Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/W1nAsc3kgxzjMtuTEpyxqb5g6vo.roa
File: W1nAsc3kgxzjMtuTEpyxqb5g6vo.roa (raw, json)
Hash identifier: cyjz6UiSu7ydjj3kA4eYIHWArKHKhq4UzUxajKNnzV8=
Subject key identifier: 5B:59:C0:B1:CD:E4:83:1C:E3:32:DB:93:12:9C:B1:A9:BE:60:EA:FA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F5C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W1nAsc3kgxzjMtuTEpyxqb5g6vo.roa
Signing time: Tue 17 Jun 2025 21:40:02 +0000
ROA not before: Tue 17 Jun 2025 21:40:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8028 (0x1f5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 21:40:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5B59C0B1CDE4831CE332DB93129CB1A9BE60EAFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b7:56:d9:ec:db:4d:21:5e:8e:f5:41:50:c9:
24:c7:d9:c3:d3:0d:8d:38:4a:0e:27:fd:1d:27:c0:
f2:54:fc:e5:d8:6c:d8:54:6c:af:30:68:8d:62:e9:
11:5f:c5:ea:68:31:8a:c1:4a:4a:2a:ef:69:43:1b:
73:ab:54:a0:2e:3e:54:a9:0d:3b:be:32:47:d7:62:
35:9b:2f:77:9d:a8:89:e9:28:77:7e:68:71:44:9a:
a7:e9:c6:da:7d:68:c6:1d:c5:e7:17:48:10:35:0f:
cb:57:dc:e9:e3:89:21:07:cb:c4:0d:c0:d0:fd:0e:
87:7f:2a:0d:9b:93:13:65:09:85:a1:e3:87:3a:1b:
9d:65:b8:52:53:0f:04:61:ba:3d:e4:4e:77:d4:35:
b4:5d:b0:58:8a:47:22:1b:c2:27:e3:0e:db:fe:ac:
fb:eb:0e:b8:d0:af:bd:f4:e8:1b:ec:f5:6c:9b:5b:
6d:8c:b5:f8:5f:18:46:04:b3:ad:0b:8c:0a:19:d7:
3a:be:f7:ce:f7:33:c5:42:d3:19:cd:6e:52:c7:27:
90:e5:2f:d3:44:de:61:d5:02:c7:d0:e1:6d:c2:8a:
46:59:c5:83:7d:c3:e1:a8:34:8e:b1:6c:b3:7b:59:
b4:a7:04:98:05:1a:88:87:5f:6b:9a:88:de:5b:4d:
4e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:59:C0:B1:CD:E4:83:1C:E3:32:DB:93:12:9C:B1:A9:BE:60:EA:FA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W1nAsc3kgxzjMtuTEpyxqb5g6vo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:ee:7e:de:d3:71:48:46:57:64:b8:5a:60:86:fb:a4:aa:ba:
48:69:38:a9:0b:8f:4f:e1:dc:75:73:b5:76:de:9d:c5:b5:bc:
f5:df:50:18:28:6d:73:e2:87:44:2f:f2:d2:fa:38:62:ef:07:
11:4a:06:43:9f:4e:10:21:75:18:71:e4:95:d6:9d:d1:9a:00:
c9:12:b7:33:ad:a9:4e:a6:87:55:45:a9:24:98:a7:05:b7:f9:
74:a3:6d:f8:9f:b9:59:52:79:a4:1d:71:21:0d:c8:bc:fe:e9:
bc:cd:1b:d8:6d:b5:9a:87:9e:74:93:9a:b0:bd:b7:94:b2:ca:
48:7a:d1:4a:c9:29:69:2d:02:c7:cb:c1:6e:0a:43:93:4f:6d:
12:32:f9:94:21:0b:77:69:df:53:33:31:23:d6:e3:5f:5c:1e:
a2:48:45:49:a6:18:51:86:89:ed:d4:af:a1:a6:f3:4c:5d:db:
86:e6:6a:52:ce:19:25:fb:9e:35:8d:f8:ce:e0:e3:e0:2a:1a:
85:e6:53:c8:32:76:01:15:42:2e:7d:4e:a8:a9:4c:c0:fc:f2:
f9:34:27:18:b5:da:35:1f:f5:8c:01:b2:1a:52:ed:b7:4d:47:
a1:ee:b5:6c:87:71:b4:7f:40:1e:00:19:05:60:dc:59:50:fc:
ab:40:84:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH1wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcy
MTQwMDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVCNTlDMEIxQ0RFNDgz
MUNFMzMyREI5MzEyOUNCMUE5QkU2MEVBRkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnt1bZ7NtNIV6O9UFQySTH2cPTDY04Sg4n/R0nwPJU/OXYbNhU
bK8waI1i6RFfxepoMYrBSkoq72lDG3OrVKAuPlSpDTu+MkfXYjWbL3edqInpKHd+
aHFEmqfpxtp9aMYdxecXSBA1D8tX3OnjiSEHy8QNwND9Dod/Kg2bkxNlCYWh44c6
G51luFJTDwRhuj3kTnfUNbRdsFiKRyIbwifjDtv+rPvrDrjQr7306Bvs9WybW22M
tfhfGEYEs60LjAoZ1zq+9873M8VC0xnNblLHJ5DlL9NE3mHVAsfQ4W3CikZZxYN9
w+GoNI6xbLN7WbSnBJgFGoiHX2uaiN5bTU41AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUW1nAsc3kgxzjMtuTEpyxqb5g6vowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XMW5Bc2Mza2d4empNdHVU
RXB5eHFiNWc2dm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFHuft7TcUhGV2S4WmCG+6SqukhpOKkLj0/h
3HVztXbencW1vPXfUBgobXPih0Qv8tL6OGLvBxFKBkOfThAhdRhx5JXWndGaAMkS
tzOtqU6mh1VFqSSYpwW3+XSjbfifuVlSeaQdcSENyLz+6bzNG9httZqHnnSTmrC9
t5Syykh60UrJKWktAsfLwW4KQ5NPbRIy+ZQhC3dp31MzMSPW419cHqJIRUmmGFGG
ie3Ur6Gm80xd24bmalLOGSX7njWN+M7g4+AqGoXmU8gydgEVQi59TqipTMD88vk0
Jxi12jUf9YwBshpS7bdNR6HutWyHcbR/QB4AGQVg3FlQ/KtAhGA=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:02:30 2025 by rpki-client