Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gNWsnEj7dpcSnvCOlkmKm4mJylU.roa
File: gNWsnEj7dpcSnvCOlkmKm4mJylU.roa (raw, json)
Hash identifier: 39HZzXREnUe+rakr+IapCdRwt0hsW5QPMvJoIOr0vCc=
Subject key identifier: 80:D5:AC:9C:48:FB:76:97:12:9E:F0:8E:96:49:8A:9B:89:89:CA:55
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2058
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gNWsnEj7dpcSnvCOlkmKm4mJylU.roa
Signing time: Thu 19 Jun 2025 10:19:55 +0000
ROA not before: Thu 19 Jun 2025 10:19:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8280 (0x2058)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 10:19:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=80D5AC9C48FB7697129EF08E96498A9B8989CA55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:ce:03:36:b2:c4:82:86:bf:47:1a:43:94:
f1:ec:7c:a6:4a:92:82:27:8d:16:90:43:1d:01:1f:
8c:e6:59:49:f8:4e:8d:e3:c8:0d:cf:a4:ce:84:cd:
24:42:b1:ab:71:e9:fb:cf:f7:6e:a9:b7:03:4e:3b:
bf:d6:1e:16:e8:46:a1:23:c7:64:b9:44:83:b5:15:
42:6e:b4:65:64:ea:d0:31:9e:02:ad:9a:89:c0:31:
1b:09:b0:8e:8f:0e:d8:af:dd:b0:74:77:1c:ee:bf:
3c:fd:35:54:c4:46:b7:3a:e3:b0:c4:23:34:51:b9:
94:13:28:6e:42:4d:93:97:9e:8b:29:0e:f9:13:24:
84:aa:bf:8f:fe:ca:36:65:08:db:90:f1:db:81:81:
24:2f:03:db:e2:69:26:4a:eb:3b:76:cd:6e:6e:50:
f1:df:bf:4c:89:67:09:b7:b2:a9:c4:53:62:cb:fc:
91:9b:da:79:8e:15:9b:50:62:ce:1d:38:72:38:c0:
a4:dc:b3:c1:49:5b:ad:91:12:21:cb:6e:02:ca:9e:
56:a1:98:5a:20:be:42:12:9c:2e:ad:8b:1a:c1:32:
a9:87:90:4e:d3:8b:52:66:de:17:33:8e:99:a9:e8:
79:f4:81:83:bc:25:0d:98:fe:42:5c:64:4c:5d:99:
3e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D5:AC:9C:48:FB:76:97:12:9E:F0:8E:96:49:8A:9B:89:89:CA:55
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gNWsnEj7dpcSnvCOlkmKm4mJylU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:77:6e:5a:2c:8b:17:c3:d6:61:32:65:2a:f4:89:74:74:fa:
67:40:81:75:68:c6:3f:f5:04:c4:42:f0:67:2b:b4:6e:36:28:
64:99:de:78:b9:c5:df:9e:d0:ac:37:68:68:c6:91:70:7b:87:
11:45:bf:6c:cd:ec:61:c1:19:d1:87:91:5d:a1:36:42:d6:e1:
ea:32:4f:06:8e:c9:c2:d5:c9:e2:ed:fc:7a:cc:df:8a:37:12:
94:37:46:91:37:c6:31:9d:73:0d:52:cb:21:6f:85:a6:31:ac:
4e:63:ce:92:14:be:09:f7:a7:5c:f8:70:e3:6f:be:73:ce:3b:
5e:ae:34:42:39:85:5b:ed:2d:26:8e:09:41:2b:1e:05:b6:08:
5d:aa:ab:fb:05:d7:f9:a3:b4:7c:43:e3:ce:1c:1d:ae:3b:d1:
8c:da:ba:cd:22:c1:e9:30:26:b0:22:93:72:31:7c:6b:5b:03:
f6:2f:dc:5b:09:e6:e6:bc:6a:d5:b8:48:ff:d1:6a:85:55:ce:
1e:94:6b:c3:35:96:df:18:49:5f:6a:76:52:5f:b4:aa:a9:ed:
c1:52:a3:b8:c7:2c:3f:0c:37:b6:28:4e:73:e3:76:6a:9a:d5:
71:ef:7b:88:28:eb:8b:62:f2:6d:1c:e7:ac:4c:47:29:9b:8b:
9c:49:ee:a5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIFgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
MDE5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgwRDVBQzlDNDhGQjc2
OTcxMjlFRjA4RTk2NDk4QTlCODk4OUNBNTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDI/c4DNrLEgoa/RxpDlPHsfKZKkoInjRaQQx0BH4zmWUn4To3j
yA3PpM6EzSRCsatx6fvP926ptwNOO7/WHhboRqEjx2S5RIO1FUJutGVk6tAxngKt
monAMRsJsI6PDtiv3bB0dxzuvzz9NVTERrc647DEIzRRuZQTKG5CTZOXnospDvkT
JISqv4/+yjZlCNuQ8duBgSQvA9viaSZK6zt2zW5uUPHfv0yJZwm3sqnEU2LL/JGb
2nmOFZtQYs4dOHI4wKTcs8FJW62REiHLbgLKnlahmFogvkISnC6tixrBMqmHkE7T
i1Jm3hczjpmp6Hn0gYO8JQ2Y/kJcZExdmT4xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgNWsnEj7dpcSnvCOlkmKm4mJylUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nTldzbkVqN2RwY1NudkNP
bGttS200bUp5bFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACF3blosixfD1mEyZSr0iXR0+mdAgXVoxj/1
BMRC8GcrtG42KGSZ3ni5xd+e0Kw3aGjGkXB7hxFFv2zN7GHBGdGHkV2hNkLW4eoy
TwaOycLVyeLt/HrM34o3EpQ3RpE3xjGdcw1SyyFvhaYxrE5jzpIUvgn3p1z4cONv
vnPOO16uNEI5hVvtLSaOCUErHgW2CF2qq/sF1/mjtHxD484cHa470Yzaus0iwekw
JrAik3IxfGtbA/Yv3FsJ5ua8atW4SP/RaoVVzh6Ua8M1lt8YSV9qdlJftKqp7cFS
o7jHLD8MN7YoTnPjdmqa1XHve4go64ti8m0c56xMRymbi5xJ7qU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:12 2025 by rpki-client