Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gPctwCbMXi53yq-01pvQuCOEQiU.roa
File: gPctwCbMXi53yq-01pvQuCOEQiU.roa (raw, json)
Hash identifier: g3wC1FiV0A+0XuL60LGo6frz9VfdMXpnTQKSlpXB4oI=
Subject key identifier: 80:F7:2D:C0:26:CC:5E:2E:77:CA:AF:B4:D6:9B:D0:B8:23:84:42:25
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01A8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gPctwCbMXi53yq-01pvQuCOEQiU.roa
Signing time: Fri 09 May 2025 07:07:46 +0000
ROA not before: Fri 09 May 2025 07:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424 (0x1a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 07:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=80F72DC026CC5E2E77CAAFB4D69BD0B823844225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:81:7f:8c:12:d5:cf:6d:ba:25:99:ad:41:fb:
76:80:23:3b:ac:24:05:e3:f6:37:72:83:e1:2d:84:
9e:7e:8a:d5:b3:1a:e5:97:e8:39:b3:cd:0b:15:e1:
6b:5b:82:02:fc:69:a9:db:30:6f:14:fd:e9:56:be:
12:7f:fe:e6:ea:32:7f:13:79:58:14:4e:2a:9b:9a:
c5:47:6e:d5:61:53:62:9b:0f:7b:38:0b:ab:4c:5e:
11:09:0e:5e:58:f4:61:6c:b0:6a:ec:86:7f:53:f1:
b6:eb:a3:77:6b:cc:57:40:ab:95:db:ce:0a:f5:39:
6d:f9:e8:3e:c5:ca:e1:e4:95:7c:16:0d:41:cb:55:
78:b3:f1:e1:c0:c4:e0:82:d6:9e:66:86:ad:f0:4d:
45:0d:85:71:7e:b8:db:a0:e9:62:5e:47:c0:76:68:
de:f9:8c:fd:b6:32:ed:1a:55:31:ef:03:91:b5:9e:
fc:0e:1d:26:d9:8d:08:40:e6:21:6a:2c:f1:be:1f:
47:6d:1a:e6:74:12:61:69:30:a7:57:6a:2f:9f:4a:
35:17:e2:00:3f:fc:b6:bc:8a:52:cc:3a:4b:e2:88:
36:e3:3d:94:ee:bd:d1:d9:67:25:b3:30:05:e8:f1:
eb:8f:fc:43:2b:4a:46:1b:d1:22:5a:e0:74:54:05:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F7:2D:C0:26:CC:5E:2E:77:CA:AF:B4:D6:9B:D0:B8:23:84:42:25
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gPctwCbMXi53yq-01pvQuCOEQiU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:2b:68:76:b8:b1:23:27:c0:16:5f:85:47:8e:35:1d:b8:f6:
d1:06:37:dd:e5:10:c3:d5:8b:8b:7d:36:cb:cb:3a:c2:1b:b1:
ff:18:b4:e4:84:1d:f7:bc:df:d1:0d:19:25:97:5b:18:33:e5:
2b:1d:77:4c:f5:56:18:ff:60:bb:49:02:8e:d1:62:7c:a6:70:
07:36:e6:d2:47:a6:19:24:6e:5b:e3:73:68:85:fc:20:f6:6a:
c3:9f:a5:28:fd:e4:f4:4b:d5:8b:04:8d:bc:61:49:39:0d:47:
36:fc:59:23:6f:bd:f7:08:31:df:20:2c:af:9b:ff:2c:84:ca:
3e:61:07:e9:5a:c3:ae:5f:65:c3:f9:f2:14:de:32:7c:35:d9:
99:7c:4b:ba:e9:e9:96:79:cd:ba:e8:95:26:09:2b:15:3e:9b:
c8:c8:24:a9:f9:52:61:22:84:86:c8:0f:75:0e:33:b6:25:38:
f8:20:32:78:d5:9e:7d:3c:02:5c:c2:4e:57:70:e4:3a:bd:7a:
5c:77:25:71:38:cb:f7:82:b2:15:26:3c:b0:88:53:72:e9:b3:
a5:db:dc:32:91:e2:da:0e:d8:a0:57:93:4a:02:13:b4:8c:22:
fd:81:71:02:f1:12:35:e6:11:5d:dc:be:3d:4b:cd:24:2c:f9:
b1:48:82:dd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NzA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgwRjcyREMwMjZDQzVF
MkU3N0NBQUZCNEQ2OUJEMEI4MjM4NDQyMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUgX+MEtXPbbolma1B+3aAIzusJAXj9jdyg+EthJ5+itWzGuWX
6DmzzQsV4WtbggL8aanbMG8U/elWvhJ//ubqMn8TeVgUTiqbmsVHbtVhU2KbD3s4
C6tMXhEJDl5Y9GFssGrshn9T8bbro3drzFdAq5Xbzgr1OW356D7FyuHklXwWDUHL
VXiz8eHAxOCC1p5mhq3wTUUNhXF+uNug6WJeR8B2aN75jP22Mu0aVTHvA5G1nvwO
HSbZjQhA5iFqLPG+H0dtGuZ0EmFpMKdXai+fSjUX4gA//La8ilLMOkviiDbjPZTu
vdHZZyWzMAXo8euP/EMrSkYb0SJa4HRUBeILAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgPctwCbMXi53yq+01pvQuCOEQiUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nUGN0d0NiTVhpNTN5cS0w
MXB2UXVDT0VRaVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHcraHa4sSMnwBZfhUeONR249tEGN93lEMPV
i4t9NsvLOsIbsf8YtOSEHfe839ENGSWXWxgz5Ssdd0z1Vhj/YLtJAo7RYnymcAc2
5tJHphkkblvjc2iF/CD2asOfpSj95PRL1YsEjbxhSTkNRzb8WSNvvfcIMd8gLK+b
/yyEyj5hB+law65fZcP58hTeMnw12Zl8S7rp6ZZ5zbrolSYJKxU+m8jIJKn5UmEi
hIbID3UOM7YlOPggMnjVnn08AlzCTldw5Dq9elx3JXE4y/eCshUmPLCIU3Lps6Xb
3DKR4toO2KBXk0oCE7SMIv2BcQLxEjXmEV3cvj1LzSQs+bFIgt0=
-----END CERTIFICATE-----
Generated at Sun May 18 03:07:41 2025 by rpki-client