Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Bvv0O8-g-X1r_g6dmvCevSxRa0c.roa
File: Bvv0O8-g-X1r_g6dmvCevSxRa0c.roa (raw, json)
Hash identifier: m+xKGEvsArJvN/3lRAY8cxdFbVhWK2nvkmcMp5nJAaA=
Subject key identifier: 06:FB:F4:3B:CF:A0:F9:7D:6B:FE:0E:9D:9A:F0:9E:BD:2C:51:6B:47
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C94
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Bvv0O8-g-X1r_g6dmvCevSxRa0c.roa
Signing time: Fri 23 May 2025 20:38:39 +0000
ROA not before: Fri 23 May 2025 20:38:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3220 (0xc94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 20:38:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=06FBF43BCFA0F97D6BFE0E9D9AF09EBD2C516B47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:0d:97:0d:da:53:6a:f7:8c:2b:b9:e3:23:d6:
cb:33:05:73:19:73:19:5f:9b:62:fc:c8:26:5c:7c:
9f:9c:a8:f5:0e:1f:c5:ea:9b:c6:6d:e8:94:8f:15:
d7:0a:a3:fc:b3:39:30:3b:95:08:ab:ab:7c:b1:c2:
2f:d5:fa:62:8c:64:5e:a4:5b:d8:16:63:83:b6:33:
df:61:24:37:b5:e1:82:89:31:71:f0:03:07:14:9d:
f9:e8:c3:2a:13:55:1b:43:10:d7:16:01:26:cb:b2:
ab:7e:d5:e4:f2:3a:da:7d:c0:0e:7d:0a:90:df:e9:
fd:61:c4:ee:a7:e4:7f:82:fd:33:b9:90:9b:62:3b:
17:82:88:24:d4:db:1b:bc:4b:d9:e7:b4:f2:6c:9d:
46:be:ba:0c:16:4e:3c:46:59:7f:f5:c6:3d:d4:00:
ab:f3:4a:31:87:24:43:42:3f:67:1c:02:1e:40:09:
ae:88:c5:9b:a6:bc:8b:4f:85:99:32:c1:3f:ac:c3:
33:0e:0d:df:a6:6c:7f:7a:0f:9a:e4:e8:29:82:93:
98:ce:42:f8:6c:97:48:59:13:a3:28:44:35:fb:25:
4c:c2:cb:9e:3a:36:37:c0:a1:09:ce:81:7c:44:a0:
e9:af:8a:79:1c:2a:02:bf:1f:92:97:bb:cc:89:81:
6c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FB:F4:3B:CF:A0:F9:7D:6B:FE:0E:9D:9A:F0:9E:BD:2C:51:6B:47
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Bvv0O8-g-X1r_g6dmvCevSxRa0c.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:45:ae:e3:b8:e6:89:db:26:ac:74:a2:1d:34:8f:7c:43:38:
a2:96:f4:50:fb:57:45:c6:c8:b6:af:c2:cc:4b:08:04:22:ec:
a6:55:1b:00:2b:5d:c2:df:a4:ac:15:2f:ab:cd:ab:af:93:2b:
0d:19:aa:bb:54:ca:0b:59:9f:c0:62:9b:9d:f7:15:49:9e:2f:
d9:ca:ed:5c:7d:d6:cf:48:71:86:3d:62:7f:d7:8d:fa:2d:4a:
f2:c6:9e:b3:72:a8:18:18:84:db:0a:13:94:34:e0:01:f1:88:
a6:1b:dd:28:9b:a4:39:ee:2b:be:50:1b:f9:b2:e6:88:4a:fc:
9c:be:88:09:df:b9:65:76:a6:30:dc:b9:78:db:42:7e:4b:f6:
d2:b7:5b:7a:25:3e:38:bc:4b:1a:34:79:e2:63:0d:bd:e6:c3:
40:52:a6:31:b5:38:22:f8:9e:57:aa:e2:3c:14:a3:04:31:6d:
e2:b1:64:23:ee:3c:8b:13:b0:e5:a3:6c:e6:6b:4a:3d:8d:f3:
cb:9c:e2:03:1c:c6:8a:62:1b:46:5a:6e:c7:80:bb:7c:d3:43:
52:3d:e1:97:51:e1:11:b2:44:79:38:4c:fa:32:0d:ec:50:e1:
9f:5f:42:04:a8:d7:25:12:26:0f:6d:c8:7d:12:96:91:7e:10:
b5:5e:e2:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMy
MDM4MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2RkJGNDNCQ0ZBMEY5
N0Q2QkZFMEU5RDlBRjA5RUJEMkM1MTZCNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWDZcN2lNq94wrueMj1sszBXMZcxlfm2L8yCZcfJ+cqPUOH8Xq
m8Zt6JSPFdcKo/yzOTA7lQirq3yxwi/V+mKMZF6kW9gWY4O2M99hJDe14YKJMXHw
AwcUnfnowyoTVRtDENcWASbLsqt+1eTyOtp9wA59CpDf6f1hxO6n5H+C/TO5kJti
OxeCiCTU2xu8S9nntPJsnUa+ugwWTjxGWX/1xj3UAKvzSjGHJENCP2ccAh5ACa6I
xZumvItPhZkywT+swzMODd+mbH96D5rk6CmCk5jOQvhsl0hZE6MoRDX7JUzCy546
NjfAoQnOgXxEoOmvinkcKgK/H5KXu8yJgWw1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBvv0O8+g+X1r/g6dmvCevSxRa0cwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CdnYwTzgtZy1YMXJfZzZk
bXZDZXZTeFJhMGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABNFruO45onbJqx0oh00j3xDOKKW9FD7V0XG
yLavwsxLCAQi7KZVGwArXcLfpKwVL6vNq6+TKw0ZqrtUygtZn8Bim533FUmeL9nK
7Vx91s9IcYY9Yn/XjfotSvLGnrNyqBgYhNsKE5Q04AHxiKYb3SibpDnuK75QG/my
5ohK/Jy+iAnfuWV2pjDcuXjbQn5L9tK3W3olPji8Sxo0eeJjDb3mw0BSpjG1OCL4
nleq4jwUowQxbeKxZCPuPIsTsOWjbOZrSj2N88uc4gMcxopiG0ZabseAu3zTQ1I9
4ZdR4RGyRHk4TPoyDexQ4Z9fQgSo1yUSJg9tyH0SlpF+ELVe4lU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:33:10 2025 by rpki-client