Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gPxFYypEiLCYY-hycqYbQP1lPvQ.roa
File: gPxFYypEiLCYY-hycqYbQP1lPvQ.roa (raw, json)
Hash identifier: eMS4jjdpFPHmwOX4ty15IRAadm+nNNKMzhcvSXS0azg=
Subject key identifier: 80:FC:45:63:2A:44:88:B0:98:63:E8:72:72:A6:1B:40:FD:65:3E:F4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0440
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gPxFYypEiLCYY-hycqYbQP1lPvQ.roa
Signing time: Mon 12 May 2025 18:07:56 +0000
ROA not before: Mon 12 May 2025 18:07:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1088 (0x440)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 18:07:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=80FC45632A4488B09863E87272A61B40FD653EF4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ee:97:58:ef:41:c1:ea:9e:50:f0:79:d8:a4:
9e:03:ee:b1:f3:e0:43:0d:6b:92:2f:fe:33:5b:6a:
36:e8:88:cb:d8:3d:a2:d0:62:68:00:0a:56:25:0a:
a3:27:f3:b1:b3:ba:ab:fd:14:d3:95:ba:e4:b9:ca:
94:24:4f:df:f8:c8:70:c0:3e:64:6f:3d:b1:30:02:
95:28:d0:d2:53:02:37:23:29:a1:c4:6a:05:0a:54:
77:d5:a0:07:2d:0c:b5:3b:10:e1:b2:9e:4a:58:63:
cc:68:ae:b0:33:5b:ea:d6:24:7e:a6:57:95:83:04:
45:75:df:d5:96:2c:56:cd:ff:8a:a9:f8:26:66:9f:
47:62:0d:11:64:75:2b:f0:14:7d:1c:4d:0d:73:0b:
9f:04:62:86:e1:22:3e:89:e8:4b:59:cf:76:69:d7:
93:b8:f2:7d:e3:47:d5:e6:c1:f7:43:64:36:29:b7:
00:a7:45:c2:53:99:c9:2a:1c:50:48:dd:db:ec:a4:
b3:99:25:2f:43:26:9d:62:ce:a6:6f:f9:2a:76:80:
ae:d5:c2:2a:1c:86:27:e7:c8:e5:cb:84:66:2a:22:
cf:2a:32:f2:ae:d5:1e:35:fb:2f:63:2e:d6:a2:df:
e1:2a:1e:58:bd:36:69:30:13:98:5b:43:75:55:41:
be:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FC:45:63:2A:44:88:B0:98:63:E8:72:72:A6:1B:40:FD:65:3E:F4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gPxFYypEiLCYY-hycqYbQP1lPvQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:55:ca:f7:86:2b:ad:f2:14:f1:59:dd:fb:b6:d7:c1:68:e2:
82:7c:a4:f1:1b:12:19:b7:da:48:24:68:57:5e:9b:fe:34:2b:
79:6d:be:51:eb:76:0e:b5:b1:54:79:12:57:f6:ac:5a:7b:ac:
7d:08:d0:54:7e:c6:a4:a5:e4:32:ff:53:77:68:b2:b1:31:75:
4a:a7:47:d1:ad:be:38:56:36:c6:a4:7d:5b:13:08:08:f9:2b:
be:b9:b6:77:13:0a:d8:3c:08:5e:73:03:2f:55:7a:c0:3f:01:
03:d2:79:3d:3e:32:63:0b:58:9e:26:65:60:50:97:12:38:b0:
e2:5c:0d:af:67:19:d3:8b:19:55:65:be:01:d6:31:1c:f3:eb:
75:4d:c4:6c:af:57:b0:e4:86:e2:c8:bb:2f:40:93:67:5a:16:
36:e3:d1:b7:b2:70:8a:86:6d:67:e8:ae:a0:77:c4:ca:9e:05:
1a:62:2f:af:86:42:37:00:4f:2e:7b:2f:c3:1f:20:ba:da:a1:
fc:0e:4a:8e:b9:a5:9f:cb:1a:59:d8:c5:86:e1:a2:20:ee:33:
86:9c:69:14:da:f5:a7:0a:3b:16:4a:ad:5a:e6:1d:3d:02:88:
64:09:88:cc:f9:b9:4f:13:7f:f8:12:e8:94:18:28:d9:31:72:
73:2f:d1:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
ODA3NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgwRkM0NTYzMkE0NDg4
QjA5ODYzRTg3MjcyQTYxQjQwRkQ2NTNFRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA7pdY70HB6p5Q8HnYpJ4D7rHz4EMNa5Iv/jNbajboiMvYPaLQ
YmgAClYlCqMn87Gzuqv9FNOVuuS5ypQkT9/4yHDAPmRvPbEwApUo0NJTAjcjKaHE
agUKVHfVoActDLU7EOGynkpYY8xorrAzW+rWJH6mV5WDBEV139WWLFbN/4qp+CZm
n0diDRFkdSvwFH0cTQ1zC58EYobhIj6J6EtZz3Zp15O48n3jR9XmwfdDZDYptwCn
RcJTmckqHFBI3dvspLOZJS9DJp1izqZv+Sp2gK7VwiochifnyOXLhGYqIs8qMvKu
1R41+y9jLtai3+EqHli9NmkwE5hbQ3VVQb5hAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgPxFYypEiLCYY+hycqYbQP1lPvQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nUHhGWXlwRWlMQ1lZLWh5
Y3FZYlFQMWxQdlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEdVyveGK63yFPFZ3fu218Fo4oJ8pPEbEhm3
2kgkaFdem/40K3ltvlHrdg61sVR5Elf2rFp7rH0I0FR+xqSl5DL/U3dosrExdUqn
R9GtvjhWNsakfVsTCAj5K765tncTCtg8CF5zAy9VesA/AQPSeT0+MmMLWJ4mZWBQ
lxI4sOJcDa9nGdOLGVVlvgHWMRzz63VNxGyvV7DkhuLIuy9Ak2daFjbj0beycIqG
bWforqB3xMqeBRpiL6+GQjcATy57L8MfILraofwOSo65pZ/LGlnYxYbhoiDuM4ac
aRTa9acKOxZKrVrmHT0CiGQJiMz5uU8Tf/gS6JQYKNkxcnMv0Tg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:06:00 2025 by rpki-client