Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/g75gmlp7jdp5_1E4IWv55dR61CM.roa
File: g75gmlp7jdp5_1E4IWv55dR61CM.roa (raw, json)
Hash identifier: 1SKNNyc3HRzNjNo7Qj1ZGWzegF07sOGJwRy2dRqZtXU=
Subject key identifier: 83:BE:60:9A:5A:7B:8D:DA:79:FF:51:38:21:6B:F9:E5:D4:7A:D4:23
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 18C0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g75gmlp7jdp5_1E4IWv55dR61CM.roa
Signing time: Mon 09 Jun 2025 02:09:35 +0000
ROA not before: Mon 09 Jun 2025 02:09:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6336 (0x18c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 02:09:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=83BE609A5A7B8DDA79FF5138216BF9E5D47AD423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:06:d6:1d:28:45:fe:08:6e:9e:5d:5d:a6:4a:
26:8d:77:5f:41:f2:f0:ba:4e:ee:06:01:18:e0:85:
e6:9f:0c:fc:17:94:72:e8:2f:db:54:cd:71:97:4f:
20:03:58:18:7b:e7:a5:82:e6:89:8d:3a:82:2e:6a:
bf:76:3b:1d:bd:25:e9:b1:0c:33:6c:95:80:a9:05:
75:c0:7a:47:d7:a2:62:e5:0c:62:8a:1f:b8:cd:ae:
a3:c1:93:8e:33:a1:20:64:d4:75:e4:d3:15:4f:c7:
0e:4f:65:06:6d:e9:7c:da:91:99:34:36:84:41:24:
16:12:64:00:6e:6c:b2:03:f7:8b:77:e9:60:73:81:
85:b9:52:f5:7f:2b:1f:0f:66:e6:55:e1:8a:65:10:
35:b6:a2:c5:72:d2:fd:c5:fc:43:79:62:9f:42:b3:
27:04:0b:25:86:0e:ad:d8:9f:45:fc:4b:39:14:41:
f7:ed:da:aa:a6:66:b5:29:03:91:5b:51:03:27:b8:
8b:1b:d1:e1:51:84:a9:03:bc:12:db:e8:42:5e:7e:
f8:c4:c5:f4:88:40:ae:79:b9:fa:93:1c:61:22:27:
b6:38:1e:35:62:04:e2:95:b0:3a:a4:ae:ab:be:5b:
97:8c:2e:0d:d5:ac:de:2e:d0:b6:b6:ee:37:b6:59:
2e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:BE:60:9A:5A:7B:8D:DA:79:FF:51:38:21:6B:F9:E5:D4:7A:D4:23
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g75gmlp7jdp5_1E4IWv55dR61CM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:93:eb:19:47:36:7a:7f:c0:ce:ef:c5:89:cc:12:36:8e:89:
82:27:83:2f:8e:a4:05:b6:d8:72:23:80:4f:cd:3a:58:ce:9c:
0e:c6:18:88:99:80:09:5e:0b:44:15:6b:c0:af:50:e5:3c:51:
b4:4a:6b:d3:93:6f:1b:67:00:e0:2c:7d:8f:c6:3a:d9:c1:68:
10:19:c8:6a:4a:03:cf:b1:20:0d:25:c6:42:bd:3a:7e:42:ac:
46:99:1e:cd:ce:ba:80:d2:af:a4:6a:5b:31:0f:a9:79:78:93:
16:29:76:9d:d9:60:41:cd:99:6f:58:56:68:12:7c:47:ae:9c:
4d:0e:6b:e2:37:eb:0e:28:79:19:a6:23:cb:a7:e3:f1:93:4d:
57:4f:78:87:ac:b5:7f:73:53:48:e3:f0:88:77:5f:16:bb:3e:
2a:0e:80:6c:ee:9c:db:42:5f:89:3c:a2:f4:35:8b:ac:09:84:
27:d8:be:17:df:ba:ab:55:8a:28:55:4d:8f:d2:96:b8:fe:32:
39:c7:59:41:08:56:26:c4:75:90:b0:67:59:d1:38:4e:4d:69:
8a:5a:5c:f4:95:9d:19:9c:7f:39:6e:bc:92:fa:b4:1c:d5:9c:
98:7f:28:0d:c0:73:9b:b6:cc:aa:68:cf:24:63:14:45:37:65:
17:45:d4:fc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkw
MjA5MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgzQkU2MDlBNUE3QjhE
REE3OUZGNTEzODIxNkJGOUU1RDQ3QUQ0MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0BtYdKEX+CG6eXV2mSiaNd19B8vC6Tu4GARjgheafDPwXlHLo
L9tUzXGXTyADWBh756WC5omNOoIuar92Ox29JemxDDNslYCpBXXAekfXomLlDGKK
H7jNrqPBk44zoSBk1HXk0xVPxw5PZQZt6XzakZk0NoRBJBYSZABubLID94t36WBz
gYW5UvV/Kx8PZuZV4YplEDW2osVy0v3F/EN5Yp9CsycECyWGDq3Yn0X8SzkUQfft
2qqmZrUpA5FbUQMnuIsb0eFRhKkDvBLb6EJefvjExfSIQK55ufqTHGEiJ7Y4HjVi
BOKVsDqkrqu+W5eMLg3VrN4u0La27je2WS7ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUg75gmlp7jdp5/1E4IWv55dR61CMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nNzVnbWxwN2pkcDVfMUU0
SVd2NTVkUjYxQ00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACaT6xlHNnp/wM7vxYnMEjaOiYIngy+OpAW2
2HIjgE/NOljOnA7GGIiZgAleC0QVa8CvUOU8UbRKa9OTbxtnAOAsfY/GOtnBaBAZ
yGpKA8+xIA0lxkK9On5CrEaZHs3OuoDSr6RqWzEPqXl4kxYpdp3ZYEHNmW9YVmgS
fEeunE0Oa+I36w4oeRmmI8un4/GTTVdPeIestX9zU0jj8Ih3Xxa7PioOgGzunNtC
X4k8ovQ1i6wJhCfYvhffuqtViihVTY/Slrj+MjnHWUEIVibEdZCwZ1nROE5NaYpa
XPSVnRmcfzluvJL6tBzVnJh/KA3Ac5u2zKpozyRjFEU3ZRdF1Pw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:27:15 2025 by rpki-client