Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EGuj0aVnMNWBu3ANiz6LGOsUdnI.roa
File: EGuj0aVnMNWBu3ANiz6LGOsUdnI.roa (raw, json)
Hash identifier: E0UZBW4QM+q3KJhQNHuP8GKGYcSiwmWRimqsa7Cl4Mo=
Subject key identifier: 10:6B:A3:D1:A5:67:30:D5:81:BB:70:0D:8B:3E:8B:18:EB:14:76:72
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0700
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EGuj0aVnMNWBu3ANiz6LGOsUdnI.roa
Signing time: Fri 16 May 2025 10:08:28 +0000
ROA not before: Fri 16 May 2025 10:08:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1792 (0x700)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 10:08:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=106BA3D1A56730D581BB700D8B3E8B18EB147672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a0:fa:d1:eb:75:8c:43:bf:f5:3b:46:7b:33:
af:54:54:8b:cd:71:63:ef:a8:53:57:ca:bd:f3:81:
75:15:ea:d2:eb:3e:5c:5c:97:42:29:c1:f0:47:45:
a6:2d:e4:cd:e4:39:8d:df:9d:47:aa:61:85:6a:de:
f2:29:c3:ca:15:b4:df:87:fd:56:5c:10:34:78:68:
a4:79:cd:b2:4f:e9:5b:6d:90:9c:7c:9e:54:43:59:
ad:bc:05:f6:0f:c8:24:a6:b1:c2:58:14:7b:c0:e9:
e9:a2:3c:30:54:30:ff:ae:e4:49:91:e4:c4:b9:d7:
36:67:10:e8:09:cc:90:ad:75:68:b9:9a:e3:3d:a1:
26:21:88:a3:a1:a3:2f:37:0c:65:a9:1d:0f:86:b4:
0d:86:aa:47:27:68:87:83:67:6b:a3:88:71:6c:49:
e4:5a:64:a4:3b:5e:38:0c:5e:c3:da:ef:24:ac:18:
08:90:c7:b9:d9:76:5d:39:6d:89:66:ff:54:88:a5:
3f:6a:3a:9b:53:ef:dc:0d:92:d3:5a:8c:58:ee:f8:
9e:90:2d:8f:03:23:58:2e:d0:1b:bc:ad:7e:12:ae:
73:ec:4f:8f:83:0d:22:c6:9c:1c:54:50:36:de:56:
93:90:c1:f7:de:3d:65:68:3f:f2:5c:02:f7:50:0e:
9d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6B:A3:D1:A5:67:30:D5:81:BB:70:0D:8B:3E:8B:18:EB:14:76:72
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EGuj0aVnMNWBu3ANiz6LGOsUdnI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:7f:2f:27:47:3f:ff:b8:d6:08:f5:0f:a7:45:c4:53:cb:ec:
b5:5f:3f:bc:fd:27:78:4f:41:5e:2f:75:16:fe:31:e8:55:cb:
da:98:c9:e4:95:5b:b7:bd:b7:a7:60:82:c5:e8:cb:0a:20:e4:
24:6d:36:ee:e7:43:25:c2:d3:f6:4a:30:14:cd:3a:a2:fb:ac:
fa:1f:c9:31:c4:fe:af:96:82:b7:ae:b2:c8:be:d2:49:d1:28:
93:e1:11:6d:02:56:21:88:86:30:4a:b5:76:68:23:2d:4b:6d:
08:a3:2b:7e:e7:51:8a:6c:46:5a:e9:c8:05:ce:e6:ad:25:79:
00:f1:d4:6a:06:6c:82:72:61:84:f0:c2:14:f9:56:5b:54:b0:
5c:be:8d:60:57:81:8c:a6:fd:35:5a:2b:62:6a:b0:03:40:b9:
7f:4a:fb:ff:14:ad:5d:c1:f5:b3:00:64:5e:52:75:d0:4a:32:
fc:4a:b9:cc:97:44:43:ea:01:4f:c8:f8:e9:52:db:c5:45:46:
bf:2b:bb:b3:1a:d0:8b:1c:da:e3:91:26:06:ac:6c:9a:c5:72:
19:3f:d5:cf:49:ae:05:b4:78:ca:63:29:73:5b:cc:5c:63:4d:
80:68:18:34:3f:34:99:41:2c:1d:f1:65:6b:c1:64:ee:8c:33:
f5:f2:5e:33
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBwAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MDA4MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEwNkJBM0QxQTU2NzMw
RDU4MUJCNzAwRDhCM0U4QjE4RUIxNDc2NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwoPrR63WMQ7/1O0Z7M69UVIvNcWPvqFNXyr3zgXUV6tLrPlxc
l0IpwfBHRaYt5M3kOY3fnUeqYYVq3vIpw8oVtN+H/VZcEDR4aKR5zbJP6VttkJx8
nlRDWa28BfYPyCSmscJYFHvA6emiPDBUMP+u5EmR5MS51zZnEOgJzJCtdWi5muM9
oSYhiKOhoy83DGWpHQ+GtA2GqkcnaIeDZ2ujiHFsSeRaZKQ7XjgMXsPa7ySsGAiQ
x7nZdl05bYlm/1SIpT9qOptT79wNktNajFju+J6QLY8DI1gu0Bu8rX4SrnPsT4+D
DSLGnBxUUDbeVpOQwffePWVoP/JcAvdQDp2jAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEGuj0aVnMNWBu3ANiz6LGOsUdnIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FR3VqMGFWbk1OV0J1M0FO
aXo2TEdPc1Vkbkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIV/LydHP/+41gj1D6dFxFPL7LVfP7z9J3hP
QV4vdRb+MehVy9qYyeSVW7e9t6dggsXoywog5CRtNu7nQyXC0/ZKMBTNOqL7rPof
yTHE/q+Wgreussi+0knRKJPhEW0CViGIhjBKtXZoIy1LbQijK37nUYpsRlrpyAXO
5q0leQDx1GoGbIJyYYTwwhT5VltUsFy+jWBXgYym/TVaK2JqsANAuX9K+/8UrV3B
9bMAZF5SddBKMvxKucyXREPqAU/I+OlS28VFRr8ru7Ma0Isc2uORJgasbJrFchk/
1c9JrgW0eMpjKXNbzFxjTYBoGDQ/NJlBLB3xZWvBZO6MM/XyXjM=
-----END CERTIFICATE-----
Generated at Sun May 18 12:22:45 2025 by rpki-client