Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OzTPEpnnJek4i76Y2EzDuCBUuR8.roa
File: OzTPEpnnJek4i76Y2EzDuCBUuR8.roa (raw, json)
Hash identifier: VjyXhJTUtne/5psekkWhnToiaoQQIP2q+x32w4d/5xk=
Subject key identifier: 3B:34:CF:12:99:E7:25:E9:38:8B:BE:98:D8:4C:C3:B8:20:54:B9:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: E0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OzTPEpnnJek4i76Y2EzDuCBUuR8.roa
Signing time: Thu 08 May 2025 06:09:21 +0000
ROA not before: Thu 08 May 2025 06:09:21 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224 (0xe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 06:09:21 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3B34CF1299E725E9388BBE98D84CC3B82054B91F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:9e:09:ff:d7:1b:70:a6:dd:a8:73:c9:57:
a9:0e:7c:b2:3f:fc:2e:e5:70:ac:6c:41:ff:9d:96:
a4:56:75:11:48:48:d3:a5:90:a6:12:f3:5f:fa:3d:
d7:ee:25:6b:90:b0:5c:81:d3:2a:a0:e9:89:36:6e:
95:ad:6c:04:4d:3c:3c:cb:a8:3a:b5:05:c9:45:04:
ce:0e:44:92:e5:b1:5c:1d:21:b1:10:ea:15:98:03:
4e:ed:fc:81:af:b2:9d:8f:7f:e1:80:25:91:58:53:
7f:2c:f9:31:9b:c6:0e:fb:6d:cb:a0:2e:73:b7:06:
70:4d:eb:4e:33:83:5e:28:d9:75:fc:b6:ef:c3:fc:
e7:d3:90:cc:8d:ad:59:74:20:3f:c2:61:18:a8:af:
4c:03:ee:c2:01:2d:0c:39:21:1a:60:61:c7:18:7d:
21:35:f8:0f:70:1e:e1:6a:73:5c:e8:50:3f:4b:b2:
35:bd:36:d9:d0:20:7b:63:1e:06:3e:fe:23:2c:75:
2b:55:ff:a9:8e:4b:2e:8a:44:3f:aa:4a:0d:23:3e:
7d:51:46:26:91:88:1e:35:59:e2:f3:f5:2c:7a:86:
38:42:00:62:24:6a:5c:85:89:27:86:bb:19:f7:5e:
2d:9c:b2:47:3b:b9:29:d3:0a:76:e2:c3:01:ae:f6:
8a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:34:CF:12:99:E7:25:E9:38:8B:BE:98:D8:4C:C3:B8:20:54:B9:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OzTPEpnnJek4i76Y2EzDuCBUuR8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:fe:26:3b:2d:67:da:5e:03:a5:d3:2d:59:3c:e2:92:68:47:
96:2f:ac:2d:fe:82:63:30:8a:04:ca:d3:f7:ff:fc:8b:8d:da:
4f:48:37:03:10:3a:ad:55:89:8c:94:1b:18:55:2a:1e:4f:9e:
95:50:db:15:78:24:92:8e:d2:db:a0:7e:3e:46:61:d1:ec:88:
ef:eb:a1:76:47:2b:8f:6a:e6:49:3e:11:bb:cc:0b:2a:a8:5d:
c1:91:50:17:53:4b:d2:ae:e3:86:15:5b:f8:3e:0d:8d:e5:86:
b0:11:ae:60:41:ae:bc:43:49:9a:cc:14:0b:4f:dc:7b:43:81:
76:0d:13:8f:82:5b:8a:56:25:37:af:58:f6:2a:34:6d:9d:c8:
69:ea:36:bf:b3:7f:1a:30:92:fa:5c:ad:1d:68:cf:64:02:c5:
cc:08:a7:6c:16:07:4b:8b:3e:db:d6:89:e4:0c:fb:b6:a4:7e:
0e:b1:26:92:97:fb:61:34:7e:dd:a9:a4:72:ad:fd:15:3a:dd:
78:87:40:f5:8d:61:63:95:b5:20:03:2c:77:ae:de:e9:f8:85:
27:5e:3b:5a:9e:0d:53:51:3a:07:d1:55:28:d3:19:05:6e:30:
8a:70:5c:42:73:ef:53:c8:47:c1:79:01:42:27:97:d3:68:b6:
ff:64:ce:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NjA5MjFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNCMzRDRjEyOTlFNzI1
RTkzODhCQkU5OEQ4NENDM0I4MjA1NEI5MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtS54J/9cbcKbdqHPJV6kOfLI//C7lcKxsQf+dlqRWdRFISNOl
kKYS81/6PdfuJWuQsFyB0yqg6Yk2bpWtbARNPDzLqDq1BclFBM4ORJLlsVwdIbEQ
6hWYA07t/IGvsp2Pf+GAJZFYU38s+TGbxg77bcugLnO3BnBN604zg14o2XX8tu/D
/OfTkMyNrVl0ID/CYRior0wD7sIBLQw5IRpgYccYfSE1+A9wHuFqc1zoUD9LsjW9
NtnQIHtjHgY+/iMsdStV/6mOSy6KRD+qSg0jPn1RRiaRiB41WeLz9Sx6hjhCAGIk
alyFiSeGuxn3Xi2cskc7uSnTCnbiwwGu9ooFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOzTPEpnnJek4i76Y2EzDuCBUuR8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PelRQRXBubkplazRpNzZZ
MkV6RHVDQlV1Ujgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIP+JjstZ9peA6XTLVk84pJoR5YvrC3+gmMw
igTK0/f//IuN2k9INwMQOq1ViYyUGxhVKh5PnpVQ2xV4JJKO0tugfj5GYdHsiO/r
oXZHK49q5kk+EbvMCyqoXcGRUBdTS9Ku44YVW/g+DY3lhrARrmBBrrxDSZrMFAtP
3HtDgXYNE4+CW4pWJTevWPYqNG2dyGnqNr+zfxowkvpcrR1oz2QCxcwIp2wWB0uL
PtvWieQM+7akfg6xJpKX+2E0ft2ppHKt/RU63XiHQPWNYWOVtSADLHeu3un4hSde
O1qeDVNROgfRVSjTGQVuMIpwXEJz71PIR8F5AUInl9Notv9kzmw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:53:31 2025 by rpki-client