Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gsuXfBBtHL8uhlql0lPxTVms3XU.roa
File: gsuXfBBtHL8uhlql0lPxTVms3XU.roa (raw, json)
Hash identifier: IDqyAW6ZsNwFQ0g7pfvPG+7KVeJTchPKc8QbVqcDukE=
Subject key identifier: 82:CB:97:7C:10:6D:1C:BF:2E:86:5A:A5:D2:53:F1:4D:59:AC:DD:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17B4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gsuXfBBtHL8uhlql0lPxTVms3XU.roa
Signing time: Sat 07 Jun 2025 16:39:29 +0000
ROA not before: Sat 07 Jun 2025 16:39:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6068 (0x17b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 16:39:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=82CB977C106D1CBF2E865AA5D253F14D59ACDD75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:02:50:79:98:fd:0d:2a:2e:c4:0c:1c:c3:e8:
58:2b:8c:a6:6c:76:75:be:5d:da:2e:ef:d7:ec:16:
ce:38:54:8a:f9:a2:d2:17:0a:b5:11:e3:31:37:57:
d2:4e:ad:46:d8:28:5b:03:f1:df:41:0b:23:1f:bb:
83:49:ed:28:00:29:b9:63:85:49:d0:cb:d9:10:cc:
8b:cc:c9:35:81:7e:20:60:8e:df:a4:a1:0c:3c:eb:
d1:9f:ed:59:57:61:65:88:f3:d1:23:4b:98:70:d7:
9d:fc:d3:3c:ed:74:60:d0:7e:66:95:06:f1:18:37:
d9:82:25:b9:c4:f2:b2:bf:aa:89:f9:d1:9d:92:72:
af:ee:05:20:c4:47:12:7e:96:0e:5b:c3:34:6a:ed:
b7:a1:34:b7:d1:fd:a0:97:c4:8c:3b:35:b9:da:35:
01:3f:cf:bd:ca:e0:cc:68:15:71:6e:f8:b7:e2:30:
cb:8a:ad:fb:84:44:72:59:e9:d0:02:b1:a9:78:8c:
98:fd:aa:c4:3d:6d:28:12:fb:e8:70:b8:f0:4d:3d:
48:27:0d:f1:3e:1a:0d:68:2b:67:eb:9e:e6:22:74:
9a:45:91:e0:9d:42:c4:22:fc:62:eb:d8:ed:f8:1b:
e5:40:25:58:56:2f:eb:1f:d3:f2:6d:62:60:8f:37:
c9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CB:97:7C:10:6D:1C:BF:2E:86:5A:A5:D2:53:F1:4D:59:AC:DD:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gsuXfBBtHL8uhlql0lPxTVms3XU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:72:56:49:f9:43:67:85:67:d2:5b:7e:3a:c7:2b:22:b1:f1:
33:b6:2b:0c:49:d2:5f:b3:05:1d:0f:30:bb:42:4e:b3:2a:f2:
9d:4c:79:39:a3:33:4f:d2:bb:2d:3e:87:18:b4:25:1b:11:94:
5c:36:a4:03:35:0b:c9:73:3d:2a:c2:8d:05:bf:40:95:15:6a:
12:82:fa:ec:bd:14:de:84:ab:ed:23:97:a6:18:24:87:51:16:
bd:07:b6:7f:0b:04:9d:90:4b:60:b8:54:4d:9c:a4:7d:32:e5:
81:5d:9b:11:0e:2a:5b:fe:25:bc:ca:3e:13:db:70:f2:84:fb:
cb:cd:c4:1d:1a:78:62:75:a3:c1:8b:56:4a:b0:9a:58:0e:e8:
d0:1a:bc:82:b1:84:84:40:fb:ad:a7:97:a3:c4:c2:62:ed:f8:
2c:a8:c1:ec:6a:70:12:7f:fa:19:3e:aa:bd:5d:60:7d:1c:05:
15:db:bd:3e:00:d6:cc:b6:04:f1:bc:7e:40:fe:14:b2:9e:f9:
b4:1d:45:50:79:23:6e:16:0d:7d:79:ec:58:fa:69:a7:c5:10:
d7:f0:8b:94:9a:52:c1:2b:cb:f9:4b:dd:53:ca:7f:54:c3:68:
90:3e:d1:18:3b:ec:4c:4f:74:cd:c4:05:d8:78:01:11:d8:1b:
f3:e8:ee:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
NjM5MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyQ0I5NzdDMTA2RDFD
QkYyRTg2NUFBNUQyNTNGMTRENTlBQ0RENzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeAlB5mP0NKi7EDBzD6FgrjKZsdnW+Xdou79fsFs44VIr5otIX
CrUR4zE3V9JOrUbYKFsD8d9BCyMfu4NJ7SgAKbljhUnQy9kQzIvMyTWBfiBgjt+k
oQw869Gf7VlXYWWI89EjS5hw15380zztdGDQfmaVBvEYN9mCJbnE8rK/qon50Z2S
cq/uBSDERxJ+lg5bwzRq7behNLfR/aCXxIw7NbnaNQE/z73K4MxoFXFu+LfiMMuK
rfuERHJZ6dACsal4jJj9qsQ9bSgS++hwuPBNPUgnDfE+Gg1oK2frnuYidJpFkeCd
QsQi/GLr2O34G+VAJVhWL+sf0/JtYmCPN8k5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgsuXfBBtHL8uhlql0lPxTVms3XUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nc3VYZkJCdEhMOHVobHFs
MGxQeFRWbXMzWFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABhyVkn5Q2eFZ9JbfjrHKyKx8TO2KwxJ0l+z
BR0PMLtCTrMq8p1MeTmjM0/Suy0+hxi0JRsRlFw2pAM1C8lzPSrCjQW/QJUVahKC
+uy9FN6Eq+0jl6YYJIdRFr0Htn8LBJ2QS2C4VE2cpH0y5YFdmxEOKlv+JbzKPhPb
cPKE+8vNxB0aeGJ1o8GLVkqwmlgO6NAavIKxhIRA+62nl6PEwmLt+CyowexqcBJ/
+hk+qr1dYH0cBRXbvT4A1sy2BPG8fkD+FLKe+bQdRVB5I24WDX157Fj6aafFENfw
i5SaUsEry/lL3VPKf1TDaJA+0Rg77ExPdM3EBdh4ARHYG/Po7jA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:54:28 2025 by rpki-client