Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wUDLdaACQJVxpRqzUIyVPTmLCmo.roa
File: wUDLdaACQJVxpRqzUIyVPTmLCmo.roa (raw, json)
Hash identifier: T7eCmi41dP6sC3s72EVW95igIz5OQxJ/lhhGF+R7B3I=
Subject key identifier: C1:40:CB:75:A0:02:40:95:71:A5:1A:B3:50:8C:95:3D:39:8B:0A:6A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 21C8
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wUDLdaACQJVxpRqzUIyVPTmLCmo.roa
Signing time: Sat 21 Jun 2025 14:41:45 +0000
ROA not before: Sat 21 Jun 2025 14:41:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8648 (0x21c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 14:41:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C140CB75A002409571A51AB3508C953D398B0A6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:35:0e:23:b6:cb:2a:63:7f:1a:f8:97:04:bb:
1f:80:2d:f4:64:de:7b:06:51:ee:88:14:5b:bc:81:
36:b1:2b:b6:ec:56:87:57:82:ef:e8:ac:c0:0a:e9:
08:c0:31:76:b1:90:a9:3b:6b:d7:3d:02:c5:2a:72:
b1:ef:32:65:04:93:53:b6:ac:d0:62:d1:84:38:33:
10:6c:f3:50:54:b1:0c:4c:a5:26:f5:05:71:dd:24:
7d:5d:7b:93:8b:9f:65:b5:96:67:06:83:0c:ac:1c:
86:e2:be:84:75:6c:7c:6a:86:63:d4:9c:95:bf:57:
2f:db:01:72:29:88:6c:d3:91:12:46:f6:55:78:17:
0e:fe:04:cb:79:6b:03:e3:3d:cb:da:25:11:00:7f:
71:46:6c:78:35:1b:db:ed:e5:58:36:54:b5:b5:e3:
2c:a7:8f:d7:23:23:6b:f6:53:9b:a9:de:30:4f:0f:
23:a8:f7:5c:25:aa:fd:ad:cf:2f:ae:0f:ee:e9:32:
c6:0a:65:78:c3:bd:25:78:db:ad:00:f9:93:7d:33:
cb:80:d7:74:98:8f:d0:6f:58:25:2e:79:82:f1:09:
1f:db:a5:d4:e9:94:17:ad:00:44:1c:a8:1e:b8:72:
f5:e9:d0:d0:c4:70:c4:2a:88:df:a5:31:29:db:45:
c3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:40:CB:75:A0:02:40:95:71:A5:1A:B3:50:8C:95:3D:39:8B:0A:6A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wUDLdaACQJVxpRqzUIyVPTmLCmo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:94:59:13:b8:ea:ff:e1:09:18:f7:5d:dc:03:45:3f:24:65:
f4:e5:39:b2:96:dc:93:ad:8f:38:2f:07:30:ab:0f:ff:99:13:
95:20:52:e1:70:f1:28:ef:0f:a3:bf:53:3a:d3:a1:01:d1:48:
c1:b9:d7:cb:07:c6:84:d9:8a:b9:69:bf:e4:ed:fa:77:a2:94:
f7:25:a2:d4:f1:07:71:c4:87:1b:5b:1d:33:60:07:d7:61:41:
51:f5:0e:c3:4a:21:62:df:01:bd:cf:96:14:e1:b0:85:29:7b:
fd:7b:0a:d0:51:d7:89:52:e4:65:94:2e:d6:00:b7:be:ff:11:
04:d2:3d:85:cc:2c:77:94:61:3d:8c:24:07:01:fe:6a:76:53:
55:27:b0:cf:96:75:59:41:41:b4:9a:33:50:ef:14:f3:a7:c7:
75:5b:fe:be:96:f0:60:31:86:04:92:3d:5b:b3:e1:19:5d:be:
fb:03:a2:6b:b6:cb:75:e2:3a:dc:c1:13:28:d9:af:c0:e8:6b:
d0:5b:18:d9:29:fc:3c:8f:ae:05:4c:6b:ac:4f:d6:c0:52:29:
26:9c:82:8a:29:59:52:66:c8:71:57:82:66:59:5c:c5:49:67:
6e:4e:38:95:52:28:6a:47:3c:9a:ec:20:93:cc:77:c2:d3:72:
26:6b:2e:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIcgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEx
NDQxNDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMxNDBDQjc1QTAwMjQw
OTU3MUE1MUFCMzUwOEM5NTNEMzk4QjBBNkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZNQ4jtssqY38a+JcEux+ALfRk3nsGUe6IFFu8gTaxK7bsVodX
gu/orMAK6QjAMXaxkKk7a9c9AsUqcrHvMmUEk1O2rNBi0YQ4MxBs81BUsQxMpSb1
BXHdJH1de5OLn2W1lmcGgwysHIbivoR1bHxqhmPUnJW/Vy/bAXIpiGzTkRJG9lV4
Fw7+BMt5awPjPcvaJREAf3FGbHg1G9vt5Vg2VLW14yynj9cjI2v2U5up3jBPDyOo
91wlqv2tzy+uD+7pMsYKZXjDvSV4260A+ZN9M8uA13SYj9BvWCUueYLxCR/bpdTp
lBetAEQcqB64cvXp0NDEcMQqiN+lMSnbRcPXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwUDLdaACQJVxpRqzUIyVPTmLCmowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93VURMZGFBQ1FKVnhwUnF6
VUl5VlBUbUxDbW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAK2UWRO46v/hCRj3XdwDRT8kZfTlObKW3JOt
jzgvBzCrD/+ZE5UgUuFw8SjvD6O/UzrToQHRSMG518sHxoTZirlpv+Tt+neilPcl
otTxB3HEhxtbHTNgB9dhQVH1DsNKIWLfAb3PlhThsIUpe/17CtBR14lS5GWULtYA
t77/EQTSPYXMLHeUYT2MJAcB/mp2U1UnsM+WdVlBQbSaM1DvFPOnx3Vb/r6W8GAx
hgSSPVuz4RldvvsDomu2y3XiOtzBEyjZr8Doa9BbGNkp/DyPrgVMa6xP1sBSKSac
goopWVJmyHFXgmZZXMVJZ25OOJVSKGpHPJrsIJPMd8LTciZrLgY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:04 2025 by rpki-client