Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gbpFllyossQjZtAGw-NVcL13HaU.roa
File: gbpFllyossQjZtAGw-NVcL13HaU.roa (raw, json)
Hash identifier: 8f7wsX4JxBxexj0KBTqONv+uchzg91aE8LjNrO3FgQ0=
Subject key identifier: 81:BA:45:96:5C:A8:B2:C4:23:66:D0:06:C3:E3:55:70:BD:77:1D:A5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 019C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gbpFllyossQjZtAGw-NVcL13HaU.roa
Signing time: Fri 09 May 2025 05:38:13 +0000
ROA not before: Fri 09 May 2025 05:38:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412 (0x19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 05:38:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=81BA45965CA8B2C42366D006C3E35570BD771DA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5e:81:f3:fb:35:40:cb:c3:79:71:53:03:b2:
ae:f6:80:be:15:aa:19:b2:2b:86:2d:0a:2e:88:73:
7e:71:86:aa:df:34:99:89:c4:27:8d:16:42:61:a1:
55:71:8d:5c:1c:e7:6d:5a:35:6e:ab:a1:71:fe:7e:
68:0e:bc:59:7d:37:f7:8e:47:01:57:3a:fb:bc:e7:
8d:c6:c9:7e:0a:03:bd:14:50:c0:c7:a0:24:94:95:
a5:49:4e:f4:4e:02:34:f3:f4:a9:e7:46:6e:1c:f8:
3a:d8:29:eb:30:b2:44:1d:ca:ef:04:a4:ad:76:0a:
64:0f:77:47:92:fd:9c:21:a1:c5:07:3a:de:12:b4:
b1:07:7c:2a:e2:93:4f:fe:a1:d1:52:e7:8d:20:c7:
b8:24:65:5d:97:d8:ac:c3:f7:d6:a7:3f:d6:50:f9:
78:0d:67:b4:25:86:b9:28:7b:bc:79:83:02:8a:1d:
5e:9a:a6:5d:e7:8f:11:1d:f8:56:2e:c5:80:6c:77:
51:f4:f8:2a:24:be:40:02:a9:73:08:2c:6b:15:96:
4d:e4:49:fe:2b:24:eb:7f:4c:f3:7c:e6:c9:69:13:
38:e1:9b:b6:06:b3:04:aa:2e:ce:33:9c:73:7e:01:
96:0d:95:c3:57:4c:19:ff:6c:d7:50:0e:05:89:a7:
a6:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BA:45:96:5C:A8:B2:C4:23:66:D0:06:C3:E3:55:70:BD:77:1D:A5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gbpFllyossQjZtAGw-NVcL13HaU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:61:f8:ab:7c:55:79:9d:43:82:f7:96:6a:a1:ef:60:39:b3:
51:eb:9d:05:33:2c:53:68:f1:f5:8a:a1:7a:e4:b7:27:52:28:
82:70:68:a0:3d:19:b6:41:24:df:91:de:9a:f2:66:2e:d7:42:
c5:d2:db:a2:88:b5:93:ca:3e:bd:61:ec:61:78:13:41:e6:0c:
71:1f:40:3f:69:fc:40:46:3e:26:c4:c2:f6:84:db:d0:44:99:
ef:7b:d8:da:92:80:2a:99:d3:3e:34:f5:65:84:e1:96:33:1d:
f2:f7:80:a4:b2:f2:12:6d:50:3f:b3:f4:3d:35:38:65:64:ca:
92:3b:f3:e9:3d:24:b6:4d:99:8a:72:9f:99:5c:8d:80:dc:3d:
46:bb:b5:e7:4a:f9:b5:d0:94:3f:0a:37:ca:ce:ea:05:eb:70:
29:cd:90:0e:40:ab:ca:4a:34:33:4a:27:86:d8:ea:6d:91:79:
95:9a:b0:77:13:e1:3a:ec:52:fb:0a:d2:ed:c8:45:a1:5c:16:
b8:38:37:3b:5b:13:ee:93:27:e5:29:f9:e1:92:66:0a:24:a9:
0c:62:1f:19:95:f0:81:07:d4:c2:dc:6f:2d:b8:05:52:d5:75:
37:24:12:7e:77:85:d8:55:d9:bc:f5:53:31:00:73:f5:d3:b1:
68:81:ab:67
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NTM4MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgxQkE0NTk2NUNBOEIy
QzQyMzY2RDAwNkMzRTM1NTcwQkQ3NzFEQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4XoHz+zVAy8N5cVMDsq72gL4VqhmyK4YtCi6Ic35xhqrfNJmJ
xCeNFkJhoVVxjVwc521aNW6roXH+fmgOvFl9N/eORwFXOvu8543GyX4KA70UUMDH
oCSUlaVJTvROAjTz9KnnRm4c+DrYKeswskQdyu8EpK12CmQPd0eS/ZwhocUHOt4S
tLEHfCrik0/+odFS540gx7gkZV2X2KzD99anP9ZQ+XgNZ7Qlhrkoe7x5gwKKHV6a
pl3njxEd+FYuxYBsd1H0+CokvkACqXMILGsVlk3kSf4rJOt/TPN85slpEzjhm7YG
swSqLs4znHN+AZYNlcNXTBn/bNdQDgWJp6bvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgbpFllyossQjZtAGw+NVcL13HaUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nYnBGbGx5b3NzUWpadEFH
dy1OVmNMMTNIYVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHNh+Kt8VXmdQ4L3lmqh72A5s1HrnQUzLFNo
8fWKoXrktydSKIJwaKA9GbZBJN+R3pryZi7XQsXS26KItZPKPr1h7GF4E0HmDHEf
QD9p/EBGPibEwvaE29BEme972NqSgCqZ0z409WWE4ZYzHfL3gKSy8hJtUD+z9D01
OGVkypI78+k9JLZNmYpyn5lcjYDcPUa7tedK+bXQlD8KN8rO6gXrcCnNkA5Aq8pK
NDNKJ4bY6m2ReZWasHcT4TrsUvsK0u3IRaFcFrg4NztbE+6TJ+Up+eGSZgokqQxi
HxmV8IEH1MLcby24BVLVdTckEn53hdhV2bz1UzEAc/XTsWiBq2c=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:35:39 2025 by rpki-client