Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QlsYxYLHBg6FHDYB4s1A4AvJWXA.roa
File: QlsYxYLHBg6FHDYB4s1A4AvJWXA.roa (raw, json)
Hash identifier: 06GgmeKeJuHxwioBHmJvhV2nRwvk34HVm8X1A00j++E=
Subject key identifier: 42:5B:18:C5:82:C7:06:0E:85:1C:36:01:E2:CD:40:E0:0B:C9:59:70
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01B0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QlsYxYLHBg6FHDYB4s1A4AvJWXA.roa
Signing time: Fri 09 May 2025 08:07:46 +0000
ROA not before: Fri 09 May 2025 08:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 432 (0x1b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 08:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=425B18C582C7060E851C3601E2CD40E00BC95970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:0f:a8:4d:fd:7d:a7:c1:44:bf:10:11:63:
b4:10:bc:24:8d:d7:38:f5:7c:a2:05:33:1d:a7:5f:
8e:46:db:74:07:03:8d:31:52:9f:03:58:dc:bd:81:
a4:1d:0a:00:4e:67:e9:1a:48:6e:fe:1c:18:63:25:
ad:3f:96:a6:28:56:af:33:9a:ac:b1:23:b8:c2:f2:
5c:7d:0d:6f:66:83:fa:3d:78:77:94:88:5d:52:2a:
a4:90:7f:84:0b:98:c1:1e:a4:bc:4f:76:06:29:52:
99:92:95:15:a9:28:46:25:7a:50:99:31:96:c7:f7:
ec:95:4f:e5:bd:30:cd:bb:c5:4d:74:ed:de:b6:93:
4a:78:4e:fb:49:b6:f1:44:67:58:2b:4c:b9:a2:63:
6b:aa:30:91:b1:81:53:dd:3c:a1:fd:22:d2:fe:70:
73:03:e9:7e:fb:8f:92:09:84:72:4c:f6:ac:e6:06:
e8:30:a7:68:44:eb:37:40:e7:76:77:09:08:fc:e1:
69:dc:95:8f:42:9e:95:72:56:61:32:09:71:2a:cd:
22:6a:5e:26:be:25:4f:6d:0c:61:46:d6:f4:a3:a5:
bf:05:d5:3c:10:7f:7a:e1:da:17:e2:be:2a:e2:95:
bf:72:f0:07:09:60:1b:42:e3:a7:31:1e:56:59:a6:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5B:18:C5:82:C7:06:0E:85:1C:36:01:E2:CD:40:E0:0B:C9:59:70
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QlsYxYLHBg6FHDYB4s1A4AvJWXA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:8e:af:4e:9e:ad:0f:51:0c:50:fa:45:88:81:85:7f:0a:15:
aa:6e:00:e9:0d:92:ff:17:7f:e2:99:cf:41:fc:71:36:19:aa:
a8:ec:4b:c8:41:b5:f2:d4:b3:43:84:6a:1b:ff:33:90:6a:41:
62:ed:36:46:70:85:27:f8:aa:ec:e6:5e:62:b9:6c:81:bc:bf:
5a:d0:7d:e6:77:37:b4:ef:27:71:1d:8a:22:d8:e8:6e:1f:9d:
96:3e:b3:1a:04:5d:09:a2:cb:ea:8d:ba:96:40:a3:43:78:41:
ed:c9:48:8e:24:49:f8:a8:a7:51:b3:71:fa:76:8b:c5:43:33:
92:36:f7:dc:e9:73:58:ac:7d:11:13:88:75:3f:74:c4:0c:4c:
4d:e3:29:12:e0:ef:da:0a:dd:7e:fa:43:7f:64:99:62:2d:4c:
76:79:a9:0f:72:0c:bb:cc:8f:22:78:6d:bb:ba:c5:2a:83:17:
92:fc:a6:47:ce:0c:06:b4:a9:17:ee:6e:6d:fe:59:45:33:70:
01:e9:14:7f:f2:9c:d3:d2:2d:11:82:8b:87:e1:c9:8a:33:1a:
42:ef:69:2c:3a:b5:27:af:fc:18:0b:df:82:59:4e:bd:3b:0b:
b9:90:e6:73:ef:8a:9d:9c:00:55:04:c4:b2:80:50:39:48:2d:
97:25:66:c8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAbAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
ODA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQyNUIxOEM1ODJDNzA2
MEU4NTFDMzYwMUUyQ0Q0MEUwMEJDOTU5NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkmQ+oTf19p8FEvxARY7QQvCSN1zj1fKIFMx2nX45G23QHA40x
Up8DWNy9gaQdCgBOZ+kaSG7+HBhjJa0/lqYoVq8zmqyxI7jC8lx9DW9mg/o9eHeU
iF1SKqSQf4QLmMEepLxPdgYpUpmSlRWpKEYlelCZMZbH9+yVT+W9MM27xU107d62
k0p4TvtJtvFEZ1grTLmiY2uqMJGxgVPdPKH9ItL+cHMD6X77j5IJhHJM9qzmBugw
p2hE6zdA53Z3CQj84WnclY9CnpVyVmEyCXEqzSJqXia+JU9tDGFG1vSjpb8F1TwQ
f3rh2hfivirilb9y8AcJYBtC46cxHlZZpjvTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQlsYxYLHBg6FHDYB4s1A4AvJWXAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RbHNZeFlMSEJnNkZIRFlC
NHMxQTRBdkpXWEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADGOr06erQ9RDFD6RYiBhX8KFapuAOkNkv8X
f+KZz0H8cTYZqqjsS8hBtfLUs0OEahv/M5BqQWLtNkZwhSf4quzmXmK5bIG8v1rQ
feZ3N7TvJ3EdiiLY6G4fnZY+sxoEXQmiy+qNupZAo0N4Qe3JSI4kSfiop1Gzcfp2
i8VDM5I299zpc1isfRETiHU/dMQMTE3jKRLg79oK3X76Q39kmWItTHZ5qQ9yDLvM
jyJ4bbu6xSqDF5L8pkfODAa0qRfubm3+WUUzcAHpFH/ynNPSLRGCi4fhyYozGkLv
aSw6tSev/BgL34JZTr07C7mQ5nPvip2cAFUExLKAUDlILZclZsg=
-----END CERTIFICATE-----
Generated at Sun May 18 03:05:13 2025 by rpki-client