Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GrAZW9Nv4pes7cMjLqV9rX39yMo.roa
File: GrAZW9Nv4pes7cMjLqV9rX39yMo.roa (raw, json)
Hash identifier: Q2C6FbUihL4KxHvEo6lm3o2JqYRpWtWldYBHA1qeb/s=
Subject key identifier: 1A:B0:19:5B:D3:6F:E2:97:AC:ED:C3:23:2E:A5:7D:AD:7D:FD:C8:CA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15A0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GrAZW9Nv4pes7cMjLqV9rX39yMo.roa
Signing time: Wed 04 Jun 2025 22:09:22 +0000
ROA not before: Wed 04 Jun 2025 22:09:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5536 (0x15a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 22:09:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1AB0195BD36FE297ACEDC3232EA57DAD7DFDC8CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:cb:a5:bb:a4:c6:42:72:4f:9b:fe:ce:8c:
2f:9d:d8:81:da:1f:19:f8:e2:40:1b:78:97:ae:13:
18:0b:b0:41:23:a1:eb:be:42:9e:85:31:eb:53:40:
cd:c8:95:02:54:d5:a1:b1:58:ba:8b:ef:a5:19:26:
d7:d7:83:2c:c3:0d:8d:86:70:af:4c:80:2f:18:6a:
94:9d:b8:c0:44:79:e2:58:5a:fb:55:c8:e5:76:58:
ab:8d:26:96:ba:ff:3c:c0:c5:07:54:22:96:dd:76:
7f:88:2d:e1:6c:11:c6:9d:e5:3a:b9:d7:7b:cd:17:
79:08:a7:d4:d8:15:12:0f:74:23:79:84:23:b9:c1:
bc:5d:47:7b:32:c4:f3:5d:0d:65:07:d2:10:85:e4:
b1:93:db:18:d3:25:74:a1:02:ca:38:b3:e9:2b:f6:
d2:82:d4:2a:26:14:3b:f1:22:30:95:2a:53:ef:f4:
5a:04:61:b2:7d:6e:94:61:9f:dc:0a:1d:df:73:d1:
ad:60:a7:46:8a:eb:a1:8f:18:c8:39:a5:34:85:ed:
80:5e:17:ca:40:1d:1f:23:00:16:00:31:cb:7d:a5:
7f:bf:f6:c0:ef:33:44:a8:ce:72:8f:a0:c7:81:73:
59:46:a9:6b:2a:5d:f8:b4:2a:c7:8f:67:95:52:75:
87:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B0:19:5B:D3:6F:E2:97:AC:ED:C3:23:2E:A5:7D:AD:7D:FD:C8:CA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GrAZW9Nv4pes7cMjLqV9rX39yMo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:84:c5:9a:a5:2a:8d:53:89:1d:2f:92:df:ed:0e:24:ff:5a:
6c:56:4f:7f:c3:8e:0e:80:b9:3f:67:5d:22:9f:b1:c8:2f:15:
0f:cc:8b:0f:52:4e:72:07:1b:8d:ba:f7:c7:0f:c2:28:70:82:
c8:b2:cd:9f:cb:83:4d:a6:cd:9e:a1:d8:95:79:5e:d7:c2:58:
5d:cd:ed:34:ef:c0:88:b7:f8:12:1d:a5:20:ea:1b:c8:18:79:
17:9a:df:65:af:82:6f:a4:81:7b:ae:36:10:4b:c3:35:51:2e:
a5:cf:ad:5e:30:ab:50:ee:f3:a3:c5:2b:92:86:5e:d5:c1:8e:
ae:a4:73:07:b7:1c:30:23:a2:3d:81:21:0c:32:cd:43:05:c5:
32:5e:b6:29:5a:6f:c8:a7:ea:7b:96:e5:7c:19:e5:0d:11:27:
55:29:aa:0b:46:83:45:70:2e:68:19:a1:c0:68:13:44:0c:16:
dc:a2:35:c3:d7:94:cb:53:09:fc:a4:d8:92:5d:82:f8:a0:de:
7b:88:14:e3:26:df:4a:66:f6:c8:f6:fd:a4:c2:cd:3e:a1:7a:
03:d7:ff:fd:bd:e3:46:65:92:e9:d8:8f:1e:a7:c7:e4:3c:19:
a9:f0:48:16:48:81:f1:16:99:02:7f:37:09:0c:ef:da:dd:dc:
db:e2:06:9e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQy
MjA5MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFBQjAxOTVCRDM2RkUy
OTdBQ0VEQzMyMzJFQTU3REFEN0RGREM4Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiAsulu6TGQnJPm/7OjC+d2IHaHxn44kAbeJeuExgLsEEjoeu+
Qp6FMetTQM3IlQJU1aGxWLqL76UZJtfXgyzDDY2GcK9MgC8YapSduMBEeeJYWvtV
yOV2WKuNJpa6/zzAxQdUIpbddn+ILeFsEcad5Tq513vNF3kIp9TYFRIPdCN5hCO5
wbxdR3syxPNdDWUH0hCF5LGT2xjTJXShAso4s+kr9tKC1ComFDvxIjCVKlPv9FoE
YbJ9bpRhn9wKHd9z0a1gp0aK66GPGMg5pTSF7YBeF8pAHR8jABYAMct9pX+/9sDv
M0SoznKPoMeBc1lGqWsqXfi0KsePZ5VSdYctAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGrAZW9Nv4pes7cMjLqV9rX39yMowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HckFaVzlOdjRwZXM3Y01q
THFWOXJYMzl5TW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKuExZqlKo1TiR0vkt/tDiT/WmxWT3/Djg6A
uT9nXSKfscgvFQ/Miw9STnIHG42698cPwihwgsiyzZ/Lg02mzZ6h2JV5XtfCWF3N
7TTvwIi3+BIdpSDqG8gYeRea32Wvgm+kgXuuNhBLwzVRLqXPrV4wq1Du86PFK5KG
XtXBjq6kcwe3HDAjoj2BIQwyzUMFxTJetilab8in6nuW5XwZ5Q0RJ1UpqgtGg0Vw
LmgZocBoE0QMFtyiNcPXlMtTCfyk2JJdgvig3nuIFOMm30pm9sj2/aTCzT6hegPX
//2940ZlkunYjx6nx+Q8GanwSBZIgfEWmQJ/NwkM79rd3NviBp4=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:11:49 2025 by rpki-client