Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/G_IcMYzn--Q4RM7MWnuU7asBhHI.roa
File: G_IcMYzn--Q4RM7MWnuU7asBhHI.roa (raw, json)
Hash identifier: i6Xuv4yXvgCRMrl2dpaGoSoGVMvxGCPsDHnMdhvGJkY=
Subject key identifier: 1B:F2:1C:31:8C:E7:FB:E4:38:44:CE:CC:5A:7B:94:ED:AB:01:84:72
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E80
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/G_IcMYzn--Q4RM7MWnuU7asBhHI.roa
Signing time: Mon 16 Jun 2025 18:11:00 +0000
ROA not before: Mon 16 Jun 2025 18:11:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7808 (0x1e80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 18:11:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1BF21C318CE7FBE43844CECC5A7B94EDAB018472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:79:e9:9a:fe:64:c4:0c:27:84:06:db:e5:
da:26:ff:11:b5:50:e3:fa:b2:da:74:db:2a:70:d1:
e5:59:67:58:6c:7e:f2:03:00:1d:49:f3:b6:db:27:
66:d1:45:7f:66:22:33:66:a8:2a:6b:90:82:02:28:
d6:dd:10:83:6b:f1:47:96:c2:23:90:38:f0:5f:28:
90:8e:04:c8:ae:72:f1:b2:34:19:79:1e:18:d9:26:
b0:a1:ee:e2:39:aa:13:4c:ce:91:37:4d:d2:e8:10:
c3:a6:ce:e2:32:2a:b2:c3:8e:d4:96:1a:d2:14:44:
17:e2:eb:32:9e:16:0c:83:35:c4:84:d6:44:94:67:
39:c7:85:60:26:8e:e9:d7:f8:71:dc:14:e5:54:fb:
63:8f:e4:a6:04:4c:33:3d:6d:ba:83:ee:a1:51:17:
c1:4d:a0:9f:30:65:c9:a5:0c:18:d4:a2:4f:1f:90:
56:78:3e:ca:cb:28:7a:77:d4:d7:98:95:e9:d0:8f:
1f:62:5c:e3:89:db:77:4a:c9:ad:37:c7:09:ee:a2:
e5:b2:69:d8:7c:de:7a:98:33:c5:85:be:a5:fa:e2:
d7:10:ef:0e:75:2b:d5:18:49:49:81:b8:7b:15:5d:
86:a0:ad:d6:1a:47:32:c6:7d:4b:d0:95:19:85:26:
15:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:F2:1C:31:8C:E7:FB:E4:38:44:CE:CC:5A:7B:94:ED:AB:01:84:72
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/G_IcMYzn--Q4RM7MWnuU7asBhHI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:4e:57:c2:b7:9d:d4:f6:20:12:bb:1f:3a:4c:e0:e7:b7:70:
b0:6a:6f:d9:34:77:f0:33:8d:51:f3:5e:4c:4d:74:72:f9:89:
52:9a:8f:f8:74:4f:45:cb:b0:bd:eb:14:23:5e:4b:cd:86:66:
f8:31:bb:89:32:82:7c:90:69:e5:dc:8f:da:63:76:97:ba:73:
8f:23:29:31:d8:00:72:45:65:3e:4c:ce:7b:1b:da:8d:51:56:
81:54:cd:fe:39:3b:1e:ce:fc:d1:fb:ce:30:76:5e:dd:ef:20:
3d:60:70:7e:3e:aa:01:2d:8d:8c:60:3c:ed:46:4c:5f:0f:f5:
28:44:2e:e0:91:b6:ac:b4:8b:ff:bf:06:ee:e4:6f:a5:35:5c:
af:12:f9:d1:98:03:47:8a:3b:3e:2a:bc:d3:c2:b2:1c:f1:11:
0d:8a:21:1f:32:ec:14:8f:67:2f:a2:0e:79:e2:ad:34:b2:3e:
e4:00:8f:eb:db:e8:c1:3b:0d:f5:87:f0:00:fb:67:31:d0:df:
63:b2:64:05:30:91:c6:2e:d4:fe:e2:e9:e8:92:66:f9:4f:6b:
88:8e:f0:af:23:76:ac:e3:3c:b8:cf:61:9e:3c:c5:3a:16:e8:
05:fc:82:d5:ea:0d:b1:53:c6:8b:e0:6c:4e:c3:27:c3:31:77:
22:f8:a4:6a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
ODExMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFCRjIxQzMxOENFN0ZC
RTQzODQ0Q0VDQzVBN0I5NEVEQUIwMTg0NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj83npmv5kxAwnhAbb5dom/xG1UOP6stp02ypw0eVZZ1hsfvID
AB1J87bbJ2bRRX9mIjNmqCprkIICKNbdEINr8UeWwiOQOPBfKJCOBMiucvGyNBl5
HhjZJrCh7uI5qhNMzpE3TdLoEMOmzuIyKrLDjtSWGtIURBfi6zKeFgyDNcSE1kSU
ZznHhWAmjunX+HHcFOVU+2OP5KYETDM9bbqD7qFRF8FNoJ8wZcmlDBjUok8fkFZ4
PsrLKHp31NeYlenQjx9iXOOJ23dKya03xwnuouWyadh83nqYM8WFvqX64tcQ7w51
K9UYSUmBuHsVXYagrdYaRzLGfUvQlRmFJhXJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUG/IcMYzn++Q4RM7MWnuU7asBhHIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HX0ljTVl6bi0tUTRSTTdN
V251VTdhc0JoSEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEBOV8K3ndT2IBK7HzpM4Oe3cLBqb9k0d/Az
jVHzXkxNdHL5iVKaj/h0T0XLsL3rFCNeS82GZvgxu4kygnyQaeXcj9pjdpe6c48j
KTHYAHJFZT5Mznsb2o1RVoFUzf45Ox7O/NH7zjB2Xt3vID1gcH4+qgEtjYxgPO1G
TF8P9ShELuCRtqy0i/+/Bu7kb6U1XK8S+dGYA0eKOz4qvNPCshzxEQ2KIR8y7BSP
Zy+iDnnirTSyPuQAj+vb6ME7DfWH8AD7ZzHQ32OyZAUwkcYu1P7i6eiSZvlPa4iO
8K8jdqzjPLjPYZ48xToW6AX8gtXqDbFTxovgbE7DJ8MxdyL4pGo=
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:08:55 2025 by rpki-client