Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bVv3OTYdgokl450-SQfPHlih51o.roa
File: bVv3OTYdgokl450-SQfPHlih51o.roa (raw, json)
Hash identifier: PwVsWT5zUrq2qfixekDHubuVUxvVBFMzZrrdUVOBAXc=
Subject key identifier: 6D:5B:F7:39:36:1D:82:89:25:E3:9D:3E:49:07:CF:1E:58:A1:E7:5A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2060
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bVv3OTYdgokl450-SQfPHlih51o.roa
Signing time: Thu 19 Jun 2025 11:51:43 +0000
ROA not before: Thu 19 Jun 2025 11:51:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8288 (0x2060)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 11:51:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6D5BF739361D828925E39D3E4907CF1E58A1E75A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e9:05:d0:cc:95:32:03:b5:6e:3f:cd:89:1b:
fb:9b:07:e0:93:2e:59:3a:58:45:55:69:ac:67:1f:
25:f2:e7:fd:98:df:8d:27:af:7f:6f:fd:30:cd:62:
91:60:ab:f5:fc:98:83:a9:55:90:1a:8b:15:98:6a:
86:2a:45:41:51:f1:bb:32:1f:ca:9e:84:8d:e6:7e:
48:ef:31:22:df:b0:9a:28:56:23:06:22:c1:43:21:
1c:5a:4e:b2:4f:c0:87:3d:48:f8:6e:48:37:16:a6:
d1:ac:6e:1d:04:37:36:22:b7:05:37:f7:b5:73:e1:
df:c9:fb:9e:cf:3c:96:e7:df:23:70:d6:bb:aa:f9:
65:16:73:49:de:73:ee:11:40:68:bb:d7:42:f3:dd:
f2:43:10:38:0d:b9:a2:f6:65:39:19:73:a9:a6:18:
f8:a5:40:a1:e4:84:64:3f:8a:9e:06:6f:c1:e1:58:
df:cf:52:bb:6d:f4:db:78:51:05:8b:a7:9c:d6:2a:
b4:e5:1b:66:fb:95:95:83:b5:55:ce:2f:84:22:6d:
db:9c:e9:d2:fb:13:68:cb:81:5a:5b:79:8e:3e:40:
7f:ee:19:7a:1c:81:78:7e:4c:5e:c2:34:ae:a7:a1:
3c:f8:dc:0d:51:d7:b5:d9:2b:52:f0:5b:ec:c1:94:
92:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5B:F7:39:36:1D:82:89:25:E3:9D:3E:49:07:CF:1E:58:A1:E7:5A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bVv3OTYdgokl450-SQfPHlih51o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:8d:a2:7e:e4:fe:7b:8c:7a:04:1c:6a:f4:eb:90:20:f1:cc:
6f:8e:12:26:8b:c0:92:ab:d1:85:0a:92:91:be:9a:21:f4:4e:
27:64:8e:8f:61:f6:4a:c3:9e:27:66:11:03:c5:f1:4e:f9:43:
94:97:dd:74:88:1a:3a:7b:e4:33:31:d4:3a:d1:c8:66:bf:1e:
35:bb:77:0a:84:6c:69:a6:0f:1f:11:f0:da:1f:0f:f4:0d:39:
a2:f5:0b:dc:c9:b4:24:15:5f:a4:9c:40:8d:01:eb:7e:7b:f2:
01:a0:1a:72:ee:1a:86:74:73:02:55:7a:2b:a2:02:d8:86:84:
78:99:ee:1c:0b:21:04:30:31:c2:bc:3a:54:2a:35:35:83:f3:
1b:34:40:a7:68:fe:2e:e8:2c:f1:1b:92:35:30:cb:6b:6f:81:
1f:84:c6:8f:48:c5:fe:ea:8c:03:93:ec:ca:28:ce:a4:f1:06:
3e:a7:11:3c:01:a9:2e:68:fd:38:68:c6:a3:f0:4e:d4:8b:56:
02:f5:3c:44:8a:99:d8:f7:ac:9f:e1:da:9a:f5:b7:67:64:d1:
a4:2e:68:91:1a:d4:ac:47:5b:07:2e:d4:98:bb:db:2c:dd:1e:
09:4b:77:6b:e9:87:05:e0:8f:85:ba:2c:45:be:26:37:03:1a:
2e:59:96:0e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
MTUxNDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZENUJGNzM5MzYxRDgy
ODkyNUUzOUQzRTQ5MDdDRjFFNThBMUU3NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDp6QXQzJUyA7VuP82JG/ubB+CTLlk6WEVVaaxnHyXy5/2Y340n
r39v/TDNYpFgq/X8mIOpVZAaixWYaoYqRUFR8bsyH8qehI3mfkjvMSLfsJooViMG
IsFDIRxaTrJPwIc9SPhuSDcWptGsbh0ENzYitwU397Vz4d/J+57PPJbn3yNw1ruq
+WUWc0nec+4RQGi710Lz3fJDEDgNuaL2ZTkZc6mmGPilQKHkhGQ/ip4Gb8HhWN/P
Urtt9Nt4UQWLp5zWKrTlG2b7lZWDtVXOL4Qibduc6dL7E2jLgVpbeY4+QH/uGXoc
gXh+TF7CNK6noTz43A1R17XZK1LwW+zBlJLRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbVv3OTYdgokl450+SQfPHlih51owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iVnYzT1RZZGdva2w0NTAt
U1FmUEhsaWg1MW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAASNon7k/nuMegQcavTrkCDxzG+OEiaLwJKr
0YUKkpG+miH0Tidkjo9h9krDnidmEQPF8U75Q5SX3XSIGjp75DMx1DrRyGa/HjW7
dwqEbGmmDx8R8NofD/QNOaL1C9zJtCQVX6ScQI0B63578gGgGnLuGoZ0cwJVeiui
AtiGhHiZ7hwLIQQwMcK8OlQqNTWD8xs0QKdo/i7oLPEbkjUwy2tvgR+Exo9Ixf7q
jAOT7MoozqTxBj6nETwBqS5o/ThoxqPwTtSLVgL1PESKmdj3rJ/h2pr1t2dk0aQu
aJEa1KxHWwcu1Ji72yzdHglLd2vphwXgj4W6LEW+JjcDGi5Zlg4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:14 2025 by rpki-client