Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qE-m_BUlplSd-kWUmmM_w_SwyH0.roa
File: qE-m_BUlplSd-kWUmmM_w_SwyH0.roa (raw, json)
Hash identifier: 4JdstExLO8sakO1enjoGX6R2j79UxLqJMu4oi5S3tBM=
Subject key identifier: A8:4F:A6:FC:15:25:A6:54:9D:FA:45:94:9A:63:3F:C3:F4:B0:C8:7D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0130
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qE-m_BUlplSd-kWUmmM_w_SwyH0.roa
Signing time: Thu 08 May 2025 16:07:42 +0000
ROA not before: Thu 08 May 2025 16:07:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304 (0x130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 16:07:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A84FA6FC1525A6549DFA45949A633FC3F4B0C87D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ae:2c:c0:e8:02:78:e8:77:e3:a8:e2:16:13:
de:eb:7a:6d:39:62:62:ff:02:0f:09:8b:a9:71:20:
5a:fe:82:d2:f7:3e:e9:e9:91:b1:f2:f4:29:c8:5f:
73:e2:5a:80:88:fd:2e:4e:d6:c6:e6:2e:fa:ba:b0:
8b:be:07:87:bf:e8:1d:35:02:d4:9f:40:bb:5e:b4:
40:97:0e:1f:23:7e:1f:cb:a6:6e:ff:67:2a:7c:be:
ee:b7:bf:01:fe:27:3d:e8:ca:7b:73:fd:ae:0b:f5:
fc:e8:90:0a:64:0d:47:ef:be:63:21:b0:51:28:38:
79:81:f1:86:4c:5b:38:51:7f:0d:06:56:8c:73:f7:
f6:8c:41:85:3d:00:c8:45:3a:b4:bd:12:22:e6:f2:
64:61:da:39:8a:9d:f8:3b:6a:94:62:f9:a7:b9:62:
5d:57:24:fb:9e:fa:f8:bd:36:7f:ba:82:7e:42:0b:
a7:45:1c:7e:6a:29:91:71:96:10:45:22:5c:93:28:
b0:1b:46:8e:93:d9:34:3f:0e:50:71:a2:a8:3b:3e:
25:87:5a:48:58:93:59:d0:54:4e:7f:8c:81:7a:66:
80:da:67:3f:27:94:69:82:44:ad:e6:0d:08:e7:71:
b6:dc:70:52:99:a8:41:69:b9:3e:69:82:b4:7b:9c:
97:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4F:A6:FC:15:25:A6:54:9D:FA:45:94:9A:63:3F:C3:F4:B0:C8:7D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qE-m_BUlplSd-kWUmmM_w_SwyH0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:b4:3d:a4:31:ce:58:63:dc:45:fd:81:ae:82:5f:44:72:47:
dd:28:0d:11:68:ab:4f:b7:e7:9f:58:cf:8d:09:e1:3b:fa:4d:
d7:04:f4:8a:77:56:73:b8:12:d8:51:00:b2:9d:2e:3f:4e:20:
fb:53:51:f1:c9:49:da:2b:ec:19:33:94:d8:dc:9d:35:08:aa:
27:b1:ce:c9:81:4c:d7:8c:8d:4b:20:9b:db:e9:67:cd:f8:5b:
67:b3:2b:3e:92:aa:18:be:22:f8:0b:50:ba:b9:32:4b:44:19:
f7:53:fa:56:8a:a6:53:89:12:fb:45:e8:d0:c9:fa:74:30:0d:
27:00:80:3b:95:11:48:63:1f:7b:c5:70:d3:22:4e:b7:15:26:
c7:b2:cf:fb:ac:0f:c3:29:b7:27:e8:9a:e7:f5:f8:31:c9:e4:
2a:82:aa:13:31:db:4b:ac:2b:64:e1:94:78:a0:31:0b:bc:92:
df:71:25:1b:07:d5:8d:8f:8d:6c:d3:16:08:70:4d:b2:d1:4e:
c2:92:25:dc:f3:ed:7c:32:75:c3:d8:ce:ef:94:48:ce:11:e9:
95:df:5b:33:25:66:51:b7:e7:67:0d:e3:93:08:0e:7a:35:56:
ec:57:07:fb:af:04:03:1f:ab:56:06:70:38:31:5f:42:b5:f4:
e9:16:b4:2f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
NjA3NDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE4NEZBNkZDMTUyNUE2
NTQ5REZBNDU5NDlBNjMzRkMzRjRCMEM4N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqrizA6AJ46HfjqOIWE97rem05YmL/Ag8Ji6lxIFr+gtL3Punp
kbHy9CnIX3PiWoCI/S5O1sbmLvq6sIu+B4e/6B01AtSfQLtetECXDh8jfh/Lpm7/
Zyp8vu63vwH+Jz3oyntz/a4L9fzokApkDUfvvmMhsFEoOHmB8YZMWzhRfw0GVoxz
9/aMQYU9AMhFOrS9EiLm8mRh2jmKnfg7apRi+ae5Yl1XJPue+vi9Nn+6gn5CC6dF
HH5qKZFxlhBFIlyTKLAbRo6T2TQ/DlBxoqg7PiWHWkhYk1nQVE5/jIF6ZoDaZz8n
lGmCRK3mDQjncbbccFKZqEFpuT5pgrR7nJc3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqE+m/BUlplSd+kWUmmM/w/SwyH0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xRS1tX0JVbHBsU2Qta1dV
bW1NX3dfU3d5SDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAB60PaQxzlhj3EX9ga6CX0RyR90oDRFoq0+3
559Yz40J4Tv6TdcE9Ip3VnO4EthRALKdLj9OIPtTUfHJSdor7BkzlNjcnTUIqiex
zsmBTNeMjUsgm9vpZ834W2ezKz6Sqhi+IvgLULq5MktEGfdT+laKplOJEvtF6NDJ
+nQwDScAgDuVEUhjH3vFcNMiTrcVJseyz/usD8Mptyfomuf1+DHJ5CqCqhMx20us
K2ThlHigMQu8kt9xJRsH1Y2PjWzTFghwTbLRTsKSJdzz7XwydcPYzu+USM4R6ZXf
WzMlZlG352cN45MIDno1VuxXB/uvBAMfq1YGcDgxX0K19OkWtC8=
-----END CERTIFICATE-----
Generated at Fri Jun 20 18:07:39 2025 by rpki-client