Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IjcXjNdyaB12wN9uCVkI9XuHuVM.roa
File: IjcXjNdyaB12wN9uCVkI9XuHuVM.roa (raw, json)
Hash identifier: 0j9GVWR6lVhHmKvknoJDssZXwlnMw9vNqvWOJIFJewY=
Subject key identifier: 22:37:17:8C:D7:72:68:1D:76:C0:DF:6E:09:59:08:F5:7B:87:B9:53
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1924
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IjcXjNdyaB12wN9uCVkI9XuHuVM.roa
Signing time: Mon 09 Jun 2025 14:39:36 +0000
ROA not before: Mon 09 Jun 2025 14:39:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6436 (0x1924)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 14:39:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2237178CD772681D76C0DF6E095908F57B87B953
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8f:22:fe:86:52:44:8b:8f:3e:7d:9f:51:7b:
5c:0a:40:21:1d:1f:76:76:dd:21:c1:00:53:45:73:
85:37:fc:bd:88:8a:f3:ee:84:94:ee:4a:d0:c8:bf:
b3:5b:2f:9a:9b:28:d2:a1:a8:60:52:0a:29:f5:ef:
d7:41:22:b4:b1:77:d5:77:09:ad:ad:d6:f3:f9:c3:
f4:04:72:10:47:80:e0:9b:d0:ee:eb:7b:d1:06:a2:
bb:21:aa:9b:d3:41:2d:67:63:81:77:3e:80:40:64:
bb:b5:0b:38:b4:b7:06:94:69:8e:32:d2:cb:24:11:
d5:db:8b:a8:1e:b6:ad:b5:c2:9a:fb:31:8c:ca:3f:
79:3d:7a:0f:84:8b:89:04:ab:cb:1a:19:b7:0c:33:
13:60:74:65:91:de:c5:8d:87:ed:5a:55:c0:16:21:
ed:35:14:73:dd:c5:b9:c2:e0:f7:ef:36:02:92:b2:
84:54:c9:10:d4:62:24:9b:e6:b2:88:a1:a2:8d:45:
8c:d3:7d:6e:87:26:08:96:17:b5:ac:fd:18:fb:92:
da:ee:65:99:d1:06:d4:1d:f2:7d:69:ce:63:b7:5a:
1e:fa:7a:fa:a0:32:b6:c3:24:fa:af:4c:5d:7d:61:
b2:c4:65:ea:31:35:3f:51:7e:c9:a9:9e:9e:be:81:
e5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:37:17:8C:D7:72:68:1D:76:C0:DF:6E:09:59:08:F5:7B:87:B9:53
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IjcXjNdyaB12wN9uCVkI9XuHuVM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:42:d7:7c:b8:48:7c:f4:70:de:e4:b9:58:aa:80:56:45:f1:
dd:7b:7a:56:7f:6c:ca:a1:f5:60:fa:1d:42:96:c5:d7:a5:ee:
74:01:23:47:06:3c:79:cc:15:57:04:46:88:9d:29:e2:01:b6:
81:47:96:0f:75:07:42:c2:5a:0d:43:ae:bc:30:0e:e3:49:fe:
94:b5:cc:06:46:b5:3b:a3:9d:10:29:d9:65:82:76:76:50:86:
25:7e:c6:91:32:4d:0f:1f:c7:91:85:72:03:4d:4d:b2:07:e9:
65:28:da:3e:44:e7:c6:57:19:40:d8:11:1a:c7:68:d5:b9:38:
32:56:3b:51:a3:9e:60:ad:13:f1:ab:c8:fc:19:34:50:c6:16:
b9:28:d2:b6:cb:60:3e:8e:23:93:7f:29:2d:98:7b:1c:eb:82:
02:e8:8e:ac:51:89:06:13:e3:28:2c:8b:af:a0:19:f2:f3:09:
65:ff:ac:b4:d2:be:51:9c:8d:a3:fe:08:f8:88:fd:79:92:40:
0f:fc:cb:7d:9c:49:51:34:16:15:12:3d:aa:53:62:8f:8c:4e:
aa:94:72:c9:63:b9:91:ec:78:cd:f1:e6:54:19:23:ae:f8:a9:
ad:36:d2:21:d4:bd:b2:65:14:a9:d4:30:69:20:bc:ba:f4:78:
ab:cf:6a:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGSQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkx
NDM5MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIyMzcxNzhDRDc3MjY4
MUQ3NkMwREY2RTA5NTkwOEY1N0I4N0I5NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzjyL+hlJEi48+fZ9Re1wKQCEdH3Z23SHBAFNFc4U3/L2IivPu
hJTuStDIv7NbL5qbKNKhqGBSCin179dBIrSxd9V3Ca2t1vP5w/QEchBHgOCb0O7r
e9EGorshqpvTQS1nY4F3PoBAZLu1Czi0twaUaY4y0sskEdXbi6getq21wpr7MYzK
P3k9eg+Ei4kEq8saGbcMMxNgdGWR3sWNh+1aVcAWIe01FHPdxbnC4PfvNgKSsoRU
yRDUYiSb5rKIoaKNRYzTfW6HJgiWF7Ws/Rj7ktruZZnRBtQd8n1pzmO3Wh76evqg
MrbDJPqvTF19YbLEZeoxNT9Rfsmpnp6+geWdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIjcXjNdyaB12wN9uCVkI9XuHuVMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JamNYak5keWFCMTJ3Tjl1
Q1ZrSTlYdUh1Vk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIlC13y4SHz0cN7kuViqgFZF8d17elZ/bMqh
9WD6HUKWxdel7nQBI0cGPHnMFVcERoidKeIBtoFHlg91B0LCWg1DrrwwDuNJ/pS1
zAZGtTujnRAp2WWCdnZQhiV+xpEyTQ8fx5GFcgNNTbIH6WUo2j5E58ZXGUDYERrH
aNW5ODJWO1GjnmCtE/GryPwZNFDGFrko0rbLYD6OI5N/KS2YexzrggLojqxRiQYT
4ygsi6+gGfLzCWX/rLTSvlGcjaP+CPiI/XmSQA/8y32cSVE0FhUSPapTYo+MTqqU
csljuZHseM3x5lQZI674qa020iHUvbJlFKnUMGkgvLr0eKvPalU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:20:46 2025 by rpki-client