Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ZAp1TaTqfvU-eGSRR6IJbsdmGnY.roa
File: ZAp1TaTqfvU-eGSRR6IJbsdmGnY.roa (raw, json)
Hash identifier: SoioAahrpS9IDHtVh/APl9StBnenIzZowfl0Cuaq4cA=
Subject key identifier: 64:0A:75:4D:A4:EA:7E:F5:3E:78:64:91:47:A2:09:6E:C7:66:1A:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A60
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZAp1TaTqfvU-eGSRR6IJbsdmGnY.roa
Signing time: Wed 11 Jun 2025 06:09:50 +0000
ROA not before: Wed 11 Jun 2025 06:09:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6752 (0x1a60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 06:09:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=640A754DA4EA7EF53E78649147A2096EC7661A76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d1:5c:a7:20:30:ba:3a:d6:37:f8:a5:ba:0d:
eb:65:a9:49:a2:b5:3f:09:dd:3f:c0:7f:ef:50:8b:
86:a2:83:11:fb:2f:99:08:22:88:68:cd:e5:5c:d9:
f1:ad:a1:d6:64:e0:2c:fd:c9:1c:c2:08:7d:f5:a4:
b5:f1:e9:46:ac:40:8a:e1:1d:c8:ef:0c:f1:65:07:
1e:93:31:30:5a:4b:e2:ab:6c:bb:1d:56:b3:4c:a1:
9d:5e:d7:3f:58:fe:cb:8d:1c:01:40:e7:05:41:91:
e9:30:74:dc:53:07:e1:75:d6:a2:4e:63:ac:42:e2:
c3:15:78:7e:07:5b:4d:c4:b6:df:5b:71:59:f0:18:
a8:48:10:bf:93:21:d4:31:49:6a:e7:09:39:8d:54:
5a:e5:26:13:98:dd:3b:ec:5d:04:ce:c7:fc:ee:c0:
fa:a1:e6:d4:b1:6a:75:f1:de:9e:17:b3:1a:8e:ec:
d8:14:80:7c:c9:9b:08:bc:1e:94:33:1e:66:79:5f:
7e:a0:90:96:32:62:b4:2f:0d:50:c8:d9:29:7c:a0:
56:d4:5e:80:c4:bb:47:52:fc:ae:aa:ed:f0:73:45:
47:14:d0:c9:57:e6:9b:cf:de:48:5f:8c:34:c0:9c:
a1:44:73:6d:7a:8d:83:e1:c0:5f:28:ac:c6:58:b2:
45:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0A:75:4D:A4:EA:7E:F5:3E:78:64:91:47:A2:09:6E:C7:66:1A:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZAp1TaTqfvU-eGSRR6IJbsdmGnY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:81:4f:ff:6a:cf:aa:9f:90:37:eb:66:7a:c2:fd:f9:1c:f6:
4b:10:7c:e1:f5:6f:12:bd:49:79:dd:24:86:94:03:a0:09:ef:
8b:1b:7c:a7:14:30:60:7b:a2:43:ff:23:d0:7d:6d:47:5d:b0:
af:cf:cb:cb:8c:18:cc:e0:34:f0:33:bf:63:d0:96:d1:02:c2:
a3:22:79:e4:1e:59:ed:b9:e7:f2:50:1c:a4:d6:b4:db:aa:ef:
a9:a7:74:a1:66:97:67:41:f4:8d:cf:8f:12:02:16:dc:26:31:
75:b6:e5:6f:a1:9a:64:94:b8:78:e2:2b:0a:76:5a:5c:51:dc:
ac:3f:19:e0:eb:85:03:94:3e:df:68:6e:08:44:da:47:9d:53:
e0:1d:32:de:66:b0:36:02:90:e8:c0:1a:11:04:34:49:d8:10:
60:c6:e2:aa:6c:1b:95:90:37:06:a6:52:2c:d8:58:44:86:87:
a4:10:4a:39:dc:9a:d9:b0:e8:06:b4:86:fc:cc:cc:e1:52:c4:
35:9f:80:05:76:1c:ba:5b:2e:0a:ae:29:9a:b0:94:bd:93:91:
47:73:09:91:1d:07:1a:f6:67:c7:cc:75:c5:fa:07:ff:f3:fc:
b3:5d:5d:83:ee:96:e9:eb:76:b1:0a:80:de:e9:fe:80:ec:f8:
77:6d:b4:b0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGmAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
NjA5NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY0MEE3NTREQTRFQTdF
RjUzRTc4NjQ5MTQ3QTIwOTZFQzc2NjFBNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZ0VynIDC6OtY3+KW6DetlqUmitT8J3T/Af+9Qi4aigxH7L5kI
IohozeVc2fGtodZk4Cz9yRzCCH31pLXx6UasQIrhHcjvDPFlBx6TMTBaS+KrbLsd
VrNMoZ1e1z9Y/suNHAFA5wVBkekwdNxTB+F11qJOY6xC4sMVeH4HW03Ett9bcVnw
GKhIEL+TIdQxSWrnCTmNVFrlJhOY3TvsXQTOx/zuwPqh5tSxanXx3p4XsxqO7NgU
gHzJmwi8HpQzHmZ5X36gkJYyYrQvDVDI2Sl8oFbUXoDEu0dS/K6q7fBzRUcU0MlX
5pvP3khfjDTAnKFEc216jYPhwF8orMZYskUTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZAp1TaTqfvU+eGSRR6IJbsdmGnYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aQXAxVGFUcWZ2VS1lR1NS
UjZJSmJzZG1Hblkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEeBT/9qz6qfkDfrZnrC/fkc9ksQfOH1bxK9
SXndJIaUA6AJ74sbfKcUMGB7okP/I9B9bUddsK/Py8uMGMzgNPAzv2PQltECwqMi
eeQeWe255/JQHKTWtNuq76mndKFml2dB9I3PjxICFtwmMXW25W+hmmSUuHjiKwp2
WlxR3Kw/GeDrhQOUPt9obghE2kedU+AdMt5msDYCkOjAGhEENEnYEGDG4qpsG5WQ
NwamUizYWESGh6QQSjncmtmw6Aa0hvzMzOFSxDWfgAV2HLpbLgquKZqwlL2TkUdz
CZEdBxr2Z8fMdcX6B//z/LNdXYPulunrdrEKgN7p/oDs+HdttLA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:14 2025 by rpki-client