Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Wsdk75cotJqRBHdN1cDCdWAfwHo.roa
File: Wsdk75cotJqRBHdN1cDCdWAfwHo.roa (raw, json)
Hash identifier: LBE0kMBiw/kYDjyC1gDLEWpBETFLfeq+1zRifh+C088=
Subject key identifier: 5A:C7:64:EF:97:28:B4:9A:91:04:77:4D:D5:C0:C2:75:60:1F:C0:7A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2398
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Wsdk75cotJqRBHdN1cDCdWAfwHo.roa
Signing time: Tue 24 Jun 2025 00:41:58 +0000
ROA not before: Tue 24 Jun 2025 00:41:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9112 (0x2398)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 00:41:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5AC764EF9728B49A9104774DD5C0C275601FC07A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9c:0e:43:7d:2b:fa:29:b7:c8:6f:35:bd:c5:
fc:a5:77:d9:9f:7a:4f:55:e7:45:99:13:d4:c7:66:
7c:82:a1:b1:de:b3:a4:b7:99:c6:1e:82:d6:85:42:
c0:b9:6a:4b:ad:91:ad:eb:01:5e:89:cb:a9:29:e2:
8b:d5:d5:54:b9:28:0e:a6:9b:29:a3:aa:71:1a:12:
a4:3b:50:1b:68:7c:3e:94:68:93:32:41:e0:be:97:
b3:78:55:77:f3:29:b9:bc:52:b4:85:93:67:f5:ca:
d9:db:64:33:fe:ae:f8:90:e5:87:1a:91:61:f6:d4:
cd:54:fc:6d:81:9c:73:72:15:91:63:f5:ff:16:2e:
c9:e2:11:46:8a:98:91:a2:6a:73:c5:4d:f8:a2:2c:
7e:e8:7c:90:b4:9c:65:6d:35:12:2d:44:cd:11:0a:
cc:ca:7d:22:12:b5:6b:b8:e7:95:11:1d:fe:27:ab:
69:92:72:29:0d:a0:c7:9f:fb:ba:db:1b:e8:0f:6f:
51:8c:ea:08:32:1c:ab:5d:3e:e0:e5:e6:e5:9e:7f:
81:47:46:f8:4a:36:3b:95:10:38:56:9a:9e:1f:6c:
fa:6a:9b:df:a3:4e:37:78:c3:cc:3d:a2:10:1a:86:
12:0f:07:ab:76:32:ef:bf:86:31:a7:6c:9c:7a:c1:
40:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C7:64:EF:97:28:B4:9A:91:04:77:4D:D5:C0:C2:75:60:1F:C0:7A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Wsdk75cotJqRBHdN1cDCdWAfwHo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:b5:5a:a5:86:8c:a1:a6:4b:d9:e6:90:dc:82:46:c3:ba:1b:
27:f6:3c:df:1d:9c:6f:49:05:19:91:33:4e:89:d3:13:9e:f4:
cf:68:94:4a:82:76:9d:a4:12:08:ca:7e:7a:37:75:2d:06:8c:
69:17:d9:45:60:b0:74:47:42:27:d5:59:47:d2:77:e4:83:c6:
83:de:0a:6d:27:ff:de:55:02:26:39:32:93:c1:6e:8d:36:1e:
4e:6e:5b:e8:70:c4:8c:1f:5c:0f:c3:42:ec:2e:f4:f9:53:b6:
d2:5b:f2:e3:39:4a:87:bc:b0:c1:e1:ec:96:80:df:fb:e8:92:
e1:49:e3:df:9d:93:bd:c3:7e:41:fa:57:ae:c2:20:34:95:48:
a4:2e:84:e5:f6:02:6b:28:a2:d0:25:a3:08:ab:58:94:f9:97:
50:50:c9:1d:2e:29:32:0d:71:d6:7c:60:42:88:eb:38:c8:52:
ce:da:28:a3:a6:19:d6:e3:4a:77:c7:55:fc:c3:7c:73:cc:da:
14:03:8f:78:80:df:ef:ff:0a:a7:a1:af:56:47:e4:4e:c3:e9:
46:f3:a1:0b:ef:86:6d:0b:c2:7e:2a:1a:84:4b:3f:82:69:a2:
38:b8:fe:a7:e0:2c:b7:34:f4:35:c3:67:57:5c:d3:88:15:25:
6d:85:5d:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQw
MDQxNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVBQzc2NEVGOTcyOEI0
OUE5MTA0Nzc0REQ1QzBDMjc1NjAxRkMwN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPnA5DfSv6KbfIbzW9xfyld9mfek9V50WZE9THZnyCobHes6S3
mcYegtaFQsC5akutka3rAV6Jy6kp4ovV1VS5KA6mmymjqnEaEqQ7UBtofD6UaJMy
QeC+l7N4VXfzKbm8UrSFk2f1ytnbZDP+rviQ5YcakWH21M1U/G2BnHNyFZFj9f8W
LsniEUaKmJGianPFTfiiLH7ofJC0nGVtNRItRM0RCszKfSIStWu455URHf4nq2mS
cikNoMef+7rbG+gPb1GM6ggyHKtdPuDl5uWef4FHRvhKNjuVEDhWmp4fbPpqm9+j
Tjd4w8w9ohAahhIPB6t2Mu+/hjGnbJx6wUBDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWsdk75cotJqRBHdN1cDCdWAfwHowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Xc2RrNzVjb3RKcVJCSGRO
MWNEQ2RXQWZ3SG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFi1WqWGjKGmS9nmkNyCRsO6Gyf2PN8dnG9J
BRmRM06J0xOe9M9olEqCdp2kEgjKfno3dS0GjGkX2UVgsHRHQifVWUfSd+SDxoPe
Cm0n/95VAiY5MpPBbo02Hk5uW+hwxIwfXA/DQuwu9PlTttJb8uM5Soe8sMHh7JaA
3/vokuFJ49+dk73DfkH6V67CIDSVSKQuhOX2AmsootAlowirWJT5l1BQyR0uKTIN
cdZ8YEKI6zjIUs7aKKOmGdbjSnfHVfzDfHPM2hQDj3iA3+//Cqehr1ZH5E7D6Ubz
oQvvhm0Lwn4qGoRLP4Jpoji4/qfgLLc09DXDZ1dc04gVJW2FXWw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:05:28 2025 by rpki-client