Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/E8GhVbsJijt76fw6NCchQiibgy8.roa
File: E8GhVbsJijt76fw6NCchQiibgy8.roa (raw, json)
Hash identifier: uCWIjZpR0t9tdF9Jzf2VM6ClKevCDl2lb1Y2Q7Yk0/U=
Subject key identifier: 13:C1:A1:55:BB:09:8A:3B:7B:E9:FC:3A:34:27:21:42:28:9B:83:2F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1ADC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E8GhVbsJijt76fw6NCchQiibgy8.roa
Signing time: Wed 11 Jun 2025 21:40:42 +0000
ROA not before: Wed 11 Jun 2025 21:40:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6876 (0x1adc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 21:40:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=13C1A155BB098A3B7BE9FC3A34272142289B832F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:38:d0:27:fa:cb:90:ac:2f:a0:16:b2:f8:a4:
bf:5a:b7:39:85:78:99:3c:d6:02:9e:89:f3:e6:7d:
24:2a:e7:94:48:52:ab:9a:93:54:d5:6d:27:52:a8:
b0:6f:41:c1:e7:95:33:64:68:7b:27:3d:cb:c7:59:
53:89:1c:88:39:a7:58:5f:5d:f1:cb:45:2a:94:8f:
3b:d3:5d:41:91:86:a9:19:5c:3e:d8:7e:1b:5d:54:
9a:82:ab:64:39:35:84:a5:c4:e1:e8:d8:06:eb:60:
ef:04:d0:37:bf:ac:58:3d:26:ed:2b:f9:cd:a1:c9:
db:ee:dc:1d:98:61:31:3d:5a:94:65:ee:31:cc:5d:
38:27:21:e3:ce:a3:86:6c:33:09:62:30:ce:d2:47:
90:56:9e:d0:6f:be:16:60:ae:73:f1:eb:2a:56:ba:
76:b0:52:64:08:df:42:61:80:5d:35:ed:f1:cb:34:
3a:d9:9c:a1:d3:9d:92:dd:a0:1e:b7:4f:e3:4d:b6:
ac:ce:7b:d6:36:2b:fe:69:f0:a6:36:fc:05:2f:19:
3f:22:f6:19:01:af:2c:c8:8d:b2:83:c0:be:c1:36:
1b:4e:f6:5c:2a:88:ec:ae:4d:8c:dd:70:9a:d4:6a:
e7:cc:98:9d:c7:af:1e:55:7c:ab:82:c1:01:59:30:
34:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:C1:A1:55:BB:09:8A:3B:7B:E9:FC:3A:34:27:21:42:28:9B:83:2F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E8GhVbsJijt76fw6NCchQiibgy8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:4d:69:7f:9f:a6:87:23:1d:66:83:61:b4:fa:a4:13:82:ab:
be:5b:56:5e:45:ff:d6:92:49:91:b9:7a:6d:ad:fe:d3:60:04:
50:f1:4a:c6:b8:4a:85:6d:08:3f:c7:30:35:2b:0b:4a:62:0d:
10:d3:e7:b8:0d:94:47:ff:6f:b2:40:5b:38:5c:85:ab:58:9f:
3d:27:14:79:e2:e4:da:fd:74:ee:7b:21:d3:24:0f:60:da:be:
aa:9f:8d:da:d1:41:90:79:fc:a2:15:de:eb:ca:53:fc:fc:3b:
ab:59:14:36:b5:22:c0:ce:e7:3e:ae:e3:5b:d6:35:43:52:12:
5c:2c:a9:41:89:7c:65:bc:f4:bd:52:7b:62:44:9d:4a:2a:d5:
bd:13:5c:e0:43:b3:d7:0d:08:ca:e9:92:c9:e7:fa:23:8c:01:
86:ed:97:d3:a9:ae:ec:ef:9f:c4:67:b3:22:59:d4:73:3c:e9:
4d:ff:ea:47:90:ab:28:22:22:24:65:05:1e:7b:3b:c2:58:de:
d7:72:43:57:75:41:53:64:f7:cf:fc:32:eb:1a:e3:0b:5e:65:
42:f5:9b:00:38:59:8c:cb:77:df:97:68:ad:9a:50:f4:92:54:
0d:70:4d:f0:95:aa:01:32:5c:80:91:05:b7:17:b0:11:cf:bd:
22:b1:69:99
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEy
MTQwNDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEzQzFBMTU1QkIwOThB
M0I3QkU5RkMzQTM0MjcyMTQyMjg5QjgzMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWONAn+suQrC+gFrL4pL9atzmFeJk81gKeifPmfSQq55RIUqua
k1TVbSdSqLBvQcHnlTNkaHsnPcvHWVOJHIg5p1hfXfHLRSqUjzvTXUGRhqkZXD7Y
fhtdVJqCq2Q5NYSlxOHo2AbrYO8E0De/rFg9Ju0r+c2hydvu3B2YYTE9WpRl7jHM
XTgnIePOo4ZsMwliMM7SR5BWntBvvhZgrnPx6ypWunawUmQI30JhgF017fHLNDrZ
nKHTnZLdoB63T+NNtqzOe9Y2K/5p8KY2/AUvGT8i9hkBryzIjbKDwL7BNhtO9lwq
iOyuTYzdcJrUaufMmJ3Hrx5VfKuCwQFZMDTbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUE8GhVbsJijt76fw6NCchQiibgy8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FOEdoVmJzSmlqdDc2Znc2
TkNjaFFpaWJneTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABJNaX+fpocjHWaDYbT6pBOCq75bVl5F/9aS
SZG5em2t/tNgBFDxSsa4SoVtCD/HMDUrC0piDRDT57gNlEf/b7JAWzhchatYnz0n
FHni5Nr9dO57IdMkD2DavqqfjdrRQZB5/KIV3uvKU/z8O6tZFDa1IsDO5z6u41vW
NUNSElwsqUGJfGW89L1Se2JEnUoq1b0TXOBDs9cNCMrpksnn+iOMAYbtl9Opruzv
n8RnsyJZ1HM86U3/6keQqygiIiRlBR57O8JY3tdyQ1d1QVNk98/8Musa4wteZUL1
mwA4WYzLd9+XaK2aUPSSVA1wTfCVqgEyXICRBbcXsBHPvSKxaZk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 22:43:28 2025 by rpki-client