Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/vNpzUGFYj-YtRmR8IyLY8Xn2D24.roa
File: vNpzUGFYj-YtRmR8IyLY8Xn2D24.roa (raw, json)
Hash identifier: hFerLR8OFBgKA0AUlziRwOL1l5ouR73TDrm/c2SRLN8=
Subject key identifier: BC:DA:73:50:61:58:8F:E6:2D:46:64:7C:23:22:D8:F1:79:F6:0F:6E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14D4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vNpzUGFYj-YtRmR8IyLY8Xn2D24.roa
Signing time: Tue 03 Jun 2025 20:39:17 +0000
ROA not before: Tue 03 Jun 2025 20:39:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5332 (0x14d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 20:39:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BCDA735061588FE62D46647C2322D8F179F60F6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c9:1a:44:b1:3f:1e:5e:68:a9:3e:1c:a2:da:
b6:8c:39:73:9b:40:12:28:be:86:75:02:d7:a1:35:
cf:47:54:55:3a:4a:c6:b2:48:3b:16:b9:e5:37:f4:
90:06:df:ed:76:bc:ec:37:4c:ae:c6:91:62:0a:84:
72:4f:67:a2:ed:9f:d2:93:8f:82:ff:7b:e5:f9:ef:
23:af:89:17:aa:76:b2:55:73:1e:04:c0:5e:ba:05:
cd:fa:dd:86:a0:1c:a7:35:d3:f2:9f:cc:18:5a:f3:
81:ed:61:63:bf:9a:3a:b0:d1:f3:ad:bb:2d:c6:d2:
35:2d:17:d0:2c:5a:1f:d5:44:23:cc:67:f5:5f:1e:
cc:18:ab:57:e7:06:d2:b4:ce:f3:c3:78:c5:91:7f:
ed:29:a7:bd:57:53:8e:41:e2:9a:19:3b:0d:67:c7:
ca:9c:3f:5e:eb:ec:d1:33:cc:86:ac:79:ca:8f:97:
28:9e:66:c9:29:40:cb:db:53:6d:4c:72:66:f7:07:
5d:93:04:c0:11:5c:4f:87:11:ae:31:f8:05:4d:58:
a0:31:8d:75:fc:a5:13:0c:c4:4b:87:b1:74:37:f3:
9e:68:8d:54:f7:31:cd:59:28:e7:4d:01:03:36:77:
79:84:b1:40:c4:fb:f4:db:8c:0b:6b:87:2d:92:23:
0c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DA:73:50:61:58:8F:E6:2D:46:64:7C:23:22:D8:F1:79:F6:0F:6E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vNpzUGFYj-YtRmR8IyLY8Xn2D24.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:1a:a1:44:9d:51:bb:3e:8e:26:3f:8a:8a:4a:63:d5:07:a2:
c6:89:13:cd:50:e8:ce:f4:8e:cc:0d:15:e6:ee:34:bc:1a:bb:
94:7f:12:b8:58:78:d7:a2:21:51:4a:89:b2:f5:1c:d9:a6:bb:
8f:f7:3f:e4:63:2a:9d:6e:b6:c1:f4:cf:3e:33:43:b5:94:10:
d8:be:a1:6f:5f:ee:17:26:c6:64:d1:83:a9:7c:3f:11:df:aa:
e2:29:4b:14:f8:d7:a0:fa:7e:be:f0:94:a9:b6:ae:86:36:bb:
4e:a5:70:bf:95:69:cd:83:1d:88:8f:7c:c2:78:27:3b:1d:e4:
53:59:69:52:9e:af:68:99:70:c8:02:cb:28:ea:5b:c7:5b:c0:
b7:c7:8e:ac:68:33:60:af:a9:fd:13:bf:50:3b:a0:8a:8f:f7:
a7:0f:17:b5:60:b2:6c:7a:11:10:b3:ff:14:b9:e0:2f:85:99:
c6:d8:7f:37:99:27:55:0f:77:1b:86:af:35:87:9d:94:15:3d:
1b:5d:1f:65:e5:0e:a7:d9:89:35:1c:65:e3:98:d2:6f:fc:70:
8b:06:ce:60:69:a9:76:c3:f4:17:d4:f7:69:0e:2d:0b:a7:83:
fb:e0:ba:68:22:f3:c3:6f:0f:48:36:9a:35:97:3a:b8:13:a0:
68:de:1f:f0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFNQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMy
MDM5MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJDREE3MzUwNjE1ODhG
RTYyRDQ2NjQ3QzIzMjJEOEYxNzlGNjBGNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRyRpEsT8eXmipPhyi2raMOXObQBIovoZ1AtehNc9HVFU6Ssay
SDsWueU39JAG3+12vOw3TK7GkWIKhHJPZ6Ltn9KTj4L/e+X57yOviReqdrJVcx4E
wF66Bc363YagHKc10/KfzBha84HtYWO/mjqw0fOtuy3G0jUtF9AsWh/VRCPMZ/Vf
HswYq1fnBtK0zvPDeMWRf+0pp71XU45B4poZOw1nx8qcP17r7NEzzIasecqPlyie
ZskpQMvbU21Mcmb3B12TBMARXE+HEa4x+AVNWKAxjXX8pRMMxEuHsXQ3855ojVT3
Mc1ZKOdNAQM2d3mEsUDE+/TbjAtrhy2SIwwNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvNpzUGFYj+YtRmR8IyLY8Xn2D24wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92TnB6VUdGWWotWXRSbVI4
SXlMWThYbjJEMjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGsaoUSdUbs+jiY/iopKY9UHosaJE81Q6M70
jswNFebuNLwau5R/ErhYeNeiIVFKibL1HNmmu4/3P+RjKp1utsH0zz4zQ7WUENi+
oW9f7hcmxmTRg6l8PxHfquIpSxT416D6fr7wlKm2roY2u06lcL+Vac2DHYiPfMJ4
Jzsd5FNZaVKer2iZcMgCyyjqW8dbwLfHjqxoM2Cvqf0Tv1A7oIqP96cPF7Vgsmx6
ERCz/xS54C+FmcbYfzeZJ1UPdxuGrzWHnZQVPRtdH2XlDqfZiTUcZeOY0m/8cIsG
zmBpqXbD9BfU92kOLQung/vgumgi88NvD0g2mjWXOrgToGjeH/A=
-----END CERTIFICATE-----
Generated at Sat Jun 21 14:35:01 2025 by rpki-client