Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/W4K5KSvZKPdfA8ISN7dc1Rp0jP4.roa
File: W4K5KSvZKPdfA8ISN7dc1Rp0jP4.roa (raw, json)
Hash identifier: z6mjtyxSuWgpZ9JaFOlnBhd48BtvkqmcREjnD61jzSk=
Subject key identifier: 5B:82:B9:29:2B:D9:28:F7:5F:03:C2:12:37:B7:5C:D5:1A:74:8C:FE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1680
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W4K5KSvZKPdfA8ISN7dc1Rp0jP4.roa
Signing time: Fri 06 Jun 2025 02:09:26 +0000
ROA not before: Fri 06 Jun 2025 02:09:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5760 (0x1680)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 02:09:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5B82B9292BD928F75F03C21237B75CD51A748CFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5e:b3:d3:aa:e1:c0:87:86:69:4b:d1:04:85:
90:65:5e:11:dd:af:57:b1:3c:b2:4f:98:0c:62:1e:
20:95:18:40:f7:f6:68:22:87:3d:be:11:19:00:28:
2a:12:0a:19:97:cd:0c:4d:18:8a:b3:51:f2:1a:03:
d4:78:e8:28:9c:e6:77:0f:da:76:dc:9d:86:83:9e:
3d:10:36:bb:77:98:fa:03:cf:6d:d6:b1:c3:2a:d9:
7d:80:6d:3c:1a:aa:18:67:e3:74:ab:02:d1:03:0d:
97:6f:89:10:48:0c:16:c7:b4:9e:eb:d8:cc:d6:03:
74:48:8c:be:1e:14:d4:88:54:e4:73:40:b4:31:4a:
43:6f:63:37:0c:ea:a9:57:ad:5f:6d:96:86:5d:07:
1f:ba:58:a9:1b:4b:12:6f:d6:08:29:74:29:22:c5:
e2:9f:73:6c:40:7c:c4:cf:c1:28:6e:70:10:a8:31:
94:13:1a:a3:c5:0d:72:0e:4b:b5:fd:f1:e3:b5:69:
bd:b0:83:83:02:24:44:ee:b4:2c:ce:b9:b4:11:c9:
e1:78:29:e6:b6:f5:df:5a:7c:25:4a:84:ea:ca:88:
51:b5:c4:54:a8:a1:31:1c:df:0c:cf:19:d7:f0:d1:
49:89:11:13:30:fd:b1:0e:24:46:3a:06:0f:f5:0f:
f1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:82:B9:29:2B:D9:28:F7:5F:03:C2:12:37:B7:5C:D5:1A:74:8C:FE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W4K5KSvZKPdfA8ISN7dc1Rp0jP4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:0d:b2:2d:d4:38:6c:14:ee:6a:46:da:ec:ee:b2:87:9f:34:
43:8d:20:04:37:44:ad:f4:c0:e9:e3:f0:be:60:06:ea:db:5f:
90:d3:cc:74:af:2a:23:c2:de:8d:60:d5:35:ac:4a:76:4d:f1:
50:e7:73:01:80:a7:d8:25:5a:24:8e:09:d3:b6:8e:8a:5b:d0:
b6:42:32:e5:88:55:c1:08:64:48:3d:da:c3:37:86:41:2d:1e:
8e:13:ba:96:fc:26:6d:c4:18:67:18:cd:cd:4b:0b:2d:d4:ca:
55:06:9c:b1:11:06:dd:b4:86:dc:28:6f:a5:bf:22:a8:be:ca:
20:68:c1:57:9c:e9:90:89:16:d9:ca:a8:8b:fb:a0:4f:78:e4:
24:3d:4b:07:9c:15:14:24:d1:0d:a4:04:ac:e6:74:ca:1a:54:
1a:b1:c9:cb:f8:dd:f2:01:bc:fd:ca:e4:88:1b:98:7b:6c:b1:
da:7c:15:b2:c9:c1:89:f4:20:9e:e1:da:0f:29:df:d0:92:2c:
05:dc:5e:8d:db:3a:aa:09:9c:7d:e1:98:3f:2f:e6:90:a2:60:
20:49:9f:e9:e5:28:b7:2a:5b:85:80:b9:04:fb:95:a9:d2:55:
77:6b:78:e8:4a:c0:49:78:0a:82:a9:33:15:e9:d4:fa:d5:12:
51:ce:71:c9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFoAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
MjA5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVCODJCOTI5MkJEOTI4
Rjc1RjAzQzIxMjM3Qjc1Q0Q1MUE3NDhDRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrXrPTquHAh4ZpS9EEhZBlXhHdr1exPLJPmAxiHiCVGED39mgi
hz2+ERkAKCoSChmXzQxNGIqzUfIaA9R46Cic5ncP2nbcnYaDnj0QNrt3mPoDz23W
scMq2X2AbTwaqhhn43SrAtEDDZdviRBIDBbHtJ7r2MzWA3RIjL4eFNSIVORzQLQx
SkNvYzcM6qlXrV9tloZdBx+6WKkbSxJv1ggpdCkixeKfc2xAfMTPwShucBCoMZQT
GqPFDXIOS7X98eO1ab2wg4MCJETutCzOubQRyeF4Kea29d9afCVKhOrKiFG1xFSo
oTEc3wzPGdfw0UmJERMw/bEOJEY6Bg/1D/EbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUW4K5KSvZKPdfA8ISN7dc1Rp0jP4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XNEs1S1N2WktQZGZBOElT
TjdkYzFScDBqUDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABYNsi3UOGwU7mpG2uzusoefNEONIAQ3RK30
wOnj8L5gBurbX5DTzHSvKiPC3o1g1TWsSnZN8VDncwGAp9glWiSOCdO2jopb0LZC
MuWIVcEIZEg92sM3hkEtHo4Tupb8Jm3EGGcYzc1LCy3UylUGnLERBt20htwob6W/
Iqi+yiBowVec6ZCJFtnKqIv7oE945CQ9SwecFRQk0Q2kBKzmdMoaVBqxycv43fIB
vP3K5IgbmHtssdp8FbLJwYn0IJ7h2g8p39CSLAXcXo3bOqoJnH3hmD8v5pCiYCBJ
n+nlKLcqW4WAuQT7lanSVXdreOhKwEl4CoKpMxXp1PrVElHOcck=
-----END CERTIFICATE-----
Generated at Fri Jun 20 13:12:19 2025 by rpki-client