Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Wa_zP22LJc7uhmOwHoBYbsDQ5R8.roa
File: Wa_zP22LJc7uhmOwHoBYbsDQ5R8.roa (raw, json)
Hash identifier: +/ahqsS6Vl7RkwbstfZBqBHuzTmS35JwL7/hD5ioEM8=
Subject key identifier: 59:AF:F3:3F:6D:8B:25:CE:EE:86:63:B0:1E:80:58:6E:C0:D0:E5:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0508
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Wa_zP22LJc7uhmOwHoBYbsDQ5R8.roa
Signing time: Tue 13 May 2025 19:08:08 +0000
ROA not before: Tue 13 May 2025 19:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1288 (0x508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 19:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=59AFF33F6D8B25CEEE8663B01E80586EC0D0E51F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bd:e1:9c:5c:d2:e8:39:f9:df:6d:60:88:d7:
8c:4d:a6:13:7d:87:28:57:3c:80:21:b0:81:fd:de:
ee:e4:94:42:9f:8c:3a:39:b1:90:0b:f7:36:44:ec:
ad:af:a3:10:24:c7:bc:ce:87:6f:b6:39:d8:f8:55:
e1:18:27:5f:9f:dd:14:a5:34:7e:37:02:54:09:9a:
0c:dd:01:3e:34:20:48:a9:55:75:b5:30:45:f6:28:
8e:d7:a0:c2:9a:0a:f0:d0:ee:05:31:ec:4c:e6:fc:
33:1f:0f:e5:61:08:80:e7:5d:0a:42:3f:6c:99:66:
5d:6e:75:bb:8c:20:24:27:15:93:0b:a2:49:21:31:
a0:8e:cd:d2:25:34:52:f7:91:f3:ca:e8:aa:f7:f9:
4b:70:73:dd:86:4c:4e:64:9f:f5:b4:43:a7:af:de:
d5:bf:a9:5f:9f:73:cb:89:3c:12:55:2b:34:65:a2:
0c:99:31:42:1c:71:00:ea:89:87:ee:52:ef:80:e2:
66:69:6f:33:b2:31:91:cc:e3:12:3c:91:e8:98:7e:
3c:b8:cc:01:0e:db:21:33:43:34:d2:8f:dc:53:43:
6c:fe:3e:b9:c8:05:b5:be:2a:a3:bf:87:bf:e9:9d:
ad:14:3a:9e:8a:44:b1:85:47:d2:f0:92:1a:8f:0f:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:AF:F3:3F:6D:8B:25:CE:EE:86:63:B0:1E:80:58:6E:C0:D0:E5:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Wa_zP22LJc7uhmOwHoBYbsDQ5R8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:e3:18:16:fa:eb:5f:a0:ed:9b:5c:d5:a5:99:c1:c7:58:fa:
9c:57:7e:64:03:ae:e4:11:ac:68:ae:6d:da:1f:6b:21:82:ca:
2e:23:e7:a1:06:c9:31:5c:75:f1:48:a2:e7:20:9c:87:8d:9c:
ed:b8:d1:d6:6e:5b:5c:84:33:7f:da:ad:11:cd:e7:2b:81:1c:
ee:c9:c4:7b:52:a5:e2:52:e9:7d:19:2b:d3:d7:d9:96:c6:2c:
12:cb:05:0b:62:e8:db:75:70:d0:bf:0f:58:07:6b:08:a1:08:
6f:0c:c7:76:1d:1a:4f:8f:ff:58:32:ad:a5:e9:47:2f:5a:0f:
c1:ea:7e:01:77:af:bc:25:b0:58:1b:f2:fc:38:4c:79:b6:ef:
7d:f0:66:e8:76:7e:6e:f8:e4:70:be:90:53:8a:cd:47:ce:13:
dd:e7:dc:e0:69:6d:a1:34:88:6e:71:08:d5:00:aa:ab:f5:f6:
3a:e1:9f:99:b8:5e:56:14:e1:cf:ce:8b:24:b6:94:cf:77:d8:
10:d2:2a:3e:5d:bc:b7:b7:e0:db:ac:60:c2:dc:1b:83:86:24:
ba:2d:cd:b6:b8:92:22:78:e1:7b:16:88:1b:dc:b1:fe:fa:34:
92:38:3e:a3:0c:7f:d5:59:4c:11:d2:5b:2f:ac:2d:8d:97:db:
ec:0c:b0:84
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBQgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
OTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU5QUZGMzNGNkQ4QjI1
Q0VFRTg2NjNCMDFFODA1ODZFQzBEMEU1MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuveGcXNLoOfnfbWCI14xNphN9hyhXPIAhsIH93u7klEKfjDo5
sZAL9zZE7K2voxAkx7zOh2+2Odj4VeEYJ1+f3RSlNH43AlQJmgzdAT40IEipVXW1
MEX2KI7XoMKaCvDQ7gUx7Ezm/DMfD+VhCIDnXQpCP2yZZl1udbuMICQnFZMLokkh
MaCOzdIlNFL3kfPK6Kr3+Utwc92GTE5kn/W0Q6ev3tW/qV+fc8uJPBJVKzRlogyZ
MUIccQDqiYfuUu+A4mZpbzOyMZHM4xI8keiYfjy4zAEO2yEzQzTSj9xTQ2z+PrnI
BbW+KqO/h7/pna0UOp6KRLGFR9LwkhqPD8MhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWa/zP22LJc7uhmOwHoBYbsDQ5R8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XYV96UDIyTEpjN3VobU93
SG9CWWJzRFE1Ujgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAG3jGBb661+g7Ztc1aWZwcdY+pxXfmQDruQR
rGiubdofayGCyi4j56EGyTFcdfFIoucgnIeNnO240dZuW1yEM3/arRHN5yuBHO7J
xHtSpeJS6X0ZK9PX2ZbGLBLLBQti6Nt1cNC/D1gHawihCG8Mx3YdGk+P/1gyraXp
Ry9aD8HqfgF3r7wlsFgb8vw4THm2733wZuh2fm745HC+kFOKzUfOE93n3OBpbaE0
iG5xCNUAqqv19jrhn5m4XlYU4c/OiyS2lM932BDSKj5dvLe34NusYMLcG4OGJLot
zba4kiJ44XsWiBvcsf76NJI4PqMMf9VZTBHSWy+sLY2X2+wMsIQ=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:02:15 2025 by rpki-client