Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0P3NNoO_23pQ5uAgaTQkOZOy47k.roa
File: 0P3NNoO_23pQ5uAgaTQkOZOy47k.roa (raw, json)
Hash identifier: rjU7PTYBQqRhtAuHmMTWvpwwWtmXHwMXpytnQbCgG8w=
Subject key identifier: D0:FD:CD:36:83:BF:DB:7A:50:E6:E0:20:69:34:24:39:93:B2:E3:B9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C90
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0P3NNoO_23pQ5uAgaTQkOZOy47k.roa
Signing time: Sat 14 Jun 2025 04:09:55 +0000
ROA not before: Sat 14 Jun 2025 04:09:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7312 (0x1c90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 04:09:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D0FDCD3683BFDB7A50E6E0206934243993B2E3B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:13:5b:58:46:95:21:f0:e5:bf:39:6a:9c:c0:
ab:66:98:41:7f:a3:6e:60:1b:35:e0:d0:76:d0:4f:
64:6c:d3:70:26:48:27:80:51:13:f2:36:54:9e:4c:
0c:59:1d:a5:2a:94:c0:af:83:b6:12:87:92:e0:0f:
f9:d7:2d:b6:1e:b0:2a:84:6a:09:74:48:55:97:9f:
2e:12:e8:b0:68:7d:99:6d:e3:d9:8a:54:bc:09:74:
d8:22:9a:c6:f5:dd:53:83:58:d0:56:92:27:c3:5d:
98:e0:ce:f9:39:eb:4d:ae:30:67:f2:82:fa:fd:9b:
a0:8f:5e:f4:e6:97:ac:f0:cd:31:ed:3a:f2:f4:71:
99:58:6b:6a:10:e2:68:17:34:e5:f1:6b:be:5f:29:
f9:33:b1:3e:17:d0:9d:cd:fc:2c:51:c5:08:24:24:
d5:b5:e3:12:78:86:05:08:5a:39:b8:d8:70:08:b5:
e8:bc:38:6b:3d:99:a1:02:72:02:79:db:3c:19:c5:
43:2b:fc:e1:93:7c:0f:54:79:62:a8:f7:33:aa:7e:
cb:d7:23:f7:f8:44:87:53:76:37:6e:6c:c9:41:12:
70:82:44:d8:35:6a:cf:18:e5:e8:ec:2d:f1:11:d4:
54:c5:ac:a1:55:eb:65:9b:21:39:04:48:86:62:79:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FD:CD:36:83:BF:DB:7A:50:E6:E0:20:69:34:24:39:93:B2:E3:B9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0P3NNoO_23pQ5uAgaTQkOZOy47k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:f1:6a:5e:36:7d:15:29:d1:d1:ab:30:c4:4f:41:39:af:5b:
f8:92:e1:6d:3a:41:2b:01:4e:be:87:68:bf:10:6d:24:db:0f:
99:4f:a3:8b:c4:90:79:09:10:e8:df:2a:46:f8:2c:a3:dc:19:
49:6a:be:17:bc:b4:b3:e6:37:43:11:a4:b0:51:cc:37:6d:bc:
f0:fc:15:bb:25:a8:dd:97:bd:17:9e:92:d9:80:47:f8:99:41:
b5:09:bb:c7:9c:f9:2d:82:15:a4:c9:8b:48:19:ab:fd:af:1d:
cf:41:8f:c0:cc:38:34:91:5d:3f:02:b2:9a:b2:83:02:f5:26:
7b:e1:f5:d7:37:37:5a:44:9a:f2:36:78:c6:f0:d6:75:61:bb:
f8:a5:f8:76:aa:88:d5:73:b5:9b:6c:fe:f1:78:6c:a7:78:92:
e1:b4:34:b3:97:6c:3b:55:2c:d7:97:42:b7:48:90:2b:4e:26:
e4:69:3a:3f:9d:05:99:71:90:62:c6:ab:21:7c:05:80:6d:8f:
06:b6:3e:c3:ff:9e:12:fc:e7:7f:ba:73:7a:b1:a1:04:a0:f0:
83:0c:02:72:4e:44:e6:f3:54:fd:41:2c:a0:d1:2b:a0:ce:0b:
b0:8c:0e:1f:88:ec:11:d6:7a:a1:f4:a3:ed:e2:74:c5:2f:09:
66:6f:6f:77
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
NDA5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQwRkRDRDM2ODNCRkRC
N0E1MEU2RTAyMDY5MzQyNDM5OTNCMkUzQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDE1tYRpUh8OW/OWqcwKtmmEF/o25gGzXg0HbQT2Rs03AmSCeA
URPyNlSeTAxZHaUqlMCvg7YSh5LgD/nXLbYesCqEagl0SFWXny4S6LBofZlt49mK
VLwJdNgimsb13VODWNBWkifDXZjgzvk5602uMGfygvr9m6CPXvTml6zwzTHtOvL0
cZlYa2oQ4mgXNOXxa75fKfkzsT4X0J3N/CxRxQgkJNW14xJ4hgUIWjm42HAItei8
OGs9maECcgJ52zwZxUMr/OGTfA9UeWKo9zOqfsvXI/f4RIdTdjdubMlBEnCCRNg1
as8Y5ejsLfER1FTFrKFV62WbITkESIZieTBXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0P3NNoO/23pQ5uAgaTQkOZOy47kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wUDNOTm9PXzIzcFE1dUFn
YVRRa09aT3k0N2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHzxal42fRUp0dGrMMRPQTmvW/iS4W06QSsB
Tr6HaL8QbSTbD5lPo4vEkHkJEOjfKkb4LKPcGUlqvhe8tLPmN0MRpLBRzDdtvPD8
FbslqN2XvReektmAR/iZQbUJu8ec+S2CFaTJi0gZq/2vHc9Bj8DMODSRXT8Cspqy
gwL1Jnvh9dc3N1pEmvI2eMbw1nVhu/il+HaqiNVztZts/vF4bKd4kuG0NLOXbDtV
LNeXQrdIkCtOJuRpOj+dBZlxkGLGqyF8BYBtjwa2PsP/nhL853+6c3qxoQSg8IMM
AnJORObzVP1BLKDRK6DOC7CMDh+I7BHWeqH0o+3idMUvCWZvb3c=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:08:09 2025 by rpki-client