Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EzWJTnnNxTXgK8OnTOv4E-YlXpI.roa
File: EzWJTnnNxTXgK8OnTOv4E-YlXpI.roa (raw, json)
Hash identifier: CbvuVKPLYZujmvNaZtoLaIB18ItpQWt00ozS2Fnk6u0=
Subject key identifier: 13:35:89:4E:79:CD:C5:35:E0:2B:C3:A7:4C:EB:F8:13:E6:25:5E:92
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C54
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EzWJTnnNxTXgK8OnTOv4E-YlXpI.roa
Signing time: Fri 13 Jun 2025 20:39:54 +0000
ROA not before: Fri 13 Jun 2025 20:39:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7252 (0x1c54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 20:39:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1335894E79CDC535E02BC3A74CEBF813E6255E92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:82:b1:a5:37:ff:8a:9d:df:7b:62:37:d7:b3:
82:0e:89:19:82:37:a8:37:10:dc:85:43:9a:8c:c4:
d2:f3:9f:e4:9b:93:5a:56:e4:21:f8:89:cd:0b:d8:
6d:ef:68:94:15:30:9d:da:3b:e7:c0:be:44:8a:1d:
1e:64:e2:84:f8:87:f8:ae:c0:d1:63:af:9f:e2:ba:
59:cd:a3:84:5b:65:4e:e3:26:c6:cd:77:a0:a1:55:
1b:5c:c0:18:36:a8:5b:03:e9:ee:86:32:1a:3d:f6:
be:1b:f1:92:65:0c:2b:d3:a5:3c:19:fd:3b:ce:e4:
1c:6b:57:a0:06:f5:16:65:bc:ac:e3:ed:61:b2:e3:
c6:66:ab:34:b2:7e:00:11:af:1a:b8:d5:45:c8:8a:
0d:c6:eb:4b:8c:ec:50:2b:84:c5:dd:a5:a1:3d:e3:
f1:44:8c:ad:1f:fa:41:4f:08:d9:2a:08:f0:3e:3a:
19:95:42:36:2e:03:78:97:20:f2:ca:3e:19:a6:5e:
2e:39:29:62:3a:bc:28:9d:9c:8e:68:b5:10:4f:76:
82:5a:7f:15:d9:7c:77:56:7c:17:01:ca:2d:c0:47:
78:fa:c5:3d:ae:a9:6b:00:f5:a9:7c:ea:6a:d6:f4:
26:cc:ce:b0:48:1e:4b:8e:65:d1:ef:b0:56:61:00:
de:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:35:89:4E:79:CD:C5:35:E0:2B:C3:A7:4C:EB:F8:13:E6:25:5E:92
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EzWJTnnNxTXgK8OnTOv4E-YlXpI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:f8:75:a2:90:a3:8e:71:4a:b7:3d:eb:2d:97:e2:7b:80:83:
f2:a3:17:c9:8b:3f:fe:b9:ed:b1:e9:d4:e6:5d:ec:92:8a:a6:
c0:46:46:71:6f:01:57:b5:7e:7e:70:e5:d2:ae:76:d6:89:3d:
5f:be:60:ed:55:84:8a:93:82:77:ac:21:8b:ab:c4:65:26:16:
99:40:da:b8:53:e6:e5:61:e4:be:16:80:97:00:a1:a0:2a:c2:
5a:1f:78:2d:d4:e3:48:fc:67:b6:e6:6e:9c:6c:0b:66:d8:44:
98:b4:77:61:e8:fd:d0:79:b3:4e:e6:d0:38:d3:e6:4e:cb:72:
93:20:2a:11:c1:b4:cb:8b:ae:67:29:04:0b:26:40:a1:86:e8:
2a:4d:96:52:a3:88:b2:68:e0:24:cb:00:1b:00:a1:c6:8d:07:
f0:f6:14:e7:b9:3b:5b:f8:93:73:2f:b6:af:15:a0:50:3a:03:
66:9a:b3:46:21:a1:97:dc:f6:d2:93:77:14:66:0f:e9:03:2d:
bd:49:24:c4:f5:11:6d:a2:98:b0:47:22:23:ac:59:9b:e4:9e:
bb:9b:bf:2b:c7:37:7d:44:cb:09:5e:dc:86:cc:68:9e:04:8e:
44:ab:57:e8:c9:4f:2b:23:95:0b:b0:31:49:91:7b:fc:bd:d7:
bc:0e:dc:01
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHFQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMy
MDM5NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEzMzU4OTRFNzlDREM1
MzVFMDJCQzNBNzRDRUJGODEzRTYyNTVFOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkgrGlN/+Knd97YjfXs4IOiRmCN6g3ENyFQ5qMxNLzn+Sbk1pW
5CH4ic0L2G3vaJQVMJ3aO+fAvkSKHR5k4oT4h/iuwNFjr5/iulnNo4RbZU7jJsbN
d6ChVRtcwBg2qFsD6e6GMho99r4b8ZJlDCvTpTwZ/TvO5BxrV6AG9RZlvKzj7WGy
48ZmqzSyfgARrxq41UXIig3G60uM7FArhMXdpaE94/FEjK0f+kFPCNkqCPA+OhmV
QjYuA3iXIPLKPhmmXi45KWI6vCidnI5otRBPdoJafxXZfHdWfBcByi3AR3j6xT2u
qWsA9al86mrW9CbMzrBIHkuOZdHvsFZhAN7fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEzWJTnnNxTXgK8OnTOv4E+YlXpIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FeldKVG5uTnhUWGdLOE9u
VE92NEUtWWxYcEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK74daKQo45xSrc96y2X4nuAg/KjF8mLP/65
7bHp1OZd7JKKpsBGRnFvAVe1fn5w5dKudtaJPV++YO1VhIqTgnesIYurxGUmFplA
2rhT5uVh5L4WgJcAoaAqwlofeC3U40j8Z7bmbpxsC2bYRJi0d2Ho/dB5s07m0DjT
5k7LcpMgKhHBtMuLrmcpBAsmQKGG6CpNllKjiLJo4CTLABsAocaNB/D2FOe5O1v4
k3Mvtq8VoFA6A2aas0YhoZfc9tKTdxRmD+kDLb1JJMT1EW2imLBHIiOsWZvknrub
vyvHN31Eywle3IbMaJ4EjkSrV+jJTysjlQuwMUmRe/y917wO3AE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 22:37:14 2025 by rpki-client