Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EtoidFcskQNMgoyX9Wg5HfegHWY.roa
File: EtoidFcskQNMgoyX9Wg5HfegHWY.roa (raw, json)
Hash identifier: SN8CKMTQmNZp5wMrI2TeM6iNkBZ/OWsF8ftTpy/neDk=
Subject key identifier: 12:DA:22:74:57:2C:91:03:4C:82:8C:97:F5:68:39:1D:F7:A0:1D:66
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16B0
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EtoidFcskQNMgoyX9Wg5HfegHWY.roa
Signing time: Fri 06 Jun 2025 08:09:25 +0000
ROA not before: Fri 06 Jun 2025 08:09:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5808 (0x16b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 08:09:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=12DA2274572C91034C828C97F568391DF7A01D66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:40:79:93:66:13:7f:37:11:c3:47:cf:a3:61:
12:7e:54:9b:80:b8:fe:19:1e:1b:86:42:ff:01:34:
81:04:df:32:85:8a:8b:7d:76:60:37:11:da:49:20:
38:09:46:85:68:58:65:29:df:ed:ee:62:5c:06:4c:
79:e1:77:54:0e:d6:f9:8e:13:fb:fa:97:ab:3d:10:
06:d6:8f:a1:d6:79:e3:72:2f:48:28:78:42:d4:df:
8c:10:28:ce:32:c1:97:90:4b:6c:38:1e:fe:c0:e7:
88:e9:e4:5e:71:16:ed:5f:1a:49:91:70:0e:4b:0f:
c4:5b:0a:fe:31:fb:44:32:bd:04:67:da:39:eb:d7:
ed:b3:2c:2b:5f:8c:68:4d:83:f2:2d:08:3d:2f:75:
5c:4f:25:e9:4e:0f:26:1a:10:ce:fb:d5:a0:49:44:
15:27:01:2a:b7:58:06:eb:67:ad:3e:d5:38:99:b9:
7b:27:18:10:5e:91:c4:42:22:67:3e:a6:c2:fe:e1:
0b:d1:f9:c7:d3:5c:f4:4c:e7:78:11:dc:1f:19:8a:
c8:8d:1a:00:ce:8b:35:ae:d6:f7:cf:71:6e:7f:f9:
7c:0d:09:95:18:d9:aa:57:ea:c4:cb:e4:3b:2a:a2:
5d:5e:ac:1f:18:00:6d:dd:65:8d:0c:ed:bd:5a:95:
0b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:DA:22:74:57:2C:91:03:4C:82:8C:97:F5:68:39:1D:F7:A0:1D:66
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EtoidFcskQNMgoyX9Wg5HfegHWY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:0e:9e:3a:21:da:bd:54:b0:21:a7:e7:c5:b9:32:80:42:48:
36:a8:3e:dc:21:9d:92:97:e7:24:d3:62:a6:6a:88:12:46:31:
ed:c4:a5:2f:ad:1d:0e:5d:34:39:e6:7a:14:fc:e5:61:40:3f:
6e:89:c6:6e:0d:1e:45:74:11:c6:83:d1:b4:a8:51:2c:5c:45:
84:b1:8f:55:3b:43:2f:d4:ae:db:3b:8e:24:0b:a6:74:6a:d3:
44:95:84:04:5a:46:10:2e:06:a9:79:db:69:a7:d9:1d:be:ba:
56:44:2b:93:30:35:a1:37:17:46:54:41:c8:ac:c8:23:6c:3a:
29:34:dc:e2:ca:91:56:35:99:8a:91:cf:1e:70:a4:e8:b4:0b:
77:9a:f4:1f:93:0e:c5:40:41:c9:b1:6d:65:09:09:49:ac:a4:
0a:f1:cb:dd:dc:c6:b2:c4:50:14:d6:82:cc:2b:77:37:6c:46:
a7:5b:f1:79:c5:9d:94:ea:1d:62:04:b7:09:ea:9e:57:a7:4a:
82:0a:84:d0:5d:c8:45:22:e1:0f:77:69:bc:77:37:49:d9:3e:
ee:34:70:4d:40:79:af:12:c0:1d:b9:d5:29:8a:89:df:ec:11:
bc:23:4f:58:c1:f2:0c:18:05:73:42:0e:0b:c2:57:5e:cb:fe:
37:52:ef:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFrAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
ODA5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEyREEyMjc0NTcyQzkx
MDM0QzgyOEM5N0Y1NjgzOTFERjdBMDFENjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVQHmTZhN/NxHDR8+jYRJ+VJuAuP4ZHhuGQv8BNIEE3zKFiot9
dmA3EdpJIDgJRoVoWGUp3+3uYlwGTHnhd1QO1vmOE/v6l6s9EAbWj6HWeeNyL0go
eELU34wQKM4ywZeQS2w4Hv7A54jp5F5xFu1fGkmRcA5LD8RbCv4x+0QyvQRn2jnr
1+2zLCtfjGhNg/ItCD0vdVxPJelODyYaEM771aBJRBUnASq3WAbrZ60+1TiZuXsn
GBBekcRCImc+psL+4QvR+cfTXPRM53gR3B8ZisiNGgDOizWu1vfPcW5/+XwNCZUY
2apX6sTL5Dsqol1erB8YAG3dZY0M7b1alQv/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEtoidFcskQNMgoyX9Wg5HfegHWYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FdG9pZEZjc2tRTk1nb3lY
OVdnNUhmZWdIV1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAGsOnjoh2r1UsCGn58W5MoBCSDaoPtwhnZKX
5yTTYqZqiBJGMe3EpS+tHQ5dNDnmehT85WFAP26Jxm4NHkV0EcaD0bSoUSxcRYSx
j1U7Qy/Urts7jiQLpnRq00SVhARaRhAuBql522mn2R2+ulZEK5MwNaE3F0ZUQcis
yCNsOik03OLKkVY1mYqRzx5wpOi0C3ea9B+TDsVAQcmxbWUJCUmspArxy93cxrLE
UBTWgswrdzdsRqdb8XnFnZTqHWIEtwnqnlenSoIKhNBdyEUi4Q93abx3N0nZPu40
cE1Aea8SwB251SmKid/sEbwjT1jB8gwYBXNCDgvCV17L/jdS70I=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:24:55 2025 by rpki-client