Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/vHcj-fbcEP4ELIL3zrahwwpUDnM.roa
File: vHcj-fbcEP4ELIL3zrahwwpUDnM.roa (raw, json)
Hash identifier: OLwcwreB1h5WjL9AVWDAmg+3tELi4SxSlUqyJiYHQrc=
Subject key identifier: BC:77:23:F9:F6:DC:10:FE:04:2C:82:F7:CE:B6:A1:C3:0A:54:0E:73
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 201C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vHcj-fbcEP4ELIL3zrahwwpUDnM.roa
Signing time: Thu 19 Jun 2025 01:34:13 +0000
ROA not before: Thu 19 Jun 2025 01:34:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8220 (0x201c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 01:34:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BC7723F9F6DC10FE042C82F7CEB6A1C30A540E73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:46:35:7b:09:a0:14:a3:04:53:ad:51:f8:c6:
89:8f:fa:7c:91:00:b9:ba:51:98:fd:e8:b2:80:59:
c5:39:ae:43:ee:a8:97:48:b9:fa:60:ef:a9:0a:47:
3e:f3:df:00:44:36:41:a6:93:3d:11:18:d1:2c:52:
d6:9a:bf:de:59:3e:9a:1f:44:b8:09:c2:a7:68:f3:
8a:24:c1:3e:10:b5:81:52:9c:ba:33:66:c1:ca:7f:
38:47:03:a5:e9:49:fa:f9:f6:0d:16:a7:02:70:c3:
ca:d9:be:28:02:2e:ec:70:f6:0c:81:8f:59:9b:75:
b9:50:12:38:eb:ef:7f:56:19:30:6e:04:ee:00:55:
f8:e8:96:9a:20:4b:12:d9:36:73:05:4b:e6:12:c8:
47:4a:df:78:9b:cf:93:b9:30:89:31:48:a0:bc:41:
d5:ee:de:de:2b:0b:0d:3a:83:ee:d7:34:cd:92:30:
01:f1:8b:af:2d:91:72:b8:c7:8f:a5:5c:11:03:a3:
9d:78:47:d4:96:f5:20:0c:3e:4a:50:a7:e0:f8:ca:
d0:9c:71:ea:f5:9d:03:a3:69:e8:cf:71:e5:93:a8:
f9:4d:ca:46:17:95:35:8d:c1:a1:c5:68:f1:35:42:
e2:b1:a3:00:6c:8a:fe:df:05:dd:a6:cd:92:b0:26:
16:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:77:23:F9:F6:DC:10:FE:04:2C:82:F7:CE:B6:A1:C3:0A:54:0E:73
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vHcj-fbcEP4ELIL3zrahwwpUDnM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:f9:1f:e0:24:83:4e:94:1b:3d:9e:30:6e:d6:8c:fa:76:43:
74:61:9f:fa:4d:75:5e:86:21:9d:02:e2:bf:ae:e5:d6:73:cd:
b7:4c:f2:2e:34:d7:8f:4e:cd:5f:37:38:bb:15:88:33:30:bf:
27:52:db:51:41:5d:f8:eb:86:a7:8c:f1:d0:e6:6f:eb:7c:56:
fb:b0:97:eb:d1:59:80:85:39:dc:ff:d3:76:51:c6:a8:ee:58:
41:b0:22:d8:53:82:52:e8:9b:16:07:71:b6:01:99:1a:c1:eb:
d4:fd:bd:1f:13:0e:1f:41:ac:4c:3c:64:94:cf:47:7e:c4:1b:
a6:30:72:cd:e8:22:4e:69:a2:3a:74:03:51:da:98:8a:a8:af:
e6:48:f0:1a:19:3f:95:df:ef:0e:a9:b1:25:3f:b9:7a:d6:d7:
a6:ab:7c:93:b2:fd:86:09:0e:ec:ee:f4:f1:1c:06:1e:d0:e2:
97:72:ed:b6:b3:dd:5f:da:be:92:b5:eb:42:e6:51:35:57:d6:
0e:ff:cd:a1:0a:09:15:bf:ed:fc:09:d4:82:66:63:3e:df:6c:
95:94:a1:01:87:59:5c:1e:5b:7d:35:c4:bd:bf:68:2b:2d:62:
67:64:71:ff:ad:e1:7f:59:e4:45:74:0c:be:d3:c9:eb:ab:40:
10:80:e3:52
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIBwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
MTM0MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJDNzcyM0Y5RjZEQzEw
RkUwNDJDODJGN0NFQjZBMUMzMEE1NDBFNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8RjV7CaAUowRTrVH4xomP+nyRALm6UZj96LKAWcU5rkPuqJdI
ufpg76kKRz7z3wBENkGmkz0RGNEsUtaav95ZPpofRLgJwqdo84okwT4QtYFSnLoz
ZsHKfzhHA6XpSfr59g0WpwJww8rZvigCLuxw9gyBj1mbdblQEjjr739WGTBuBO4A
VfjolpogSxLZNnMFS+YSyEdK33ibz5O5MIkxSKC8QdXu3t4rCw06g+7XNM2SMAHx
i68tkXK4x4+lXBEDo514R9SW9SAMPkpQp+D4ytCccer1nQOjaejPceWTqPlNykYX
lTWNwaHFaPE1QuKxowBsiv7fBd2mzZKwJhbvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvHcj+fbcEP4ELIL3zrahwwpUDnMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92SGNqLWZiY0VQNEVMSUwz
enJhaHd3cFVEbk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADz5H+Akg06UGz2eMG7WjPp2Q3Rhn/pNdV6G
IZ0C4r+u5dZzzbdM8i40149OzV83OLsViDMwvydS21FBXfjrhqeM8dDmb+t8Vvuw
l+vRWYCFOdz/03ZRxqjuWEGwIthTglLomxYHcbYBmRrB69T9vR8TDh9BrEw8ZJTP
R37EG6Ywcs3oIk5pojp0A1HamIqor+ZI8BoZP5Xf7w6psSU/uXrW16arfJOy/YYJ
Duzu9PEcBh7Q4pdy7baz3V/avpK160LmUTVX1g7/zaEKCRW/7fwJ1IJmYz7fbJWU
oQGHWVweW301xL2/aCstYmdkcf+t4X9Z5EV0DL7TyeurQBCA41I=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:44 2025 by rpki-client