Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BpU3dQmderUdFv6R61jWr2oJE2c.roa
File: BpU3dQmderUdFv6R61jWr2oJE2c.roa (raw, json)
Hash identifier: IbNwQnG3PDHR0x57zNG1zp53JIUdp0fzORGYpvQM7OY=
Subject key identifier: 06:95:37:75:09:9D:7A:B5:1D:16:FE:91:EB:58:D6:AF:6A:09:13:67
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BFC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BpU3dQmderUdFv6R61jWr2oJE2c.roa
Signing time: Fri 23 May 2025 01:38:43 +0000
ROA not before: Fri 23 May 2025 01:38:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3068 (0xbfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 01:38:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=06953775099D7AB51D16FE91EB58D6AF6A091367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:8d:7f:84:2d:a3:e6:40:b1:3b:5e:1c:e0:
7d:34:11:ab:2b:4f:7d:2c:30:f9:d6:fb:0c:fe:a6:
dc:25:5f:43:ac:9c:54:b9:da:8b:c0:d7:d1:09:b2:
fb:9e:0c:41:3d:b0:1e:13:e4:c8:a0:08:99:b6:34:
a5:d9:fe:27:f1:f3:a8:94:63:c4:96:79:f2:65:f3:
0c:28:46:e5:4a:f6:de:e6:15:c6:72:04:b1:b2:3a:
d7:9f:99:49:d5:7e:62:c3:ff:8d:6d:56:49:ee:11:
bc:16:08:fb:82:f4:fe:56:a4:f3:2b:dc:49:0e:0a:
51:19:3f:1f:e5:b8:b2:d7:ab:8d:7a:5c:39:d2:74:
1c:66:04:35:94:ef:3d:6f:e2:42:46:78:46:9f:34:
71:94:1a:5a:d8:11:27:dd:41:77:8e:87:ce:be:dc:
1c:ed:95:4f:2a:04:ef:5a:30:ab:98:07:d1:7a:30:
33:1e:03:71:f1:7e:9f:c0:db:0f:31:b0:f2:2f:03:
cc:22:75:06:dc:b9:f5:d7:ba:da:6b:6a:c6:74:c6:
a6:48:d7:db:f8:ff:e3:2e:fb:23:88:69:78:03:d4:
b0:1c:c5:ba:d4:56:f9:d6:39:ce:ab:3d:17:6d:3d:
b6:3c:f8:0e:e4:92:a6:f8:c5:53:4a:ca:3e:e3:cd:
c2:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:95:37:75:09:9D:7A:B5:1D:16:FE:91:EB:58:D6:AF:6A:09:13:67
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BpU3dQmderUdFv6R61jWr2oJE2c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:d3:42:00:2b:e6:34:f7:58:2b:53:56:ab:8b:14:c8:a9:b7:
c0:95:ed:c7:67:25:fb:36:a2:25:0a:4f:83:81:a0:45:c7:60:
cc:f0:62:4e:33:40:46:71:c1:ab:ce:d9:58:7d:35:1e:ec:a0:
72:97:b1:36:5d:19:e1:09:9e:74:18:5a:15:6c:2d:e3:f7:62:
59:bd:b7:3f:41:a6:8b:f7:bf:9a:9c:df:76:be:dc:2f:94:67:
b1:22:65:15:02:c5:2e:d6:fb:c1:f8:a6:5c:13:61:5b:a6:73:
d0:ec:bf:65:3b:4f:cc:44:26:ee:d5:4e:e7:5f:d2:4f:66:12:
d2:94:83:20:f7:74:5e:3a:08:70:ce:30:bd:ee:a4:68:21:58:
2f:64:10:29:f3:2f:a1:79:76:17:e0:c9:23:84:fe:c5:22:56:
7d:6b:97:f7:c2:8e:76:cb:51:e6:de:70:76:38:0e:f7:15:12:
75:16:44:70:00:27:93:fc:60:68:e2:f6:cc:78:06:db:94:8b:
92:e6:4d:90:c5:3e:d8:c2:da:ac:ca:93:da:33:6f:47:1a:ef:
88:c4:0c:cf:aa:15:1a:bc:61:71:c6:92:89:57:f8:fa:15:a5:
e7:11:0e:2b:86:97:5c:56:23:86:11:69:9a:d0:da:56:18:4b:
26:c8:11:52
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
MTM4NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2OTUzNzc1MDk5RDdB
QjUxRDE2RkU5MUVCNThENkFGNkEwOTEzNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0tI1/hC2j5kCxO14c4H00EasrT30sMPnW+wz+ptwlX0OsnFS5
2ovA19EJsvueDEE9sB4T5MigCJm2NKXZ/ifx86iUY8SWefJl8wwoRuVK9t7mFcZy
BLGyOtefmUnVfmLD/41tVknuEbwWCPuC9P5WpPMr3EkOClEZPx/luLLXq416XDnS
dBxmBDWU7z1v4kJGeEafNHGUGlrYESfdQXeOh86+3BztlU8qBO9aMKuYB9F6MDMe
A3Hxfp/A2w8xsPIvA8widQbcufXXutprasZ0xqZI19v4/+Mu+yOIaXgD1LAcxbrU
VvnWOc6rPRdtPbY8+A7kkqb4xVNKyj7jzcINAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBpU3dQmderUdFv6R61jWr2oJE2cwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CcFUzZFFtZGVyVWRGdjZS
NjFqV3Iyb0pFMmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKTTQgAr5jT3WCtTVquLFMipt8CV7cdnJfs2
oiUKT4OBoEXHYMzwYk4zQEZxwavO2Vh9NR7soHKXsTZdGeEJnnQYWhVsLeP3Ylm9
tz9Bpov3v5qc33a+3C+UZ7EiZRUCxS7W+8H4plwTYVumc9Dsv2U7T8xEJu7VTudf
0k9mEtKUgyD3dF46CHDOML3upGghWC9kECnzL6F5dhfgySOE/sUiVn1rl/fCjnbL
UebecHY4DvcVEnUWRHAAJ5P8YGji9sx4BtuUi5LmTZDFPtjC2qzKk9ozb0ca74jE
DM+qFRq8YXHGkolX+PoVpecRDiuGl1xWI4YRaZrQ2lYYSybIEVI=
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:41:09 2025 by rpki-client