Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dezT93KlmvsiaNE--oj-JiyfQEY.roa
File: dezT93KlmvsiaNE--oj-JiyfQEY.roa (raw, json)
Hash identifier: 6MMZ4WzODLzLyzn2Sj1m/+Cov5ak5IbdwwVIm/Q1YKA=
Subject key identifier: 75:EC:D3:F7:72:A5:9A:FB:22:68:D1:3E:FA:88:FE:26:2C:9F:40:46
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B64
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dezT93KlmvsiaNE--oj-JiyfQEY.roa
Signing time: Thu 22 May 2025 06:38:25 +0000
ROA not before: Thu 22 May 2025 06:38:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2916 (0xb64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 06:38:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=75ECD3F772A59AFB2268D13EFA88FE262C9F4046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7b:33:0b:fb:f2:ac:92:6b:29:b2:05:b4:6d:
16:62:13:9e:d8:fc:e8:e5:d0:1a:3e:c2:c0:39:47:
a9:b4:8e:e8:67:49:08:cc:c8:7b:bb:d2:79:8d:b5:
99:ac:d6:82:b6:fd:e0:5a:b8:c9:bd:b0:36:e4:e6:
04:ab:d8:e7:9a:61:90:dd:6b:d3:64:29:cb:87:9a:
01:a9:f2:3d:4e:7e:e4:0e:32:d3:01:bc:bc:eb:ff:
9f:d1:02:98:96:d1:ef:2d:4f:4b:3f:29:80:1f:36:
93:9a:d6:ea:2b:fb:21:ac:b1:74:b9:58:59:38:3d:
1c:b3:d4:31:38:76:8f:12:b4:dd:c9:9c:bd:05:c7:
ec:c4:89:29:dd:23:66:60:e5:78:0f:43:76:7e:d1:
15:64:23:c0:a9:7f:91:b8:20:36:1a:b9:8e:0b:a8:
e4:7d:a9:4e:96:57:2a:4f:96:d3:ac:f3:0f:54:e4:
56:bd:54:8e:32:02:1d:60:8b:ba:3c:b7:24:80:00:
34:30:bb:09:77:c6:93:d8:6c:da:6b:ac:0a:f7:e4:
47:b5:7a:54:26:c0:e2:16:e3:71:5e:be:75:c6:df:
fd:c8:00:05:82:e6:cf:09:3f:47:89:eb:90:50:ba:
a3:4d:33:99:fe:fc:7d:e3:6c:c0:55:5e:87:50:f3:
9f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:EC:D3:F7:72:A5:9A:FB:22:68:D1:3E:FA:88:FE:26:2C:9F:40:46
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dezT93KlmvsiaNE--oj-JiyfQEY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:92:d4:0a:6d:83:8f:e2:2d:bd:7f:63:f1:23:9f:d2:d5:43:
1d:a9:31:ca:fe:f8:01:24:49:79:87:93:ef:08:c1:47:c4:65:
67:c6:27:28:67:a8:e7:63:97:bc:c9:f6:ff:55:e9:8a:47:1e:
d7:73:45:19:b2:b4:48:7c:aa:a4:de:64:ef:75:5b:c2:3d:d2:
74:eb:a6:c2:a6:65:6b:04:55:b2:63:22:32:81:7c:aa:14:15:
59:f3:80:8f:39:4c:62:7f:87:4a:f1:ae:da:d0:98:06:bd:a8:
a1:15:b4:45:e8:a3:03:75:aa:4c:c9:98:f9:3b:87:b7:83:98:
bf:7f:e1:dc:c7:9a:e5:df:24:0f:eb:0a:25:6a:20:e8:a4:1d:
31:1d:b0:b5:da:3f:d3:37:65:5a:48:e7:b2:20:97:5a:76:49:
ec:df:a2:37:db:41:cc:8d:73:d6:fd:4a:ed:6b:75:fb:7d:89:
45:1c:27:9f:8b:5f:4b:75:1a:2b:e1:b0:22:e4:39:58:f2:f3:
88:e4:ee:19:41:b0:9d:b0:c6:ad:3d:20:02:20:ed:00:84:34:
bc:53:a3:4d:8c:a8:0f:4c:d7:6b:27:22:51:6c:10:ca:b7:a1:
b9:97:f2:4f:4d:59:e5:8a:19:5b:ce:c3:9a:48:10:ae:45:95:
5e:b4:de:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
NjM4MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc1RUNEM0Y3NzJBNTlB
RkIyMjY4RDEzRUZBODhGRTI2MkM5RjQwNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpezML+/KskmspsgW0bRZiE57Y/Ojl0Bo+wsA5R6m0juhnSQjM
yHu70nmNtZms1oK2/eBauMm9sDbk5gSr2OeaYZDda9NkKcuHmgGp8j1OfuQOMtMB
vLzr/5/RApiW0e8tT0s/KYAfNpOa1uor+yGssXS5WFk4PRyz1DE4do8StN3JnL0F
x+zEiSndI2Zg5XgPQ3Z+0RVkI8Cpf5G4IDYauY4LqOR9qU6WVypPltOs8w9U5Fa9
VI4yAh1gi7o8tySAADQwuwl3xpPYbNprrAr35Ee1elQmwOIW43FevnXG3/3IAAWC
5s8JP0eJ65BQuqNNM5n+/H3jbMBVXodQ859tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdezT93KlmvsiaNE++oj+JiyfQEYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kZXpUOTNLbG12c2lhTkUt
LW9qLUppeWZRRVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEuS1Aptg4/iLb1/Y/Ejn9LVQx2pMcr++AEk
SXmHk+8IwUfEZWfGJyhnqOdjl7zJ9v9V6YpHHtdzRRmytEh8qqTeZO91W8I90nTr
psKmZWsEVbJjIjKBfKoUFVnzgI85TGJ/h0rxrtrQmAa9qKEVtEXoowN1qkzJmPk7
h7eDmL9/4dzHmuXfJA/rCiVqIOikHTEdsLXaP9M3ZVpI57Igl1p2SezfojfbQcyN
c9b9Su1rdft9iUUcJ5+LX0t1GivhsCLkOVjy84jk7hlBsJ2wxq09IAIg7QCENLxT
o02MqA9M12snIlFsEMq3obmX8k9NWeWKGVvOw5pIEK5FlV603h0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:31:05 2025 by rpki-client