Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GP--oN0MfHTivPj-PisYFQuYJ1E.roa
File: GP--oN0MfHTivPj-PisYFQuYJ1E.roa (raw, json)
Hash identifier: mCNxb5mOjsWCF33tUH6WVGajr7JAIWrhqQ+tBDAst20=
Subject key identifier: 18:FF:BE:A0:DD:0C:7C:74:E2:BC:F8:FE:3E:2B:18:15:0B:98:27:51
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22D8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GP--oN0MfHTivPj-PisYFQuYJ1E.roa
Signing time: Mon 23 Jun 2025 00:41:56 +0000
ROA not before: Mon 23 Jun 2025 00:41:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8920 (0x22d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 00:41:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=18FFBEA0DD0C7C74E2BCF8FE3E2B18150B982751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:92:65:45:ec:d3:68:b3:2b:2e:fc:84:7e:45:
d1:c0:4e:20:c9:ca:5e:50:9f:e1:2f:40:a9:04:38:
a5:0f:95:e4:c6:4a:11:aa:c0:aa:21:a0:22:2b:8c:
3e:3b:63:79:6d:2a:a7:bb:c3:3c:69:33:19:90:dd:
7e:a3:3f:d3:a9:92:32:a3:cb:5a:2f:cd:a4:f2:08:
9e:31:38:5c:28:7e:34:02:11:90:9f:2b:a9:d6:c9:
b9:4c:07:22:ec:46:11:e4:b4:d6:57:41:d5:68:2b:
e7:50:ed:fd:69:d9:d7:44:72:37:2c:92:e3:34:4b:
fe:40:1d:75:79:30:94:60:70:c3:ca:27:03:3a:6f:
84:6a:5e:a4:27:6a:cf:20:5d:52:58:43:2b:14:69:
94:d7:d1:10:3a:9d:c2:e8:43:ba:2e:ad:a1:ed:01:
9d:84:9a:df:8c:b9:b0:38:7c:b6:71:ad:60:91:8b:
fd:14:3a:78:50:20:a4:2d:7f:d7:42:b5:17:9f:9d:
21:20:21:b4:64:8c:78:92:46:6c:bd:1e:c5:ed:45:
54:da:87:b5:5c:9b:ac:68:98:1d:ac:b1:ac:a9:4b:
26:28:2d:ed:c7:b8:ee:19:f0:49:9b:24:ff:dd:05:
a9:8d:9a:06:ac:55:b4:d3:50:2f:0e:75:d5:94:82:
6b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FF:BE:A0:DD:0C:7C:74:E2:BC:F8:FE:3E:2B:18:15:0B:98:27:51
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GP--oN0MfHTivPj-PisYFQuYJ1E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:80:b7:2f:29:62:2f:4f:a0:52:41:c3:cf:d4:81:11:7a:1a:
96:08:b7:43:d2:ab:e0:7a:1c:34:2d:db:ec:ac:51:25:b1:90:
b3:83:2f:99:ee:d6:34:48:c8:73:2d:a8:73:ae:06:1d:dd:21:
07:6f:b3:e7:38:76:17:98:d6:1d:29:58:dd:aa:e4:dc:fb:65:
69:67:a7:fc:b9:78:d1:50:f4:c6:0f:53:0e:a0:53:65:63:89:
52:b7:68:fc:c1:48:d0:08:50:77:00:16:f3:05:50:7a:d4:a9:
a3:5a:df:bc:ba:cc:3f:2b:d3:2a:2f:cc:25:93:ec:96:7b:e8:
41:3b:3c:41:b3:36:8b:44:d7:a8:3c:a2:60:bf:fd:d6:c5:e1:
60:3b:df:aa:fa:3b:c8:58:e7:be:49:4b:44:8b:35:3f:8c:cd:
be:d7:37:b3:9c:fa:91:56:80:95:21:e9:db:3d:20:c1:7e:19:
db:27:e7:36:19:f3:83:b1:0a:84:95:7e:a6:1f:fb:a9:53:7c:
17:4d:39:c7:b6:7c:16:fd:22:77:de:fb:ef:18:36:8e:2b:33:
0c:fb:ce:c4:3f:d3:73:4d:18:05:61:f7:32:a3:e9:93:5d:46:
40:a4:f0:87:23:3e:a8:88:c2:2c:b4:b1:e2:f7:12:e7:06:e1:
83:93:19:cb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICItgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMw
MDQxNTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE4RkZCRUEwREQwQzdD
NzRFMkJDRjhGRTNFMkIxODE1MEI5ODI3NTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2kmVF7NNosysu/IR+RdHATiDJyl5Qn+EvQKkEOKUPleTGShGq
wKohoCIrjD47Y3ltKqe7wzxpMxmQ3X6jP9OpkjKjy1ovzaTyCJ4xOFwofjQCEZCf
K6nWyblMByLsRhHktNZXQdVoK+dQ7f1p2ddEcjcskuM0S/5AHXV5MJRgcMPKJwM6
b4RqXqQnas8gXVJYQysUaZTX0RA6ncLoQ7ouraHtAZ2Emt+MubA4fLZxrWCRi/0U
OnhQIKQtf9dCtRefnSEgIbRkjHiSRmy9HsXtRVTah7Vcm6xomB2ssaypSyYoLe3H
uO4Z8EmbJP/dBamNmgasVbTTUC8OddWUgmvZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGP++oN0MfHTivPj+PisYFQuYJ1EwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HUC0tb04wTWZIVGl2UGot
UGlzWUZRdVlKMUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIqAty8pYi9PoFJBw8/UgRF6GpYIt0PSq+B6
HDQt2+ysUSWxkLODL5nu1jRIyHMtqHOuBh3dIQdvs+c4dheY1h0pWN2q5Nz7ZWln
p/y5eNFQ9MYPUw6gU2VjiVK3aPzBSNAIUHcAFvMFUHrUqaNa37y6zD8r0yovzCWT
7JZ76EE7PEGzNotE16g8omC//dbF4WA736r6O8hY575JS0SLNT+Mzb7XN7Oc+pFW
gJUh6ds9IMF+Gdsn5zYZ84OxCoSVfqYf+6lTfBdNOce2fBb9Infe++8YNo4rMwz7
zsQ/03NNGAVh9zKj6ZNdRkCk8IcjPqiIwiy0seL3EucG4YOTGcs=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:21:40 2025 by rpki-client