Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zlO20TKVTQfitVUGni0vo_86y9o.roa
File: zlO20TKVTQfitVUGni0vo_86y9o.roa (raw, json)
Hash identifier: QqFkYIhm/KTmcX2g8Oc5O6MmYvTTtojFF8Uy5eqLz9c=
Subject key identifier: CE:53:B6:D1:32:95:4D:07:E2:B5:55:06:9E:2D:2F:A3:FF:3A:CB:DA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08C0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zlO20TKVTQfitVUGni0vo_86y9o.roa
Signing time: Sun 18 May 2025 18:08:53 +0000
ROA not before: Sun 18 May 2025 18:08:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2240 (0x8c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 18:08:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CE53B6D132954D07E2B555069E2D2FA3FF3ACBDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2f:64:f1:17:d2:c1:72:af:c0:fe:bf:3c:11:
4e:13:66:33:e0:0f:2f:a4:0c:73:93:f6:ba:a7:34:
40:84:4c:11:3a:53:9e:c8:c0:f6:5c:3f:16:a0:12:
39:88:92:5e:be:eb:d1:19:94:91:58:0c:c6:94:0f:
80:42:3e:11:4f:60:71:af:9a:0e:22:e6:42:d1:66:
b2:1d:35:61:d3:99:52:d2:bc:2c:65:4d:ad:e5:37:
a9:43:32:d4:94:45:7b:59:41:9e:bf:1e:23:df:a6:
32:db:48:c7:69:50:00:03:f2:14:af:c3:8d:16:04:
e4:72:02:0a:35:7d:33:87:b5:12:e8:f1:38:47:cc:
c2:18:a4:c7:10:9c:99:b6:ab:98:4b:41:cf:90:86:
65:ef:0b:5e:5a:a6:41:a9:50:c4:50:f2:cd:08:0b:
15:ef:bb:3f:54:5e:23:13:1e:e9:6d:0d:ec:9b:52:
bc:9c:8f:43:24:a0:bf:41:77:84:62:63:80:0d:7c:
53:70:4d:b1:79:93:62:a8:b5:ee:11:99:42:df:a8:
06:d7:5d:8b:c1:4b:6f:a1:e6:00:d3:d2:34:b9:3b:
c2:1e:cc:8e:38:d2:84:fa:9d:37:fd:ee:fa:c4:02:
9f:0a:d5:3c:b1:5b:7b:9b:34:bf:db:9f:32:83:d1:
35:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:53:B6:D1:32:95:4D:07:E2:B5:55:06:9E:2D:2F:A3:FF:3A:CB:DA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zlO20TKVTQfitVUGni0vo_86y9o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:16:86:9f:67:e8:8e:e1:53:a9:42:69:c2:2d:d3:db:73:34:
6e:ab:59:bb:3f:34:ff:a1:b1:e4:7c:99:d8:c8:8c:9c:c2:79:
45:7f:52:c6:e0:3f:58:67:3b:5a:3a:cb:c3:d6:db:40:df:da:
e0:6a:f1:24:0a:c3:bf:0f:18:e1:49:19:e3:6b:3d:5f:13:61:
88:56:9d:3e:78:28:16:d0:71:e3:63:89:65:eb:38:52:0c:06:
00:74:80:be:0a:43:d9:3a:36:56:73:c5:65:ce:72:77:3f:9b:
a8:3b:fa:9f:9c:ca:e3:09:2c:39:96:cf:1c:96:e6:7e:b0:35:
6a:87:03:f5:91:15:c4:41:ad:e1:4b:bf:28:48:e2:b0:06:94:
ba:97:d7:2a:28:e1:21:d9:10:6e:c1:31:3d:8c:28:ca:83:a4:
c5:05:f6:41:de:9c:85:84:3b:8c:da:f8:0b:5d:e7:5e:9c:4b:
90:58:2f:70:c3:54:ca:f5:b4:da:cf:79:82:3e:b9:3a:6c:39:
bb:86:54:ed:7a:9c:6c:37:4a:87:9d:9e:6d:37:f5:57:fe:65:
f0:a7:45:2c:fd:3c:a2:87:f4:a4:52:99:a1:08:20:18:0d:ff:
2d:fa:68:f7:13:c1:bb:05:a8:55:b1:f8:1f:40:b1:86:58:c9:
d8:79:8d:fd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
ODA4NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENFNTNCNkQxMzI5NTRE
MDdFMkI1NTUwNjlFMkQyRkEzRkYzQUNCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcL2TxF9LBcq/A/r88EU4TZjPgDy+kDHOT9rqnNECETBE6U57I
wPZcPxagEjmIkl6+69EZlJFYDMaUD4BCPhFPYHGvmg4i5kLRZrIdNWHTmVLSvCxl
Ta3lN6lDMtSURXtZQZ6/HiPfpjLbSMdpUAAD8hSvw40WBORyAgo1fTOHtRLo8ThH
zMIYpMcQnJm2q5hLQc+QhmXvC15apkGpUMRQ8s0ICxXvuz9UXiMTHultDeybUryc
j0MkoL9Bd4RiY4ANfFNwTbF5k2Kote4RmULfqAbXXYvBS2+h5gDT0jS5O8IezI44
0oT6nTf97vrEAp8K1TyxW3ubNL/bnzKD0TVhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzlO20TKVTQfitVUGni0vo/86y9owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96bE8yMFRLVlRRZml0VlVH
bmkwdm9fODZ5OW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFQWhp9n6I7hU6lCacIt09tzNG6rWbs/NP+h
seR8mdjIjJzCeUV/UsbgP1hnO1o6y8PW20Df2uBq8SQKw78PGOFJGeNrPV8TYYhW
nT54KBbQceNjiWXrOFIMBgB0gL4KQ9k6NlZzxWXOcnc/m6g7+p+cyuMJLDmWzxyW
5n6wNWqHA/WRFcRBreFLvyhI4rAGlLqX1yoo4SHZEG7BMT2MKMqDpMUF9kHenIWE
O4za+Atd516cS5BYL3DDVMr1tNrPeYI+uTpsObuGVO16nGw3Soednm039Vf+ZfCn
RSz9PKKH9KRSmaEIIBgN/y36aPcTwbsFqFWx+B9AsYZYydh5jf0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:24 2025 by rpki-client