Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wRWnKRPxY-4sTV_aE3CcSvQTnds.roa
File: wRWnKRPxY-4sTV_aE3CcSvQTnds.roa (raw, json)
Hash identifier: A0cAy03kYgr8DhY2y3FviEP56PV6y4jxZglYk/DlTAc=
Subject key identifier: C1:15:A7:29:13:F1:63:EE:2C:4D:5F:DA:13:70:9C:4A:F4:13:9D:DB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FFC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wRWnKRPxY-4sTV_aE3CcSvQTnds.roa
Signing time: Wed 18 Jun 2025 18:34:40 +0000
ROA not before: Wed 18 Jun 2025 18:34:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8188 (0x1ffc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 18:34:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C115A72913F163EE2C4D5FDA13709C4AF4139DDB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3d:20:84:37:37:19:30:b0:9f:5a:d2:ec:0f:
33:01:4d:da:2c:4e:3b:35:05:5c:94:8c:b6:58:e5:
5c:a7:36:63:88:5f:a6:62:7f:73:7a:3b:a0:47:7b:
75:05:7e:bf:b6:65:43:cd:d2:3d:3f:3e:9c:92:41:
b9:62:81:82:d2:bd:11:94:8f:b7:ab:5b:58:63:14:
5b:a0:36:f6:35:ae:06:5a:0d:2a:a5:39:3e:45:a0:
3f:1d:ea:99:fd:a2:66:d8:e1:59:0a:24:b0:78:40:
e6:e7:c8:b9:23:81:76:06:65:61:b7:8c:61:78:50:
94:5e:a1:7e:be:f0:d2:ee:96:cc:a4:d6:f1:a9:87:
d0:04:57:b7:a6:33:8e:f5:2c:31:f5:72:03:d3:dc:
d6:79:9e:44:3c:9b:16:51:62:cd:40:aa:49:90:dc:
80:36:3f:e4:7d:4c:f0:51:79:1e:43:e4:0a:c2:00:
5d:0d:8c:ff:9a:07:b2:c3:35:23:12:da:5c:91:07:
48:b5:fa:ed:95:7d:f4:f1:63:55:ab:2f:fa:e6:2f:
0d:d5:01:09:a4:7b:61:be:dc:50:d6:1d:ec:54:36:
47:fc:35:60:12:85:64:49:c8:40:1d:9a:7d:2d:ba:
a4:ce:81:17:09:73:64:d1:cc:20:b2:fe:03:10:be:
dc:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:15:A7:29:13:F1:63:EE:2C:4D:5F:DA:13:70:9C:4A:F4:13:9D:DB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wRWnKRPxY-4sTV_aE3CcSvQTnds.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:d3:f2:9a:51:54:82:f5:99:f6:12:83:80:31:6a:42:ed:b7:
28:ec:21:58:cc:6d:65:e8:49:23:5f:20:01:9b:fd:f9:f6:33:
e6:33:f6:01:b9:b4:5b:3f:55:af:39:0d:3d:04:9e:84:ed:d8:
13:b7:57:77:1c:72:10:bc:e4:8d:0d:8e:d5:99:c5:72:80:73:
d5:6d:f8:b1:46:b1:ac:c9:bd:c6:c3:e1:61:f4:cd:32:36:64:
66:06:80:57:1d:6e:72:00:e5:9b:86:d4:be:f9:31:aa:2e:cf:
d3:28:80:ba:53:6b:51:76:d1:34:d7:e9:d2:be:67:a4:70:f2:
4e:9d:0f:a4:4d:d8:22:35:b7:85:7b:49:76:c9:46:6d:a0:fe:
1d:d5:45:f9:e1:ca:f4:ea:70:c7:68:d6:60:35:74:76:ab:1a:
5a:b1:53:75:f7:09:1f:39:bf:41:aa:5a:cb:93:cf:e0:f1:f0:
56:73:86:73:8a:bb:ff:24:d0:93:3c:ac:86:b3:81:f6:f6:73:
23:a6:0f:d8:61:08:36:0b:eb:2e:e8:d2:a1:52:74:da:68:af:
83:cf:b2:d5:f5:66:ac:43:32:8d:58:b5:7b:4e:df:c7:12:af:
74:d9:0b:be:3a:0c:18:14:62:41:7c:88:ed:e3:62:26:3f:21:
b8:31:6b:80
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH/wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
ODM0NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMxMTVBNzI5MTNGMTYz
RUUyQzRENUZEQTEzNzA5QzRBRjQxMzlEREIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEPSCENzcZMLCfWtLsDzMBTdosTjs1BVyUjLZY5VynNmOIX6Zi
f3N6O6BHe3UFfr+2ZUPN0j0/PpySQbligYLSvRGUj7erW1hjFFugNvY1rgZaDSql
OT5FoD8d6pn9ombY4VkKJLB4QObnyLkjgXYGZWG3jGF4UJReoX6+8NLulsyk1vGp
h9AEV7emM471LDH1cgPT3NZ5nkQ8mxZRYs1AqkmQ3IA2P+R9TPBReR5D5ArCAF0N
jP+aB7LDNSMS2lyRB0i1+u2VffTxY1WrL/rmLw3VAQmke2G+3FDWHexUNkf8NWAS
hWRJyEAdmn0tuqTOgRcJc2TRzCCy/gMQvtznAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwRWnKRPxY+4sTV/aE3CcSvQTndswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93UlduS1JQeFktNHNUVl9h
RTNDY1N2UVRuZHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBACfT8ppRVIL1mfYSg4AxakLttyjsIVjMbWXo
SSNfIAGb/fn2M+Yz9gG5tFs/Va85DT0EnoTt2BO3V3ccchC85I0NjtWZxXKAc9Vt
+LFGsazJvcbD4WH0zTI2ZGYGgFcdbnIA5ZuG1L75Maouz9MogLpTa1F20TTX6dK+
Z6Rw8k6dD6RN2CI1t4V7SXbJRm2g/h3VRfnhyvTqcMdo1mA1dHarGlqxU3X3CR85
v0GqWsuTz+Dx8FZzhnOKu/8k0JM8rIazgfb2cyOmD9hhCDYL6y7o0qFSdNpor4PP
stX1ZqxDMo1YtXtO38cSr3TZC746DBgUYkF8iO3jYiY/Ibgxa4A=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:10 2025 by rpki-client