Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fGKL9siDhthjERUmJDEBTNoS4cA.roa
File: fGKL9siDhthjERUmJDEBTNoS4cA.roa (raw, json)
Hash identifier: fNWL5lGU82JYPk7x/ZPAABmhiFbxYGQDepPFtef8uaQ=
Subject key identifier: 7C:62:8B:F6:C8:83:86:D8:63:11:15:26:24:31:01:4C:DA:12:E1:C0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1250
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fGKL9siDhthjERUmJDEBTNoS4cA.roa
Signing time: Sat 31 May 2025 12:09:11 +0000
ROA not before: Sat 31 May 2025 12:09:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4688 (0x1250)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 12:09:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7C628BF6C88386D8631115262431014CDA12E1C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:14:2c:3d:52:c0:ae:f2:d7:5e:42:a7:5e:88:
02:26:a8:1a:61:7c:20:ec:7a:43:4e:0d:89:2b:42:
87:48:51:07:79:3b:46:3d:85:9b:e6:2d:f4:92:7c:
09:9a:fb:07:32:e6:5b:d8:48:cf:42:e8:cf:be:94:
e8:1f:d8:3e:67:32:a1:f6:6b:3d:78:cd:40:5f:be:
da:67:87:82:5b:9c:27:3c:2e:e7:d5:b9:69:d8:0a:
3b:66:65:97:da:0b:b5:dd:98:8f:a4:b9:53:0f:00:
f6:66:1f:21:3b:a3:7a:1c:fb:76:01:ac:82:37:c2:
54:c2:38:48:85:d3:30:3b:2a:fd:d7:24:30:3d:f0:
be:ad:19:42:15:9f:f4:11:94:62:87:1f:43:37:92:
be:2d:ec:a3:a1:26:dc:81:b3:82:84:16:5c:54:ba:
04:0d:25:84:04:df:ae:1f:e7:f8:38:e7:51:7e:91:
ba:ff:b1:4f:42:29:36:27:fc:a1:75:05:9d:07:25:
ef:d6:0a:f1:c0:16:2b:56:85:8c:9f:a9:57:42:a5:
46:ce:6b:6f:61:b2:4c:d9:9e:09:96:12:ec:67:51:
79:31:b2:c8:d1:9d:4c:51:98:a0:fc:98:cc:66:96:
36:02:d3:5a:20:03:9e:86:21:7b:45:08:f1:f7:ac:
06:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:62:8B:F6:C8:83:86:D8:63:11:15:26:24:31:01:4C:DA:12:E1:C0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fGKL9siDhthjERUmJDEBTNoS4cA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:7a:78:f3:eb:18:df:ca:7c:43:c8:29:ad:0e:f1:e6:31:ca:
c7:d2:93:7f:5d:b6:17:74:4b:11:49:2d:5e:79:22:36:46:4f:
5b:74:c9:02:03:50:9d:89:d4:bc:7d:01:5d:27:e7:d8:32:4e:
55:cf:13:ee:02:c6:dc:39:ed:28:7e:ed:69:66:e2:5d:ec:b2:
de:28:0f:f0:d9:35:30:64:b9:b2:7d:bc:e7:5a:76:b0:b4:97:
00:c1:88:28:b5:ce:a7:6f:19:a0:7b:7a:a9:32:ec:ca:30:27:
76:6d:75:79:87:d9:a6:d4:bc:25:81:93:b9:27:4f:42:e6:10:
96:8d:42:b9:8d:6f:61:a3:15:9c:5c:09:d3:49:3e:fe:b4:6d:
c0:8d:64:40:a3:91:43:bc:a6:45:f6:d0:a6:5c:e7:3a:5b:fa:
b6:7e:fb:6c:ab:0e:2e:f1:19:3b:06:47:e9:b7:05:f5:40:6e:
bb:b9:10:56:39:4d:df:e9:86:d3:09:e5:03:6e:c5:1e:5f:52:
d7:be:29:f7:ba:84:1e:3d:39:1a:f1:3c:8e:da:16:05:e8:94:
54:16:4d:4c:f1:ad:3a:f7:3f:f1:43:23:8a:dd:d3:46:a0:e2:
d8:fb:0f:ec:6c:13:3c:79:dc:a6:23:92:30:43:73:ce:db:6f:
6d:2a:14:51
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICElAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
MjA5MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdDNjI4QkY2Qzg4Mzg2
RDg2MzExMTUyNjI0MzEwMTRDREExMkUxQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNFCw9UsCu8tdeQqdeiAImqBphfCDsekNODYkrQodIUQd5O0Y9
hZvmLfSSfAma+wcy5lvYSM9C6M++lOgf2D5nMqH2az14zUBfvtpnh4JbnCc8LufV
uWnYCjtmZZfaC7XdmI+kuVMPAPZmHyE7o3oc+3YBrII3wlTCOEiF0zA7Kv3XJDA9
8L6tGUIVn/QRlGKHH0M3kr4t7KOhJtyBs4KEFlxUugQNJYQE364f5/g451F+kbr/
sU9CKTYn/KF1BZ0HJe/WCvHAFitWhYyfqVdCpUbOa29hskzZngmWEuxnUXkxssjR
nUxRmKD8mMxmljYC01ogA56GIXtFCPH3rAYPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfGKL9siDhthjERUmJDEBTNoS4cAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mR0tMOXNpRGh0aGpFUlVt
SkRFQlROb1M0Y0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEd6ePPrGN/KfEPIKa0O8eYxysfSk39dthd0
SxFJLV55IjZGT1t0yQIDUJ2J1Lx9AV0n59gyTlXPE+4Cxtw57Sh+7Wlm4l3sst4o
D/DZNTBkubJ9vOdadrC0lwDBiCi1zqdvGaB7eqky7MowJ3ZtdXmH2abUvCWBk7kn
T0LmEJaNQrmNb2GjFZxcCdNJPv60bcCNZECjkUO8pkX20KZc5zpb+rZ++2yrDi7x
GTsGR+m3BfVAbru5EFY5Td/phtMJ5QNuxR5fUte+Kfe6hB49ORrxPI7aFgXolFQW
TUzxrTr3P/FDI4rd00ag4tj7D+xsEzx53KYjkjBDc87bb20qFFE=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:12:27 2025 by rpki-client