Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/eSWVOBZHnDtYew9IFZFcQipn73M.roa
File: eSWVOBZHnDtYew9IFZFcQipn73M.roa (raw, json)
Hash identifier: xoM45XpuAVi9afm+/vxoQKb930KviIEMnICBWeW5mjQ=
Subject key identifier: 79:25:95:38:16:47:9C:3B:58:7B:0F:48:15:91:5C:42:2A:67:EF:73
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 173C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eSWVOBZHnDtYew9IFZFcQipn73M.roa
Signing time: Sat 07 Jun 2025 01:39:28 +0000
ROA not before: Sat 07 Jun 2025 01:39:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5948 (0x173c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 01:39:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7925953816479C3B587B0F4815915C422A67EF73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:1d:f5:75:59:74:ef:c6:81:2b:9c:1f:fe:
9c:14:ab:16:b5:3c:c8:05:d2:ab:41:21:8f:c3:58:
b4:ff:01:b8:86:4f:48:78:7b:dc:23:a0:fb:35:07:
be:ae:f9:99:58:35:c7:ed:02:07:e5:a5:f7:5d:55:
78:ea:ce:ae:c7:39:2a:ad:cb:4a:60:70:ba:00:4f:
c4:a4:fc:75:e8:bb:f6:b4:59:d0:d5:dd:4f:e2:97:
d2:e6:65:2b:55:de:d8:dc:ea:00:c9:51:23:a2:d2:
2e:b6:45:88:45:f9:29:e7:54:8b:82:0f:15:8f:53:
33:d3:c6:72:e4:37:30:bc:c7:c7:aa:bf:14:a1:09:
48:b6:85:ae:c7:e1:39:29:5e:48:d5:a5:3f:e7:e1:
5f:5e:6f:26:d6:8d:c3:7b:73:27:db:e7:02:e1:16:
9a:b2:db:a9:fb:c1:a2:fc:23:2e:87:36:c0:17:38:
48:d9:a4:74:bd:8e:dc:5c:ca:92:4d:d6:70:9c:d8:
2e:00:26:d5:4e:f8:62:6f:75:f8:24:d7:97:9f:a6:
53:de:09:f1:72:44:38:6f:51:34:c5:1e:2d:dd:22:
da:69:1d:05:c3:d7:de:cf:89:30:a5:f7:28:7c:db:
ce:a8:99:f9:0f:3a:a3:a5:8f:3a:2c:04:fa:01:5b:
33:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:25:95:38:16:47:9C:3B:58:7B:0F:48:15:91:5C:42:2A:67:EF:73
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eSWVOBZHnDtYew9IFZFcQipn73M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:0d:a0:1c:a4:9c:c4:19:11:ca:e3:46:ca:02:2c:2c:c9:75:
a5:4b:ae:51:4d:e3:94:b8:e6:5f:98:7a:89:4a:f4:dd:a9:46:
57:80:7b:25:5b:08:b9:6e:f0:6d:e6:bb:3a:2e:88:ea:50:dd:
8e:58:41:f4:e9:ce:4e:22:d7:79:12:63:f8:71:75:eb:7e:b0:
78:62:65:14:c7:11:40:45:d0:a9:d9:ef:27:6a:da:39:ad:76:
f1:3f:17:cf:25:de:68:b3:ac:20:ce:48:f2:37:ba:a1:e6:1d:
07:cc:45:42:ef:14:6e:06:df:3e:5d:92:a1:0f:7c:0d:3d:34:
80:11:2b:82:9c:d5:44:76:fc:94:d5:0a:a5:81:36:aa:55:20:
f8:bb:24:72:3a:cb:2e:a2:0f:bc:c7:5d:6f:16:6c:b3:ce:88:
b0:c6:e8:ee:9f:1b:25:c9:69:b5:c4:dc:e4:08:42:dc:af:dd:
3f:21:eb:86:2c:03:12:36:8c:fe:75:30:4c:14:d6:d8:64:b5:
c8:9a:e4:a2:ad:9f:52:e2:36:20:83:57:8f:9b:b8:ed:39:fe:
4b:3a:14:85:81:51:f8:16:77:72:b2:c3:3a:f0:fd:40:27:af:
81:5f:40:94:3a:d2:17:75:93:f4:57:f5:e7:15:e1:95:dd:4e:
05:fb:4d:e3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFzwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcw
MTM5MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc5MjU5NTM4MTY0NzlD
M0I1ODdCMEY0ODE1OTE1QzQyMkE2N0VGNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDY1x31dVl078aBK5wf/pwUqxa1PMgF0qtBIY/DWLT/AbiGT0h4
e9wjoPs1B76u+ZlYNcftAgflpfddVXjqzq7HOSqty0pgcLoAT8Sk/HXou/a0WdDV
3U/il9LmZStV3tjc6gDJUSOi0i62RYhF+SnnVIuCDxWPUzPTxnLkNzC8x8eqvxSh
CUi2ha7H4TkpXkjVpT/n4V9ebybWjcN7cyfb5wLhFpqy26n7waL8Iy6HNsAXOEjZ
pHS9jtxcypJN1nCc2C4AJtVO+GJvdfgk15efplPeCfFyRDhvUTTFHi3dItppHQXD
197PiTCl9yh8286omfkPOqOljzosBPoBWzPnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUeSWVOBZHnDtYew9IFZFcQipn73MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lU1dWT0JaSG5EdFlldzlJ
RlpGY1FpcG43M00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAI0NoByknMQZEcrjRsoCLCzJdaVLrlFN45S4
5l+YeolK9N2pRleAeyVbCLlu8G3muzouiOpQ3Y5YQfTpzk4i13kSY/hxdet+sHhi
ZRTHEUBF0KnZ7ydq2jmtdvE/F88l3mizrCDOSPI3uqHmHQfMRULvFG4G3z5dkqEP
fA09NIARK4Kc1UR2/JTVCqWBNqpVIPi7JHI6yy6iD7zHXW8WbLPOiLDG6O6fGyXJ
abXE3OQIQtyv3T8h64YsAxI2jP51MEwU1thktcia5KKtn1LiNiCDV4+buO05/ks6
FIWBUfgWd3Kywzrw/UAnr4FfQJQ60hd1k/RX9ecV4ZXdTgX7TeM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:36:10 2025 by rpki-client