Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Bi4W71w-BzFDH18VGZI7U1FWQXU.roa
File: Bi4W71w-BzFDH18VGZI7U1FWQXU.roa (raw, json)
Hash identifier: pMP4+MpbDIr9Dsi1goDELSkcKOGCF9ZW559tLQ45oLk=
Subject key identifier: 06:2E:16:EF:5C:3E:07:31:43:1F:5F:15:19:92:3B:53:51:56:41:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17F4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Bi4W71w-BzFDH18VGZI7U1FWQXU.roa
Signing time: Sun 08 Jun 2025 00:39:31 +0000
ROA not before: Sun 08 Jun 2025 00:39:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6132 (0x17f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 00:39:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=062E16EF5C3E0731431F5F1519923B5351564175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fe:ae:a1:f4:27:50:f6:40:78:87:4d:21:7c:
e9:85:4d:a1:8c:73:d9:9b:55:b2:2f:d8:50:64:c2:
af:7f:4a:5e:ba:33:67:af:ba:a6:fa:b0:b3:50:09:
3c:22:68:09:29:ca:f5:3f:bd:a5:04:45:fc:6c:58:
c9:09:2b:ef:48:78:02:c9:44:cd:5e:46:33:2f:79:
9f:38:f0:aa:0d:f9:21:1b:fe:91:b5:06:9a:cb:61:
3b:0d:83:8b:8b:6a:59:b8:ba:72:b2:4c:9f:5c:f8:
a2:59:cc:5a:9a:6f:a0:33:c0:87:57:d1:7a:40:6e:
ef:15:3f:ff:1d:7b:e4:76:d6:29:d1:0b:d4:18:57:
9c:30:00:56:67:1f:49:89:c8:67:00:fd:ee:87:50:
0b:2c:bd:83:21:d5:b3:33:73:fa:db:42:53:37:93:
5d:b5:2d:a9:c4:2c:a0:bd:16:15:98:04:f5:37:80:
a6:54:72:3c:67:5d:4f:1e:c5:b5:6f:16:2e:ae:8f:
ea:af:19:38:08:7b:3a:32:db:56:06:e8:a6:85:93:
17:a6:06:9b:dc:58:49:55:58:a9:b0:e4:91:1c:28:
da:35:7a:f9:b2:8f:1c:a3:29:7a:8d:f4:f2:ed:67:
10:b6:03:dd:20:f5:2a:05:ad:b9:a2:df:60:32:6f:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2E:16:EF:5C:3E:07:31:43:1F:5F:15:19:92:3B:53:51:56:41:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Bi4W71w-BzFDH18VGZI7U1FWQXU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:b0:d1:1f:09:c4:ce:63:25:06:3f:03:79:f1:0c:db:c3:74:
27:30:4c:99:0c:85:12:fa:07:f5:81:1e:b2:0e:a4:d6:43:14:
82:70:02:c9:cf:83:df:66:d0:10:89:60:12:f9:6c:ca:7e:64:
00:b4:5f:71:cc:4c:13:8a:51:fc:7f:50:2c:b5:cb:09:c1:25:
0c:9a:9c:e9:e2:8b:1b:63:87:55:82:e7:41:27:91:55:e3:91:
a9:e6:ed:f2:56:e0:4c:4b:cb:36:9c:4c:e0:ca:55:f6:50:62:
57:b7:ac:30:1b:d6:34:8e:5d:2c:47:6a:30:b0:73:5a:38:5a:
20:d5:b2:e5:7b:41:92:6b:c5:c5:ca:7b:80:c0:6d:cb:cb:d7:
00:0c:91:b6:fa:dd:59:59:37:4a:bb:36:f0:53:d5:66:03:3c:
5b:43:26:45:f9:f8:ef:56:01:8a:44:e2:8d:1f:af:7e:42:1f:
e8:9e:3c:2c:14:27:4d:dd:9b:87:3c:79:b1:fd:22:74:50:57:
b0:d0:bb:ac:13:80:99:5f:b3:48:34:ef:0e:ec:c5:d1:85:49:
2f:9b:d6:ce:6f:c2:dc:af:f8:3e:89:08:28:08:57:78:64:af:
55:69:eb:4e:64:56:60:f2:ae:21:2c:89:3b:73:55:d2:c8:5d:
cc:19:db:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF/QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgw
MDM5MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2MkUxNkVGNUMzRTA3
MzE0MzFGNUYxNTE5OTIzQjUzNTE1NjQxNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5/q6h9CdQ9kB4h00hfOmFTaGMc9mbVbIv2FBkwq9/Sl66M2ev
uqb6sLNQCTwiaAkpyvU/vaUERfxsWMkJK+9IeALJRM1eRjMveZ848KoN+SEb/pG1
BprLYTsNg4uLalm4unKyTJ9c+KJZzFqab6AzwIdX0XpAbu8VP/8de+R21inRC9QY
V5wwAFZnH0mJyGcA/e6HUAssvYMh1bMzc/rbQlM3k121LanELKC9FhWYBPU3gKZU
cjxnXU8exbVvFi6uj+qvGTgIezoy21YG6KaFkxemBpvcWElVWKmw5JEcKNo1evmy
jxyjKXqN9PLtZxC2A90g9SoFrbmi32Ayb9gDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBi4W71w+BzFDH18VGZI7U1FWQXUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CaTRXNzF3LUJ6RkRIMThW
R1pJN1UxRldRWFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEqw0R8JxM5jJQY/A3nxDNvDdCcwTJkMhRL6
B/WBHrIOpNZDFIJwAsnPg99m0BCJYBL5bMp+ZAC0X3HMTBOKUfx/UCy1ywnBJQya
nOniixtjh1WC50EnkVXjkanm7fJW4ExLyzacTODKVfZQYle3rDAb1jSOXSxHajCw
c1o4WiDVsuV7QZJrxcXKe4DAbcvL1wAMkbb63VlZN0q7NvBT1WYDPFtDJkX5+O9W
AYpE4o0fr35CH+iePCwUJ03dm4c8ebH9InRQV7DQu6wTgJlfs0g07w7sxdGFSS+b
1s5vwtyv+D6JCCgIV3hkr1Vp605kVmDyriEsiTtzVdLIXcwZ20c=
-----END CERTIFICATE-----
Generated at Sat Jun 21 15:08:25 2025 by rpki-client