Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uppztjGSC5m0PTX00YEt4iq9Ha0.roa
File: uppztjGSC5m0PTX00YEt4iq9Ha0.roa (raw, json)
Hash identifier: t8+3giGH4jEIEuAfvM3/SjT/Yaz15X5baKIb02eXuHQ=
Subject key identifier: BA:9A:73:B6:31:92:0B:99:B4:3D:35:F4:D1:81:2D:E2:2A:BD:1D:AD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D14
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uppztjGSC5m0PTX00YEt4iq9Ha0.roa
Signing time: Sat 14 Jun 2025 20:39:57 +0000
ROA not before: Sat 14 Jun 2025 20:39:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7444 (0x1d14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 20:39:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BA9A73B631920B99B43D35F4D1812DE22ABD1DAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5e:d0:d8:f6:5f:ea:b6:25:a6:c1:a5:42:7b:
97:05:6e:07:32:de:b5:db:1b:e1:75:13:b0:97:b6:
3d:25:76:4f:87:54:3b:24:2d:66:35:d5:65:58:b0:
79:c6:37:6b:01:c0:5a:55:db:4d:00:ad:0a:2b:0d:
89:93:11:00:5e:b9:66:a3:94:67:b2:5b:2a:ee:f3:
0f:14:35:34:ad:b0:9e:39:75:39:98:bd:4e:58:85:
71:a0:38:e9:21:ff:f1:da:b5:a8:21:fe:c3:0a:50:
d6:dc:ce:69:1a:69:c7:51:eb:80:21:05:48:66:d1:
4c:0e:9d:e0:0f:86:65:49:aa:0a:63:30:a3:6c:23:
b5:ec:d6:c0:19:a1:db:98:b0:0b:2a:27:50:6a:48:
88:29:46:9a:af:ad:45:9c:ba:b9:0c:83:cf:b1:f3:
8e:76:a5:c0:a7:6b:1e:24:a0:44:02:8e:0d:a5:f8:
86:85:c7:dc:b1:44:c4:22:f3:29:45:f3:8a:00:3a:
e7:53:d1:56:6b:dc:75:e1:d6:7a:86:eb:36:06:b8:
95:27:2f:2c:6e:5d:32:5f:e5:4d:14:fa:7c:f6:f6:
54:f6:39:55:a5:7f:4b:58:4d:64:9b:d1:21:42:55:
55:9b:4e:61:1a:00:26:e7:9b:d7:72:0e:ea:8a:bd:
68:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9A:73:B6:31:92:0B:99:B4:3D:35:F4:D1:81:2D:E2:2A:BD:1D:AD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uppztjGSC5m0PTX00YEt4iq9Ha0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:e5:2a:0d:20:1a:dc:d3:2a:7a:3e:23:17:91:5c:c9:15:2a:
d5:d2:7a:91:0e:62:e1:ec:39:c1:2d:c3:09:10:38:55:bf:61:
6e:c1:d2:6a:96:38:f1:66:cb:e1:e5:a6:80:e7:34:6c:cc:ba:
12:bb:c1:f1:25:f0:36:fc:8f:b0:24:d4:5a:46:de:0e:00:97:
f4:1f:d2:d7:70:92:23:cd:66:0a:0b:53:dd:9f:6d:35:72:86:
7b:1e:79:77:f9:61:57:dd:9d:99:94:dc:9b:4c:9a:73:f7:78:
3c:8f:68:82:4a:5d:ec:53:b8:dd:6d:6b:60:90:4b:ce:1b:34:
b9:d4:f6:f5:09:9f:cd:af:a2:e9:f9:cf:6c:ba:07:e4:33:b8:
97:3b:8b:3d:b3:ce:c7:b7:47:78:c0:f5:83:d5:58:e7:74:0f:
05:cd:11:f1:bb:96:8b:fc:c5:c7:16:37:bd:a9:59:6c:a4:5b:
ec:68:5d:ac:53:39:8b:d8:0c:01:de:20:93:b0:3e:cd:52:7a:
e2:f1:5e:5b:05:fe:02:a9:d6:c8:bd:ab:dc:2c:e8:de:ba:ac:
d0:25:10:4c:19:3e:c0:49:66:b8:b4:d3:98:4f:28:8f:04:5f:
b7:39:c3:b0:80:7a:25:04:17:1f:e1:c1:4b:ad:b6:16:f7:f1:
01:f7:59:50
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHRQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQy
MDM5NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJBOUE3M0I2MzE5MjBC
OTlCNDNEMzVGNEQxODEyREUyMkFCRDFEQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwXtDY9l/qtiWmwaVCe5cFbgcy3rXbG+F1E7CXtj0ldk+HVDsk
LWY11WVYsHnGN2sBwFpV200ArQorDYmTEQBeuWajlGeyWyru8w8UNTStsJ45dTmY
vU5YhXGgOOkh//Hatagh/sMKUNbczmkaacdR64AhBUhm0UwOneAPhmVJqgpjMKNs
I7Xs1sAZoduYsAsqJ1BqSIgpRpqvrUWcurkMg8+x8452pcCnax4koEQCjg2l+IaF
x9yxRMQi8ylF84oAOudT0VZr3HXh1nqG6zYGuJUnLyxuXTJf5U0U+nz29lT2OVWl
f0tYTWSb0SFCVVWbTmEaACbnm9dyDuqKvWi9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuppztjGSC5m0PTX00YEt4iq9Ha0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91cHB6dGpHU0M1bTBQVFgw
MFlFdDRpcTlIYTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK/lKg0gGtzTKno+IxeRXMkVKtXSepEOYuHs
OcEtwwkQOFW/YW7B0mqWOPFmy+HlpoDnNGzMuhK7wfEl8Db8j7Ak1FpG3g4Al/Qf
0tdwkiPNZgoLU92fbTVyhnseeXf5YVfdnZmU3JtMmnP3eDyPaIJKXexTuN1ta2CQ
S84bNLnU9vUJn82voun5z2y6B+QzuJc7iz2zzse3R3jA9YPVWOd0DwXNEfG7lov8
xccWN72pWWykW+xoXaxTOYvYDAHeIJOwPs1SeuLxXlsF/gKp1si9q9ws6N66rNAl
EEwZPsBJZri005hPKI8EX7c5w7CAeiUEFx/hwUutthb38QH3WVA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:57:48 2025 by rpki-client