Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aQ9VC7rV2SSWdB1R6jhh0toegTs.roa
File: aQ9VC7rV2SSWdB1R6jhh0toegTs.roa (raw, json)
Hash identifier: qcp0aOv3TorLvuY8DSp/umyJdzd2XyeME8bYWTbh6yM=
Subject key identifier: 69:0F:55:0B:BA:D5:D9:24:96:74:1D:51:EA:38:61:D2:DA:1E:81:3B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0778
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aQ9VC7rV2SSWdB1R6jhh0toegTs.roa
Signing time: Sat 17 May 2025 01:08:08 +0000
ROA not before: Sat 17 May 2025 01:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1912 (0x778)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 01:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=690F550BBAD5D92496741D51EA3861D2DA1E813B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:11:af:33:76:b0:91:e8:09:d8:8e:7e:11:
e1:20:74:12:6e:a9:55:59:2d:47:44:b8:b9:3d:cf:
d3:d0:24:06:39:35:f2:c6:29:73:ab:e1:88:c9:d4:
1b:97:1f:ab:e5:65:15:bf:6c:44:e1:e8:57:c1:7e:
95:25:c4:8f:c9:a2:58:77:e2:b1:b0:60:bc:aa:e8:
d2:83:d3:47:2a:60:34:6a:01:3a:5c:8e:57:50:42:
88:80:71:a5:44:96:6b:92:0c:8a:05:be:96:e3:5e:
f8:d2:da:a7:08:41:7a:bf:d8:ee:4e:73:f8:f4:85:
65:ed:1e:f6:29:38:bb:01:61:8b:44:03:16:95:9b:
b6:2e:be:69:c3:d7:1a:ef:49:7d:ec:39:70:b3:aa:
b7:1a:33:b5:ff:61:dc:d2:b5:bb:56:23:27:61:80:
41:67:1c:73:77:1b:93:77:50:60:90:b4:24:69:19:
8d:4e:14:b9:05:de:0b:89:b5:a6:8c:ec:65:6b:a1:
9e:a0:93:b2:d5:58:cb:7b:a0:ea:01:7c:bd:ec:b1:
db:1f:2c:d0:5f:1a:5f:2b:1a:47:b3:1d:52:c7:02:
3c:37:47:85:24:ad:69:69:11:3e:75:26:0e:2b:9f:
8e:f3:d2:1e:2d:b8:3a:68:63:b9:d2:26:a4:0f:e6:
61:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0F:55:0B:BA:D5:D9:24:96:74:1D:51:EA:38:61:D2:DA:1E:81:3B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aQ9VC7rV2SSWdB1R6jhh0toegTs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:3e:d4:4d:36:a2:48:c1:98:dc:61:dc:3f:41:3f:c2:8f:b5:
15:74:69:ac:fc:13:ba:c2:1a:9c:4c:37:ad:96:db:1f:c0:6c:
90:df:40:c5:dc:78:6e:8a:41:5b:11:38:c4:08:d8:0a:90:2c:
7c:5d:d1:e8:73:3d:40:ad:30:5b:40:75:81:49:45:7e:c4:fb:
9e:f3:ff:54:24:8c:2e:4e:4b:97:37:57:6e:5c:6a:c6:b0:ec:
d4:e6:20:37:67:a3:81:68:ff:01:8f:8e:7a:6a:c9:81:3d:3d:
83:7e:41:8f:52:ba:bc:52:0f:48:8e:b5:be:b1:2c:01:81:83:
4b:ec:c5:fd:c1:00:db:a9:b5:7f:ee:d1:2b:a9:cd:a0:2a:97:
65:a6:a3:9a:18:7f:71:8b:a1:41:23:59:c8:82:46:69:01:e1:
dc:77:03:b2:66:1d:48:b2:72:94:77:f0:0f:6b:0c:1e:7c:b5:
c3:c4:3f:31:18:d0:fe:77:64:a6:68:a7:5c:a0:83:ed:fc:8c:
a3:9f:35:41:56:d4:17:f2:a5:53:ab:3b:e6:c9:09:b2:27:b5:
26:35:34:b1:8a:c7:42:e7:50:76:66:c5:c0:b9:6c:62:4b:bc:
dc:7a:26:30:d8:1e:7d:18:41:e0:af:7f:7b:2c:5f:d0:00:80:
1f:49:fa:23
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB3gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
MTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY5MEY1NTBCQkFENUQ5
MjQ5Njc0MUQ1MUVBMzg2MUQyREExRTgxM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDccxGvM3awkegJ2I5+EeEgdBJuqVVZLUdEuLk9z9PQJAY5NfLG
KXOr4YjJ1BuXH6vlZRW/bETh6FfBfpUlxI/Jolh34rGwYLyq6NKD00cqYDRqATpc
jldQQoiAcaVElmuSDIoFvpbjXvjS2qcIQXq/2O5Oc/j0hWXtHvYpOLsBYYtEAxaV
m7YuvmnD1xrvSX3sOXCzqrcaM7X/YdzStbtWIydhgEFnHHN3G5N3UGCQtCRpGY1O
FLkF3guJtaaM7GVroZ6gk7LVWMt7oOoBfL3ssdsfLNBfGl8rGkezHVLHAjw3R4Uk
rWlpET51Jg4rn47z0h4tuDpoY7nSJqQP5mGfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaQ9VC7rV2SSWdB1R6jhh0toegTswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hUTlWQzdyVjJTU1dkQjFS
NmpoaDB0b2VnVHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIQ+1E02okjBmNxh3D9BP8KPtRV0aaz8E7rC
GpxMN62W2x/AbJDfQMXceG6KQVsROMQI2AqQLHxd0ehzPUCtMFtAdYFJRX7E+57z
/1QkjC5OS5c3V25casaw7NTmIDdno4Fo/wGPjnpqyYE9PYN+QY9SurxSD0iOtb6x
LAGBg0vsxf3BANuptX/u0SupzaAql2Wmo5oYf3GLoUEjWciCRmkB4dx3A7JmHUiy
cpR38A9rDB58tcPEPzEY0P53ZKZop1ygg+38jKOfNUFW1BfypVOrO+bJCbIntSY1
NLGKx0LnUHZmxcC5bGJLvNx6JjDYHn0YQeCvf3ssX9AAgB9J+iM=
-----END CERTIFICATE-----
Generated at Sat May 17 23:55:13 2025 by rpki-client