Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ggXMUhYkNh3cqnGrt-Wie_xto2k.roa
File: ggXMUhYkNh3cqnGrt-Wie_xto2k.roa (raw, json)
Hash identifier: Cn2j+OAC3BL8iZV6FJaFvCtKPXk7WaCaZ5F4E+C75X4=
Subject key identifier: 82:05:CC:52:16:24:36:1D:DC:AA:71:AB:B7:E5:A2:7B:FC:6D:A3:69
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CBC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ggXMUhYkNh3cqnGrt-Wie_xto2k.roa
Signing time: Sat 14 Jun 2025 09:40:03 +0000
ROA not before: Sat 14 Jun 2025 09:40:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7356 (0x1cbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 09:40:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8205CC521624361DDCAA71ABB7E5A27BFC6DA369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9a:56:d7:e1:23:33:74:7e:28:e5:a3:a0:e1:
a4:1b:8d:bc:83:ba:d5:35:f3:1b:45:e7:9e:db:1d:
c1:18:70:75:49:66:25:ef:77:55:ad:6b:91:eb:85:
ab:ea:e0:c8:f0:d3:de:74:b4:d2:69:75:70:6f:30:
53:ad:2e:cc:5d:41:31:e5:37:38:02:b5:6a:95:5f:
e8:8b:11:93:03:72:23:2c:55:fc:90:64:9e:fd:63:
ec:18:dd:4d:71:b9:0d:b0:29:ce:41:06:4b:b5:be:
63:a0:45:48:b3:2b:c1:d4:8e:d7:76:8b:e2:9f:10:
32:c4:5d:20:46:ef:54:fa:ba:19:a4:65:98:56:9e:
f8:d8:57:ca:08:57:e6:99:9d:98:9e:db:d8:15:fe:
82:3e:6b:a7:62:57:52:07:22:8b:c5:d5:43:4c:e5:
94:fe:45:a3:f6:d6:36:ae:46:ae:a0:5a:9d:54:20:
42:4a:85:93:6f:06:27:59:39:23:a3:6e:20:25:90:
6c:e2:a4:b2:49:5b:a2:7f:15:65:b6:c0:dd:f4:3f:
1d:a4:33:da:10:22:20:6a:66:c3:01:26:3b:a7:32:
4c:26:b3:26:73:47:20:a8:e6:a1:fe:f7:40:b5:05:
43:d9:2a:a2:9f:01:b4:90:a4:c3:d4:a1:86:45:3f:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:05:CC:52:16:24:36:1D:DC:AA:71:AB:B7:E5:A2:7B:FC:6D:A3:69
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ggXMUhYkNh3cqnGrt-Wie_xto2k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:3c:d4:f0:15:ab:6d:03:5b:11:5f:7c:53:15:8b:03:5a:56:
06:99:4e:38:5d:5d:90:b3:a3:78:50:7e:94:7c:b4:55:b2:36:
18:cb:7f:76:b6:87:00:68:f8:2c:57:fb:6f:61:0a:29:2b:3e:
d5:5a:5a:df:67:26:ae:61:41:fc:60:81:64:ad:82:f8:8b:af:
fd:5a:d1:16:ef:78:af:a7:88:84:10:11:a2:cd:10:a3:b5:1d:
fe:30:60:fa:0e:b3:90:f7:80:ae:6a:6c:ee:59:51:f5:b0:43:
a4:9e:a0:7c:fa:2a:c4:fe:fe:60:6c:be:b5:ab:08:d1:ed:8c:
d1:8b:4e:a9:05:68:0c:ea:6d:4d:22:73:6a:73:1b:56:01:08:
08:ac:db:46:57:3f:3a:81:0c:4c:6f:a8:3c:4b:45:88:89:f5:
c4:40:5f:e0:0d:3e:71:a1:b5:4c:35:4c:bb:ca:9b:aa:20:e5:
b9:55:16:46:b5:26:68:69:88:96:70:fd:f1:65:fe:8f:d2:aa:
b9:ce:b9:d0:a7:20:0d:00:65:21:9a:4d:57:39:96:4d:b2:3d:
a8:e3:c2:72:89:b8:09:33:22:79:27:dc:44:8d:a0:c4:b0:b7:
47:d1:8c:51:4e:1b:17:29:d5:36:e8:a6:6c:98:50:ef:be:fc:
e4:23:38:7a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHLwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
OTQwMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyMDVDQzUyMTYyNDM2
MUREQ0FBNzFBQkI3RTVBMjdCRkM2REEzNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpmlbX4SMzdH4o5aOg4aQbjbyDutU18xtF557bHcEYcHVJZiXv
d1Wta5Hrhavq4Mjw0950tNJpdXBvMFOtLsxdQTHlNzgCtWqVX+iLEZMDciMsVfyQ
ZJ79Y+wY3U1xuQ2wKc5BBku1vmOgRUizK8HUjtd2i+KfEDLEXSBG71T6uhmkZZhW
nvjYV8oIV+aZnZie29gV/oI+a6diV1IHIovF1UNM5ZT+RaP21jauRq6gWp1UIEJK
hZNvBidZOSOjbiAlkGzipLJJW6J/FWW2wN30Px2kM9oQIiBqZsMBJjunMkwmsyZz
RyCo5qH+90C1BUPZKqKfAbSQpMPUoYZFPym/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUggXMUhYkNh3cqnGrt+Wie/xto2kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nZ1hNVWhZa05oM2Nxbkdy
dC1XaWVfeHRvMmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAk81PAVq20DWxFffFMViwNaVgaZTjhdXZCz
o3hQfpR8tFWyNhjLf3a2hwBo+CxX+29hCikrPtVaWt9nJq5hQfxggWStgviLr/1a
0RbveK+niIQQEaLNEKO1Hf4wYPoOs5D3gK5qbO5ZUfWwQ6SeoHz6KsT+/mBsvrWr
CNHtjNGLTqkFaAzqbU0ic2pzG1YBCAis20ZXPzqBDExvqDxLRYiJ9cRAX+ANPnGh
tUw1TLvKm6og5blVFka1JmhpiJZw/fFl/o/SqrnOudCnIA0AZSGaTVc5lk2yPajj
wnKJuAkzInkn3ESNoMSwt0fRjFFOGxcp1TbopmyYUO++/OQjOHo=
-----END CERTIFICATE-----
Generated at Fri Jun 20 08:35:08 2025 by rpki-client