Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gjdd5W1P6gXK835NpDWdUadACeo.roa
File: gjdd5W1P6gXK835NpDWdUadACeo.roa (raw, json)
Hash identifier: bI6iuMdvGRx6p8AGPmM8xytKxUbYa3e+EBj3RCDb5Ac=
Subject key identifier: 82:37:5D:E5:6D:4F:EA:05:CA:F3:7E:4D:A4:35:9D:51:A7:40:09:EA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 139C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gjdd5W1P6gXK835NpDWdUadACeo.roa
Signing time: Mon 02 Jun 2025 05:39:13 +0000
ROA not before: Mon 02 Jun 2025 05:39:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5020 (0x139c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 05:39:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=82375DE56D4FEA05CAF37E4DA4359D51A74009EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b4:46:f8:bd:6b:89:43:ef:61:ee:1d:8d:cb:
49:7a:f8:c6:27:f8:be:c4:81:c3:98:0c:1e:90:c8:
a9:c0:e5:9a:8b:8e:b1:89:23:df:9f:1e:bb:ce:ed:
af:91:26:46:13:64:3e:3b:fc:42:9d:97:b9:0f:12:
45:9d:e0:31:bd:d3:a1:14:93:d5:09:89:e6:32:92:
99:a4:8e:a7:d8:c5:36:30:ff:b3:22:35:4a:0f:85:
f1:da:c6:c7:b5:a4:78:43:1a:47:a3:a4:fd:4c:64:
81:81:dc:af:6d:7c:3d:a1:06:d3:65:9a:8e:e0:89:
88:4c:5a:b9:37:32:e8:0a:1d:20:6e:63:7e:80:1c:
cc:92:d5:f9:57:f0:69:0a:8d:38:bb:12:b8:4c:32:
3f:24:9d:65:00:5e:e3:57:3e:82:81:23:51:7a:4b:
ae:a5:b6:47:39:14:6a:83:c6:87:a9:77:01:5f:c9:
2a:a5:38:86:5c:f9:f6:87:32:19:ab:6f:32:af:6a:
50:0e:48:32:c2:5d:58:d1:21:78:aa:f6:86:0a:78:
16:1b:45:4e:11:17:af:a3:51:43:a0:13:0c:7b:f8:
2e:9b:3b:f8:ee:87:9b:c4:1b:3a:db:cb:b2:06:a9:
7c:fd:9d:79:19:a8:21:87:4c:9e:56:59:71:ef:07:
73:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:37:5D:E5:6D:4F:EA:05:CA:F3:7E:4D:A4:35:9D:51:A7:40:09:EA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gjdd5W1P6gXK835NpDWdUadACeo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
97:ca:41:46:54:79:63:8e:a9:0d:30:f6:1d:52:f9:21:67:1a:
02:fd:18:22:6c:01:e6:54:db:de:91:29:6a:5b:49:fd:9f:ad:
d8:0c:31:03:56:57:20:94:1a:d3:b5:4e:a2:a5:fc:1a:5a:ff:
e5:b6:cf:50:e4:14:bf:f5:2c:ff:09:4b:08:52:3f:80:1c:be:
62:ca:91:4b:07:22:05:b4:a5:d3:3d:ba:4f:78:60:1c:e9:a3:
ce:2e:d2:85:33:c3:1a:76:56:42:1e:aa:00:b6:05:e6:03:95:
10:5b:8a:7b:7b:58:9f:37:ce:0f:5c:fa:91:84:b0:9c:8a:46:
f8:ab:5a:89:96:e6:57:88:ec:64:6d:13:b7:7d:20:99:ad:8f:
29:cd:72:a5:84:17:bb:7a:96:6b:c8:f8:00:a1:24:d6:de:e9:
b5:ef:71:b8:69:6c:64:e5:ae:2f:16:bb:17:51:76:72:79:d5:
e9:f6:c5:1a:01:10:35:80:18:7d:84:18:70:13:42:1c:b2:93:
a3:c9:a7:63:ee:49:05:5a:4d:50:75:17:75:6c:2a:b2:05:16:
05:9f:35:86:d5:55:b8:eb:48:b5:43:d3:0b:86:53:1e:17:95:
b6:00:e2:dc:44:42:43:aa:3d:ff:81:cf:28:af:af:bc:7c:33:
b6:92:c6:d2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE5wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIw
NTM5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyMzc1REU1NkQ0RkVB
MDVDQUYzN0U0REE0MzU5RDUxQTc0MDA5RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdtEb4vWuJQ+9h7h2Ny0l6+MYn+L7EgcOYDB6QyKnA5ZqLjrGJ
I9+fHrvO7a+RJkYTZD47/EKdl7kPEkWd4DG906EUk9UJieYykpmkjqfYxTYw/7Mi
NUoPhfHaxse1pHhDGkejpP1MZIGB3K9tfD2hBtNlmo7giYhMWrk3MugKHSBuY36A
HMyS1flX8GkKjTi7ErhMMj8knWUAXuNXPoKBI1F6S66ltkc5FGqDxoepdwFfySql
OIZc+faHMhmrbzKvalAOSDLCXVjRIXiq9oYKeBYbRU4RF6+jUUOgEwx7+C6bO/ju
h5vEGzrby7IGqXz9nXkZqCGHTJ5WWXHvB3NvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgjdd5W1P6gXK835NpDWdUadACeowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9namRkNVcxUDZnWEs4MzVO
cERXZFVhZEFDZW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJfKQUZUeWOOqQ0w9h1S+SFnGgL9GCJsAeZU
296RKWpbSf2frdgMMQNWVyCUGtO1TqKl/Bpa/+W2z1DkFL/1LP8JSwhSP4AcvmLK
kUsHIgW0pdM9uk94YBzpo84u0oUzwxp2VkIeqgC2BeYDlRBbint7WJ83zg9c+pGE
sJyKRvirWomW5leI7GRtE7d9IJmtjynNcqWEF7t6lmvI+AChJNbe6bXvcbhpbGTl
ri8WuxdRdnJ51en2xRoBEDWAGH2EGHATQhyyk6PJp2PuSQVaTVB1F3VsKrIFFgWf
NYbVVbjrSLVD0wuGUx4XlbYA4txEQkOqPf+Bzyivr7x8M7aSxtI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 17:50:13 2025 by rpki-client