Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Welly9wI99U2o1yN2h4To5XY_4o.roa
File: Welly9wI99U2o1yN2h4To5XY_4o.roa (raw, json)
Hash identifier: uAjbW5jsTY+ojf3qlr0kRSlAzxlMJtuWYEHtZn0IySE=
Subject key identifier: 59:E9:65:CB:DC:08:F7:D5:36:A3:5C:8D:DA:1E:13:A3:95:D8:FF:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A14
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Welly9wI99U2o1yN2h4To5XY_4o.roa
Signing time: Tue 10 Jun 2025 20:39:43 +0000
ROA not before: Tue 10 Jun 2025 20:39:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6676 (0x1a14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 20:39:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=59E965CBDC08F7D536A35C8DDA1E13A395D8FF8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c0:57:0c:14:b1:68:c5:28:5b:5e:8c:1f:be:
5e:44:11:16:e3:0b:01:ce:c4:a5:ab:b4:35:cc:87:
62:81:fc:53:08:99:b8:f7:79:67:e1:e5:3b:ed:31:
9b:53:0a:e5:51:21:4f:20:94:3b:9f:61:ef:5e:0b:
64:08:c4:06:43:4f:16:d6:de:a8:eb:c4:b8:3a:e2:
2e:2d:1b:bd:3d:3d:20:70:f2:3c:7a:d4:c1:25:b8:
e3:c9:4e:7a:87:73:1e:7a:12:3a:9d:c5:fb:8e:cd:
df:cf:fb:3d:f9:87:54:6a:c2:74:95:27:a5:88:8e:
e2:ed:66:ed:33:28:a7:51:77:71:8b:54:3b:c2:6a:
19:4e:a5:73:ee:71:61:09:ee:56:5c:85:90:69:4c:
01:19:40:c7:40:e8:59:2f:53:19:89:2a:b5:bf:18:
36:c0:d2:7b:be:ec:6d:21:e8:3d:3e:28:f6:c3:64:
66:d7:d3:14:f6:87:b0:53:9a:57:d3:42:36:6e:15:
b8:eb:0f:11:08:f9:7a:fa:20:f9:13:85:92:51:30:
54:a9:ee:f6:7f:73:98:61:29:09:b0:bc:10:17:af:
64:04:0b:35:0e:bb:03:2c:98:98:4f:94:46:4b:b3:
7b:a4:cd:a7:e3:d2:70:68:97:43:8c:34:a8:51:b7:
88:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E9:65:CB:DC:08:F7:D5:36:A3:5C:8D:DA:1E:13:A3:95:D8:FF:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Welly9wI99U2o1yN2h4To5XY_4o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:b8:ed:73:ae:09:94:9b:fa:a5:76:94:1c:42:e1:7e:ed:97:
17:c0:55:ae:70:f4:88:9f:ba:79:e8:6b:3a:11:3e:e8:a4:00:
44:63:3a:9f:ed:ea:db:fc:35:ba:92:bc:54:9c:6d:19:f4:1c:
12:e4:45:0c:7b:3a:db:56:f9:74:53:32:e7:59:0f:db:9e:82:
a9:90:e7:34:3b:b9:e3:f9:57:f2:5d:e3:c4:d2:77:14:b3:ad:
9c:a3:d7:65:c2:8c:8b:7d:d4:fe:08:51:3d:a2:34:9f:11:2d:
c8:f6:23:7e:8e:73:9f:36:3d:62:98:ec:95:f9:e2:d7:84:20:
79:7b:29:1c:bc:98:1c:44:2d:85:f5:4b:dd:d2:9e:b7:42:37:
93:9a:7c:41:92:07:68:9e:44:3b:ae:0f:a9:d6:43:40:36:af:
86:fc:f2:bc:fa:18:f7:a2:82:09:34:d8:a9:5f:3d:13:23:0c:
f3:27:49:9e:23:0c:bc:46:29:26:c1:60:9d:d4:de:df:15:97:
84:53:cf:b0:3c:83:30:c7:d2:97:5a:a3:d3:1b:7d:6d:21:0e:
c2:a8:9c:18:68:a0:b5:37:cd:fa:33:e1:c3:c7:59:20:bd:45:
48:ad:34:35:89:c8:64:74:03:05:ab:0b:f5:9b:a7:23:73:16:
50:b4:66:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGhQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAy
MDM5NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU5RTk2NUNCREMwOEY3
RDUzNkEzNUM4RERBMUUxM0EzOTVEOEZGOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTwFcMFLFoxShbXowfvl5EERbjCwHOxKWrtDXMh2KB/FMImbj3
eWfh5TvtMZtTCuVRIU8glDufYe9eC2QIxAZDTxbW3qjrxLg64i4tG709PSBw8jx6
1MEluOPJTnqHcx56EjqdxfuOzd/P+z35h1RqwnSVJ6WIjuLtZu0zKKdRd3GLVDvC
ahlOpXPucWEJ7lZchZBpTAEZQMdA6FkvUxmJKrW/GDbA0nu+7G0h6D0+KPbDZGbX
0xT2h7BTmlfTQjZuFbjrDxEI+Xr6IPkThZJRMFSp7vZ/c5hhKQmwvBAXr2QECzUO
uwMsmJhPlEZLs3ukzafj0nBol0OMNKhRt4g7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWelly9wI99U2o1yN2h4To5XY/4owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XZWxseTl3STk5VTJvMXlO
Mmg0VG81WFlfNG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAFq47XOuCZSb+qV2lBxC4X7tlxfAVa5w9Iif
unnoazoRPuikAERjOp/t6tv8NbqSvFScbRn0HBLkRQx7OttW+XRTMudZD9uegqmQ
5zQ7ueP5V/Jd48TSdxSzrZyj12XCjIt91P4IUT2iNJ8RLcj2I36Oc582PWKY7JX5
4teEIHl7KRy8mBxELYX1S93SnrdCN5OafEGSB2ieRDuuD6nWQ0A2r4b88rz6GPei
ggk02KlfPRMjDPMnSZ4jDLxGKSbBYJ3U3t8Vl4RTz7A8gzDH0pdao9MbfW0hDsKo
nBhooLU3zfoz4cPHWSC9RUitNDWJyGR0AwWrC/WbpyNzFlC0Zkk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:14:11 2025 by rpki-client