Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/vBHBkiDlRp6OfsnZSKwDHSpILGk.roa
File: vBHBkiDlRp6OfsnZSKwDHSpILGk.roa (raw, json)
Hash identifier: NuoPUcX5m8OqJWq7LqavbZCli7OAX+wfuHGFwKkzkCM=
Subject key identifier: BC:11:C1:92:20:E5:46:9E:8E:7E:C9:D9:48:AC:03:1D:2A:48:2C:69
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03BC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vBHBkiDlRp6OfsnZSKwDHSpILGk.roa
Signing time: Mon 12 May 2025 01:37:55 +0000
ROA not before: Mon 12 May 2025 01:37:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 956 (0x3bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 01:37:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BC11C19220E5469E8E7EC9D948AC031D2A482C69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:34:99:3c:ea:9b:4b:7b:73:95:6c:fa:4d:6f:
9c:1a:ab:04:c5:7a:a6:cb:4a:7a:8a:08:4a:b7:50:
6d:10:ec:76:64:dd:69:98:74:b1:f1:c0:dc:df:17:
a4:d8:38:0c:aa:f0:07:22:42:3d:5c:6f:0c:15:cb:
cb:fa:17:73:6a:09:e0:cd:6c:29:42:fb:98:93:46:
ce:50:19:24:91:c7:54:4a:d7:f9:79:39:e8:3e:64:
a8:4a:b2:4c:d5:36:41:b4:f3:85:6a:40:8f:cf:ee:
30:44:34:9a:2d:a6:93:b0:ad:4a:c4:30:70:d9:28:
ce:ba:5b:a7:bd:54:e1:24:92:c8:1c:52:d5:f1:4d:
24:10:12:1e:32:88:c5:07:5e:8b:fc:66:b0:95:80:
9c:08:bd:be:c0:04:2c:7f:35:ef:88:16:23:09:dc:
d9:29:76:7e:e7:78:48:85:b4:94:48:97:17:b9:2d:
f1:7a:a1:9d:17:f1:4e:6e:76:a1:a6:9d:59:fd:c2:
27:95:f1:1a:0e:37:01:8c:50:63:bf:91:ce:cf:cf:
6b:d5:d5:e0:14:72:06:20:7d:6a:1b:d0:dc:08:f2:
75:b9:bd:7b:ef:7c:a4:a0:53:b8:5e:7c:c6:62:19:
c3:01:c3:4f:e3:65:86:e9:5f:22:14:98:59:9a:11:
c2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:11:C1:92:20:E5:46:9E:8E:7E:C9:D9:48:AC:03:1D:2A:48:2C:69
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vBHBkiDlRp6OfsnZSKwDHSpILGk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:32:0b:0f:9f:e4:51:32:e8:28:5e:50:4c:69:25:80:8d:b6:
f4:3d:1c:61:e2:f0:7b:b5:9c:e0:b5:39:f4:eb:e2:22:37:1b:
ff:d5:4b:53:15:7f:d7:7f:d2:e1:60:66:af:7d:d8:ab:9f:af:
03:92:74:e3:4d:5c:a6:5b:47:13:4f:e2:5b:2a:a5:91:f7:16:
f3:e9:54:da:9f:0b:fa:30:d2:d2:f8:8d:d2:e5:59:0f:e1:15:
6f:45:74:12:c8:6d:b4:df:9b:93:60:8b:96:f3:be:80:ed:9a:
42:7d:46:ce:3e:bd:d7:62:39:11:1c:12:be:94:cd:4a:cb:8e:
f5:e1:eb:2a:bb:ec:b3:3b:e7:bf:5b:a5:55:76:bc:d8:13:01:
17:0f:76:88:55:68:65:05:7e:b1:40:8b:0e:f3:fc:b9:5d:82:
53:00:00:60:36:cb:c6:a1:96:75:e3:0c:cd:b8:ee:75:2d:86:
c8:fb:e1:4b:6d:3a:05:1b:49:d7:48:d3:f3:b3:73:e3:86:1f:
b4:76:12:60:d0:f9:4b:68:91:47:6a:a2:58:ff:24:de:3b:9e:
b4:5c:a1:e4:6b:1f:03:f1:33:e9:c6:02:40:71:ff:80:49:99:
1f:17:77:2d:60:76:cc:27:d6:d7:51:bc:10:b3:ff:90:eb:39:
1d:93:fe:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA7wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
MTM3NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJDMTFDMTkyMjBFNTQ2
OUU4RTdFQzlEOTQ4QUMwMzFEMkE0ODJDNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjNJk86ptLe3OVbPpNb5waqwTFeqbLSnqKCEq3UG0Q7HZk3WmY
dLHxwNzfF6TYOAyq8AciQj1cbwwVy8v6F3NqCeDNbClC+5iTRs5QGSSRx1RK1/l5
Oeg+ZKhKskzVNkG084VqQI/P7jBENJotppOwrUrEMHDZKM66W6e9VOEkksgcUtXx
TSQQEh4yiMUHXov8ZrCVgJwIvb7ABCx/Ne+IFiMJ3Nkpdn7neEiFtJRIlxe5LfF6
oZ0X8U5udqGmnVn9wieV8RoONwGMUGO/kc7Pz2vV1eAUcgYgfWob0NwI8nW5vXvv
fKSgU7hefMZiGcMBw0/jZYbpXyIUmFmaEcITAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvBHBkiDlRp6OfsnZSKwDHSpILGkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92QkhCa2lEbFJwNk9mc25a
U0t3REhTcElMR2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK0yCw+f5FEy6CheUExpJYCNtvQ9HGHi8Hu1
nOC1OfTr4iI3G//VS1MVf9d/0uFgZq992KufrwOSdONNXKZbRxNP4lsqpZH3FvPp
VNqfC/ow0tL4jdLlWQ/hFW9FdBLIbbTfm5Ngi5bzvoDtmkJ9Rs4+vddiOREcEr6U
zUrLjvXh6yq77LM7579bpVV2vNgTARcPdohVaGUFfrFAiw7z/LldglMAAGA2y8ah
lnXjDM247nUthsj74UttOgUbSddI0/Ozc+OGH7R2EmDQ+UtokUdqolj/JN47nrRc
oeRrHwPxM+nGAkBx/4BJmR8Xdy1gdswn1tdRvBCz/5DrOR2T/mU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:23 2025 by rpki-client