Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ga_gYE2oymp6vYCobas1u-QS7qI.roa
File: Ga_gYE2oymp6vYCobas1u-QS7qI.roa (raw, json)
Hash identifier: xjYdYjRQStqnhUR5E+Xfju/GGkYRBfTY75+R7xHNfw4=
Subject key identifier: 19:AF:E0:60:4D:A8:CA:6A:7A:BD:80:A8:6D:AB:35:BB:E4:12:EE:A2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 162C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ga_gYE2oymp6vYCobas1u-QS7qI.roa
Signing time: Thu 05 Jun 2025 15:39:34 +0000
ROA not before: Thu 05 Jun 2025 15:39:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5676 (0x162c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 15:39:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=19AFE0604DA8CA6A7ABD80A86DAB35BBE412EEA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3b:c5:98:55:a1:bd:48:47:24:02:65:96:62:
b0:62:5b:4c:5d:1f:51:af:98:8d:eb:54:0c:f9:21:
70:d0:dd:fe:a4:45:79:41:4b:d1:2d:1e:c5:80:09:
fe:a6:ac:5b:9f:5a:31:88:5a:a2:3c:2d:f7:18:39:
c1:ff:10:e0:5b:77:80:15:4c:cb:79:37:e9:bb:2e:
3e:84:8a:07:35:b2:37:9c:87:a2:99:92:55:82:59:
5c:02:c4:b5:c2:c7:7d:b2:0a:e6:05:cc:c8:df:36:
32:ec:f3:7f:4d:da:71:ca:6c:c4:47:84:5f:b8:3a:
6a:c1:25:cc:ff:a5:fe:ff:61:6d:51:76:07:47:40:
bc:ac:9a:2a:43:56:b1:b0:bb:06:4b:0b:11:b4:16:
5e:ed:e4:64:05:58:65:ca:e4:17:b6:c0:57:c6:b5:
7e:e6:67:d3:12:c6:e0:a1:8f:70:3c:97:92:8e:b7:
fa:a1:97:6d:3e:32:c7:0d:20:52:84:53:0c:13:19:
a2:64:65:0a:09:e5:c9:bd:4f:37:5a:88:99:1c:80:
1b:4e:75:9d:7f:66:35:bd:7d:cb:e6:73:02:9b:c6:
42:a3:c5:42:d7:4b:2c:3a:13:e5:70:6d:9f:d7:b5:
8b:04:e5:07:9e:aa:0e:f9:2c:26:5b:11:d1:f0:31:
c8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AF:E0:60:4D:A8:CA:6A:7A:BD:80:A8:6D:AB:35:BB:E4:12:EE:A2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ga_gYE2oymp6vYCobas1u-QS7qI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:cb:09:4c:11:02:be:f2:1b:94:05:b7:00:75:6a:b9:10:95:
99:e8:21:65:e2:b1:b0:19:c5:a0:89:f5:a5:76:a5:c9:f8:a7:
cc:11:c1:6f:69:df:4b:4e:0b:f9:4a:68:38:17:3b:14:ba:a7:
32:95:9d:00:d9:09:2d:55:cf:bf:ed:29:5b:b1:60:e3:8f:78:
9a:4b:01:27:9a:ee:48:f2:e1:9c:ec:f4:d2:74:b8:ec:4e:c8:
b6:bf:e6:34:da:25:17:65:c1:6e:df:80:c7:8a:ad:62:84:43:
15:c1:7a:8f:14:f3:9d:87:49:1f:81:10:68:54:b5:cc:ff:e7:
21:60:67:18:5a:23:fd:bb:e9:5f:0f:83:a4:02:40:62:5c:fe:
fb:75:55:34:80:a9:d1:a4:00:42:5e:6c:1e:b3:34:75:9d:51:
1b:da:3b:01:bd:26:98:4d:e3:cb:97:a6:fe:75:ec:f2:4c:47:
a4:ea:4f:2d:29:f5:a1:af:a2:c8:17:40:36:4b:f7:3f:19:8d:
79:84:75:6a:98:58:e4:46:09:d6:00:6b:66:3a:3b:30:2a:9e:
42:2a:5f:86:1a:8d:1c:e5:5a:e1:28:c5:d7:6d:da:28:c4:74:
32:b0:f5:45:92:32:e5:b5:5c:82:c3:f0:18:b2:f0:b7:7e:70:
0f:63:a9:eb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFiwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
NTM5MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5QUZFMDYwNERBOENB
NkE3QUJEODBBODZEQUIzNUJCRTQxMkVFQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTO8WYVaG9SEckAmWWYrBiW0xdH1GvmI3rVAz5IXDQ3f6kRXlB
S9EtHsWACf6mrFufWjGIWqI8LfcYOcH/EOBbd4AVTMt5N+m7Lj6Eigc1sjech6KZ
klWCWVwCxLXCx32yCuYFzMjfNjLs839N2nHKbMRHhF+4OmrBJcz/pf7/YW1RdgdH
QLysmipDVrGwuwZLCxG0Fl7t5GQFWGXK5Be2wFfGtX7mZ9MSxuChj3A8l5KOt/qh
l20+MscNIFKEUwwTGaJkZQoJ5cm9TzdaiJkcgBtOdZ1/ZjW9fcvmcwKbxkKjxULX
Syw6E+VwbZ/XtYsE5Qeeqg75LCZbEdHwMcgRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGa/gYE2oymp6vYCobas1u+QS7qIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HYV9nWUUyb3ltcDZ2WUNv
YmFzMXUtUVM3cUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKHLCUwRAr7yG5QFtwB1arkQlZnoIWXisbAZ
xaCJ9aV2pcn4p8wRwW9p30tOC/lKaDgXOxS6pzKVnQDZCS1Vz7/tKVuxYOOPeJpL
ASea7kjy4Zzs9NJ0uOxOyLa/5jTaJRdlwW7fgMeKrWKEQxXBeo8U852HSR+BEGhU
tcz/5yFgZxhaI/276V8Pg6QCQGJc/vt1VTSAqdGkAEJebB6zNHWdURvaOwG9JphN
48uXpv517PJMR6TqTy0p9aGvosgXQDZL9z8ZjXmEdWqYWORGCdYAa2Y6OzAqnkIq
X4YajRzlWuEoxddt2ijEdDKw9UWSMuW1XILD8Biy8Ld+cA9jqes=
-----END CERTIFICATE-----
Generated at Sat Jun 21 06:45:46 2025 by rpki-client