Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ENjMtyquaB52aWP43quZ-K-jPxk.roa
File: ENjMtyquaB52aWP43quZ-K-jPxk.roa (raw, json)
Hash identifier: 4KWf6l+pdCOcoa8f4OYJH2fTWd3vrXGLCs9YLBDWLDw=
Subject key identifier: 10:D8:CC:B7:2A:AE:68:1E:76:69:63:F8:DE:AB:99:F8:AF:A3:3F:19
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 18E4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ENjMtyquaB52aWP43quZ-K-jPxk.roa
Signing time: Mon 09 Jun 2025 06:39:37 +0000
ROA not before: Mon 09 Jun 2025 06:39:37 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6372 (0x18e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 06:39:37 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=10D8CCB72AAE681E766963F8DEAB99F8AFA33F19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9a:e3:4b:79:86:33:73:b5:65:16:b8:be:fd:
bb:95:3f:54:5b:c9:01:2e:c0:2d:a0:21:31:89:b5:
7e:0a:81:ec:ee:83:4e:d6:2c:3f:01:fd:17:f7:cf:
85:e4:c3:64:09:99:a1:bd:9a:4f:f6:09:37:fc:c2:
9e:69:cd:50:d6:e0:98:4a:ca:d2:d4:88:c6:1f:9a:
79:41:a4:e9:6e:e2:3c:2a:b6:eb:63:aa:af:9d:9d:
57:96:72:6d:be:21:e2:97:14:51:39:42:40:2a:c7:
19:0e:a0:8a:a4:79:d1:2a:a9:12:42:76:d9:ea:00:
1a:f8:6e:1f:c8:0c:78:bd:03:9e:65:57:eb:d0:d1:
79:8b:ae:37:6f:c7:05:9d:2c:4c:e2:e5:22:91:a7:
8c:e7:b3:1c:08:16:aa:22:54:3e:07:44:dd:8e:ae:
e3:8d:60:b4:ff:b2:0b:8f:1f:5a:d7:df:8d:5b:e2:
a0:da:7f:8b:7c:71:9f:bc:02:d4:ea:b3:43:8f:e3:
ce:05:dc:36:b3:31:8f:1a:26:7a:86:a1:b8:8b:fc:
a1:e7:4e:c7:1b:b7:b0:39:96:c4:d1:27:d8:b6:18:
76:96:4d:1e:57:c6:44:4c:28:f6:cf:2f:51:6d:3f:
9e:6d:88:16:0f:61:97:e9:af:bb:3e:cf:0c:c9:0d:
9c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:D8:CC:B7:2A:AE:68:1E:76:69:63:F8:DE:AB:99:F8:AF:A3:3F:19
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ENjMtyquaB52aWP43quZ-K-jPxk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:f5:f9:ce:10:d0:cf:8a:d6:3b:df:d6:2d:9a:85:33:5f:7c:
97:2e:08:ee:3f:7c:61:c7:89:d0:2f:f3:fc:11:72:c9:7c:d5:
46:5b:0b:b1:99:96:76:0e:bb:a9:b4:0b:8b:8c:29:2f:77:ce:
96:a6:5d:ad:0b:03:39:20:e0:28:c5:e3:49:3f:8f:3a:73:03:
74:ed:1c:84:23:24:64:12:ca:85:84:35:c9:a9:ee:6b:f0:62:
dc:07:5b:7f:f0:5b:7b:dc:41:75:f4:6c:07:d6:f0:e9:3f:d3:
ec:64:f7:00:d4:d2:65:ef:3a:b7:29:52:41:d4:75:2c:5c:06:
08:d3:57:e7:3b:e4:b9:0e:1b:99:81:c5:9f:0e:bc:fc:46:04:
3d:fc:94:ef:89:51:40:1e:72:cb:e8:2d:11:cb:0e:99:11:85:
d0:94:0e:ff:88:ee:10:b1:4b:28:90:d2:23:32:4b:5f:3e:fa:
49:51:d3:28:0b:40:f8:6c:9b:78:00:6d:2a:4a:96:ed:fb:fc:
69:79:df:24:79:fa:92:e3:27:2e:fd:48:f0:71:f2:98:9d:22:
99:3b:60:33:a0:ac:db:57:3b:4f:24:81:82:57:e3:d0:86:94:
53:ad:dd:bb:26:33:46:af:e3:34:3c:87:51:7f:39:e2:21:c8:
86:c3:69:16
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGOQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkw
NjM5MzdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEwRDhDQ0I3MkFBRTY4
MUU3NjY5NjNGOERFQUI5OUY4QUZBMzNGMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhmuNLeYYzc7VlFri+/buVP1RbyQEuwC2gITGJtX4Kgezug07W
LD8B/Rf3z4Xkw2QJmaG9mk/2CTf8wp5pzVDW4JhKytLUiMYfmnlBpOlu4jwqtutj
qq+dnVeWcm2+IeKXFFE5QkAqxxkOoIqkedEqqRJCdtnqABr4bh/IDHi9A55lV+vQ
0XmLrjdvxwWdLEzi5SKRp4znsxwIFqoiVD4HRN2OruONYLT/sguPH1rX341b4qDa
f4t8cZ+8AtTqs0OP484F3DazMY8aJnqGobiL/KHnTscbt7A5lsTRJ9i2GHaWTR5X
xkRMKPbPL1FtP55tiBYPYZfpr7s+zwzJDZyRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUENjMtyquaB52aWP43quZ+K+jPxkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FTmpNdHlxdWFCNTJhV1A0
M3F1Wi1LLWpQeGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBADr1+c4Q0M+K1jvf1i2ahTNffJcuCO4/fGHH
idAv8/wRcsl81UZbC7GZlnYOu6m0C4uMKS93zpamXa0LAzkg4CjF40k/jzpzA3Tt
HIQjJGQSyoWENcmp7mvwYtwHW3/wW3vcQXX0bAfW8Ok/0+xk9wDU0mXvOrcpUkHU
dSxcBgjTV+c75LkOG5mBxZ8OvPxGBD38lO+JUUAecsvoLRHLDpkRhdCUDv+I7hCx
SyiQ0iMyS18++klR0ygLQPhsm3gAbSpKlu37/Gl53yR5+pLjJy79SPBx8pidIpk7
YDOgrNtXO08kgYJX49CGlFOt3bsmM0av4zQ8h1F/OeIhyIbDaRY=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:37:26 2025 by rpki-client