Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fdULfzuxhlOycQuvbS998kcu3Vc.roa
File: fdULfzuxhlOycQuvbS998kcu3Vc.roa (raw, json)
Hash identifier: l7o0wdkg1QZIif0Qd9Zz0dTuzHp4KPjdENYzwuMHzJg=
Subject key identifier: 7D:D5:0B:7F:3B:B1:86:53:B2:71:0B:AF:6D:2F:7D:F2:47:2E:DD:57
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 151C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fdULfzuxhlOycQuvbS998kcu3Vc.roa
Signing time: Wed 04 Jun 2025 05:39:31 +0000
ROA not before: Wed 04 Jun 2025 05:39:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5404 (0x151c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 05:39:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7DD50B7F3BB18653B2710BAF6D2F7DF2472EDD57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:22:3e:0d:76:cd:3f:23:8b:e7:d5:44:e0:69:
4b:49:04:e1:cb:f6:f3:66:99:a3:cb:6d:e9:2d:d2:
5e:df:a8:80:ee:2c:88:7f:2f:ce:43:79:d8:07:54:
9d:e7:2e:82:34:e0:79:04:dc:dc:b7:d6:be:5c:99:
f7:1e:b0:2e:a0:55:09:37:d8:3a:8f:1a:23:4f:08:
f7:d4:0b:de:e5:5b:46:27:87:c6:e2:25:ef:14:15:
c1:27:82:9d:3a:14:bd:c0:bd:29:71:5d:74:db:da:
bb:50:7f:5f:fd:d0:88:b5:76:d7:0f:40:03:77:d7:
31:6b:89:ff:83:75:be:e7:d2:ed:50:37:9a:c4:5c:
15:73:14:28:ce:02:09:8b:aa:b9:04:b2:10:fd:79:
56:f1:1d:f3:e6:73:cf:df:a6:57:01:a3:d8:d3:0c:
2e:82:46:93:c3:ef:a9:89:c4:e4:24:04:8b:1f:84:
f4:e2:02:f2:e5:cd:d7:46:41:6a:22:70:3d:26:b1:
78:4b:0f:0a:de:e5:bd:52:b7:d3:d4:fe:20:7a:68:
31:db:cb:74:ed:d1:6e:aa:db:21:c5:14:c3:9b:87:
8b:f1:c3:0e:cb:3d:6f:14:c7:3f:6e:46:b6:bc:5b:
eb:01:82:6c:7d:53:15:85:4a:f6:ce:eb:a2:f4:32:
aa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D5:0B:7F:3B:B1:86:53:B2:71:0B:AF:6D:2F:7D:F2:47:2E:DD:57
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fdULfzuxhlOycQuvbS998kcu3Vc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:f6:cf:06:79:42:85:ac:9b:e4:a5:39:d6:27:29:8d:db:82:
3d:63:89:04:58:f2:ae:50:32:c0:ee:6f:3d:53:8d:6e:2d:56:
bc:74:0a:06:ba:0c:6e:1f:41:56:18:3d:61:7e:02:c0:ab:99:
61:70:59:2f:6e:56:5c:29:aa:7a:b1:cf:29:ff:2f:76:86:85:
20:52:ea:ef:e7:e6:93:de:92:3d:cb:fd:1c:65:63:d8:3e:4a:
19:a5:3b:98:68:f4:52:c5:c2:2d:d0:91:59:1e:84:11:1d:14:
32:e0:dc:c7:23:b6:49:6a:b9:c9:3a:44:e4:f9:00:27:2a:17:
cd:78:d8:33:94:d6:25:f3:ee:89:e8:14:2c:44:6a:07:37:df:
c6:7e:78:c5:cf:6d:b0:3c:35:af:2e:84:d6:19:2b:a3:04:2f:
c5:9b:79:46:67:c8:33:c5:c2:a3:8e:cc:fb:76:cb:8c:88:74:
df:1e:5d:47:49:28:f6:9d:1d:18:70:81:e6:2f:54:52:72:56:
5d:2e:7b:94:49:79:11:30:9b:a4:4d:97:ef:6c:06:da:10:fb:
eb:a0:63:3a:7d:71:60:cb:a6:39:9c:50:4a:82:8d:2b:af:18:
9e:a0:c8:64:7d:2a:c5:43:5c:77:01:f6:58:68:f1:8d:58:bc:
53:04:e3:61
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFRwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQw
NTM5MzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdERDUwQjdGM0JCMTg2
NTNCMjcxMEJBRjZEMkY3REYyNDcyRURENTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNIj4Nds0/I4vn1UTgaUtJBOHL9vNmmaPLbekt0l7fqIDuLIh/
L85DedgHVJ3nLoI04HkE3Ny31r5cmfcesC6gVQk32DqPGiNPCPfUC97lW0Ynh8bi
Je8UFcEngp06FL3AvSlxXXTb2rtQf1/90Ii1dtcPQAN31zFrif+Ddb7n0u1QN5rE
XBVzFCjOAgmLqrkEshD9eVbxHfPmc8/fplcBo9jTDC6CRpPD76mJxOQkBIsfhPTi
AvLlzddGQWoicD0msXhLDwre5b1St9PU/iB6aDHby3Tt0W6q2yHFFMObh4vxww7L
PW8Uxz9uRra8W+sBgmx9UxWFSvbO66L0MqrHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfdULfzuxhlOycQuvbS998kcu3VcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mZFVMZnp1eGhsT3ljUXV2
YlM5OThrY3UzVmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABX2zwZ5QoWsm+SlOdYnKY3bgj1jiQRY8q5Q
MsDubz1TjW4tVrx0Cga6DG4fQVYYPWF+AsCrmWFwWS9uVlwpqnqxzyn/L3aGhSBS
6u/n5pPekj3L/RxlY9g+ShmlO5ho9FLFwi3QkVkehBEdFDLg3Mcjtklquck6ROT5
ACcqF8142DOU1iXz7onoFCxEagc338Z+eMXPbbA8Na8uhNYZK6MEL8WbeUZnyDPF
wqOOzPt2y4yIdN8eXUdJKPadHRhwgeYvVFJyVl0ue5RJeREwm6RNl+9sBtoQ++ug
Yzp9cWDLpjmcUEqCjSuvGJ6gyGR9KsVDXHcB9lho8Y1YvFME42E=
-----END CERTIFICATE-----
Generated at Sun Jun 22 10:35:20 2025 by rpki-client