:20:
89:24:a0:71:f0:a0:ed:86:7a:81:4b:98:88:b5:e7:5c:75:26:
79:68:b9:0f:ab:1b:f2:8b:68:4c:0a:f1:5c:78:9c:7f:d3:55:
61:9d:b4:ee:56:79:d1:45:8b:8a:45:8b:9b:1f:dd:4c:f5:1a:
a3:22:6f:d9:f8:ef:1c:98:12:44:09:cb:08:dc:ef:23:47:65:
0b:32:ca:3f:bf:a0:5f:bd:ad:4f:13:51:95:f1:11:ee:46:43:
c1:70:74:13:18:b3:a5:d9:d2:32:a7:39:17:ae:63:d2:33:93:
26:e8:6d:4a:8c:8d:4f:8b:52:da:1f:22:b8:0f:64:0f:3c:00:
71:61:9f:fe:1f:c0:f3:c3:59:cd:ec:45:f7:32:ad:9f:bb:f1:
31:99:8c:e2:b2:c4:ba:e9:3f:dc:64:4f:2f:2a:95:40:ef:97:
13:64:14:14:7d:a6:d3:d3:fa:40:b9:d2:a9:b0:a1:05:e9:23:
81:ff:8d:0c:73:93:7b:6b:1e:11:34:3e:8b:5d:1d:d2:b4:64:
07:db:08:4e:45:84:df:e5:87:70:7c:da:0c:6c:94:5b:dc:49:
cf:e2:9d:e6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGiwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAy
MzM5NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM5MDQwM0RGRjIxNUU0
RTI2NTMyMDM2RERFMkNFNjA2MzNDRjREODcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCltcieBsAeSi6VH5wdlGX0WyVkW70pbQjOGdeceIx/qEyufFTc
Gf/5Q1/VZavF4hlNUYIpHF3Ad3aKcugIhQ/kXJMjciwlA4nz+7lwVnSO0Jlp3t5z
TTkoo2119U3aoqfUDEcooZue0/O0ab+vHrITkvgaU36w1KEheygBvnzpwlD15DdZ
/RpgDaQF1O7ha/p/W2+szWWK73qZj/uy3pIPFkjjIsVKfmvJYcXdHAYgc8bfKuao
aXs8yphNjFQEkRgQdtGGeEHtI0rRLI2PVHZxVwfQy/WQZ3G73R4mHkQj2W5fj7J5
MMUJOz6sd87BRemy9nlKs/QwjVlgoKw/XLhrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOQQD3/IV5OJlMgNt3izmBjPPTYcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PUVFEM19JVjVPSmxNZ050
M2l6bUJqUFBUWWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAERh/cPrNw10gFESefdFKps3a+CZRf1nHV2l
XZN+/1T3akofIIkkoHHwoO2GeoFLmIi151x1JnlouQ+rG/KLaEwK8Vx4nH/TVWGd
tO5WedFFi4pFi5sf3Uz1GqMib9n47xyYEkQJywjc7yNHZQsyyj+/oF+9rU8TUZXx
Ee5GQ8FwdBMYs6XZ0jKnOReuY9IzkybobUqMjU+LUtofIrgPZA88AHFhn/4fwPPD
Wc3sRfcyrZ+78TGZjOKyxLrpP9xkTy8qlUDvlxNkFBR9ptPT+kC50qmwoQXpI4H/
jQxzk3trHhE0PotdHdK0ZAfbCE5FhN/lh3B82gxslFvcSc/ineY=
-----END CERTIFICATE-----
Generated at Fri Jun 20 13:35:51 2025 by rpki-client