Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jEugssXMqB7hlnHyS9qWvcyPw5o.roa
File: jEugssXMqB7hlnHyS9qWvcyPw5o.roa (raw, json)
Hash identifier: FsgxC7xnIGDmTYAMqphs4ayqoU44v0nl36i/R1DVyo0=
Subject key identifier: 8C:4B:A0:B2:C5:CC:A8:1E:E1:96:71:F2:4B:DA:96:BD:CC:8F:C3:9A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0498
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jEugssXMqB7hlnHyS9qWvcyPw5o.roa
Signing time: Tue 13 May 2025 05:08:46 +0000
ROA not before: Tue 13 May 2025 05:08:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1176 (0x498)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 05:08:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8C4BA0B2C5CCA81EE19671F24BDA96BDCC8FC39A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b3:c6:81:fd:9d:96:0d:36:62:16:f0:53:d9:
68:81:d8:0d:cc:72:be:ec:a6:f7:9e:04:44:2a:b4:
fe:1c:eb:0d:9b:2f:b2:14:d6:d7:d0:df:c3:d0:3d:
f5:c5:73:83:fa:78:f9:eb:ea:d9:c3:16:79:f6:b7:
cf:c8:9a:b9:72:51:04:06:18:b3:a5:29:83:f5:6e:
9d:5a:b7:cd:27:b5:14:ba:24:80:17:4d:8f:76:a3:
ec:16:64:4a:cd:b2:39:c2:a3:13:ce:28:c4:8f:50:
9d:59:67:4a:bb:58:ea:cd:5e:40:db:59:bb:a2:f6:
9b:7a:65:8f:21:fe:ac:b6:e8:13:db:89:f9:36:31:
79:6f:5c:cc:df:7f:bb:89:8e:8e:c4:91:d5:77:b2:
35:33:e0:2f:11:b4:0d:ca:ee:6a:eb:e0:c9:49:59:
2a:39:55:05:d6:e5:24:40:b2:f8:a3:55:6f:27:7e:
72:d8:43:c4:9c:69:d2:69:98:58:fc:70:bb:58:f6:
60:ae:00:98:d6:c7:6b:4d:ca:c7:19:05:cb:58:77:
4f:98:ba:d7:59:17:3d:53:2f:e5:bd:5e:ef:1b:20:
76:72:ac:80:26:78:86:d9:6f:d2:56:d0:3d:58:f0:
b9:9d:5c:84:c6:e3:2b:83:fc:de:c8:8e:ae:6e:f6:
c0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:4B:A0:B2:C5:CC:A8:1E:E1:96:71:F2:4B:DA:96:BD:CC:8F:C3:9A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jEugssXMqB7hlnHyS9qWvcyPw5o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:0e:1e:62:3f:2f:42:a5:d9:de:94:e7:94:c1:eb:26:5d:16:
25:26:3d:29:50:f0:5f:30:fd:3a:3c:c9:c6:da:f0:f6:b5:1a:
af:f2:f4:ce:b9:b8:c7:67:88:d8:41:ab:8b:e2:86:ff:56:39:
a2:f7:3c:a2:7c:4a:41:c2:62:88:11:85:37:30:a9:10:27:fc:
e7:8b:2d:0d:0f:9b:30:32:36:70:32:b0:14:51:ef:4f:4e:d5:
4f:0c:d5:33:57:7e:8e:75:a9:99:82:ae:7a:35:aa:c7:c5:44:
2b:a0:9b:b9:3f:37:80:a1:50:2d:d2:3a:fb:17:92:9b:1d:25:
1e:b3:fc:fe:07:58:92:68:e7:03:2e:87:fb:48:b2:18:d6:04:
85:9c:df:fc:54:34:5e:0f:4e:16:d2:44:3e:49:6b:f4:c4:47:
05:10:dc:79:3c:48:e6:61:1f:19:a3:ad:9f:de:63:66:d6:12:
bb:91:e7:2d:d1:a0:ec:b2:b5:5c:2e:62:49:1b:a5:e7:3f:d6:
6e:02:31:70:ca:d8:4f:b8:3a:75:1e:2e:c7:fd:36:bc:43:79:
49:13:61:75:da:d5:d2:2d:5e:15:27:31:b5:94:a7:1f:be:6f:
4c:10:e7:bf:c7:94:d6:56:db:fe:c3:8a:df:b5:60:6c:b4:e9:
3e:4a:87:f3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NTA4NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhDNEJBMEIyQzVDQ0E4
MUVFMTk2NzFGMjRCREE5NkJEQ0M4RkMzOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCis8aB/Z2WDTZiFvBT2WiB2A3Mcr7spveeBEQqtP4c6w2bL7IU
1tfQ38PQPfXFc4P6ePnr6tnDFnn2t8/ImrlyUQQGGLOlKYP1bp1at80ntRS6JIAX
TY92o+wWZErNsjnCoxPOKMSPUJ1ZZ0q7WOrNXkDbWbui9pt6ZY8h/qy26BPbifk2
MXlvXMzff7uJjo7EkdV3sjUz4C8RtA3K7mrr4MlJWSo5VQXW5SRAsvijVW8nfnLY
Q8ScadJpmFj8cLtY9mCuAJjWx2tNyscZBctYd0+YutdZFz1TL+W9Xu8bIHZyrIAm
eIbZb9JW0D1Y8LmdXITG4yuD/N7Ijq5u9sARAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjEugssXMqB7hlnHyS9qWvcyPw5owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qRXVnc3NYTXFCN2hsbkh5
UzlxV3ZjeVB3NW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAEQOHmI/L0Kl2d6U55TB6yZdFiUmPSlQ8F8w
/To8ycba8Pa1Gq/y9M65uMdniNhBq4vihv9WOaL3PKJ8SkHCYogRhTcwqRAn/OeL
LQ0PmzAyNnAysBRR709O1U8M1TNXfo51qZmCrno1qsfFRCugm7k/N4ChUC3SOvsX
kpsdJR6z/P4HWJJo5wMuh/tIshjWBIWc3/xUNF4PThbSRD5Ja/TERwUQ3Hk8SOZh
HxmjrZ/eY2bWEruR5y3RoOyytVwuYkkbpec/1m4CMXDK2E+4OnUeLsf9NrxDeUkT
YXXa1dItXhUnMbWUpx++b0wQ57/HlNZW2/7Dit+1YGy06T5Kh/M=
-----END CERTIFICATE-----
Generated at Sat May 17 19:49:59 2025 by rpki-client