Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wpdxGCmuKUVPUlzyNpDpZlLdHx8.roa
File: wpdxGCmuKUVPUlzyNpDpZlLdHx8.roa (raw, json)
Hash identifier: fCLMfq+eilczLbkbZGe+icbAqUMe2zna/wDZg+utilc=
Subject key identifier: C2:97:71:18:29:AE:29:45:4F:52:5C:F2:36:90:E9:66:52:DD:1F:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A44
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wpdxGCmuKUVPUlzyNpDpZlLdHx8.roa
Signing time: Wed 11 Jun 2025 02:40:29 +0000
ROA not before: Wed 11 Jun 2025 02:40:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6724 (0x1a44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 02:40:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C297711829AE29454F525CF23690E96652DD1F1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:46:5c:54:c9:1c:df:8f:61:e9:b9:57:81:fc:
3b:36:9e:69:07:9e:80:2d:36:03:78:6c:45:65:c4:
07:ab:5d:06:7f:32:96:cc:0c:04:fb:50:69:e8:e6:
31:aa:dd:77:bb:eb:5b:4d:2a:82:49:45:b7:7a:92:
2a:ff:ef:a3:ee:12:23:7d:33:8b:d1:1c:fa:69:ab:
8f:87:14:61:28:e8:5c:ac:1b:fc:d0:de:23:d4:5a:
4f:b3:16:6c:71:af:be:41:e6:56:dc:8d:39:1a:85:
8c:c5:fc:e9:ba:06:4f:43:78:ba:97:41:92:43:52:
e5:42:1c:3e:46:4b:9b:02:b0:bd:fe:e6:e1:e6:98:
a6:02:c7:86:0d:3f:e8:ae:f0:ae:b2:34:88:3e:ac:
a8:5a:ff:60:cb:6a:f3:9b:99:0e:a1:3e:1a:86:50:
d8:6d:2c:8e:b3:70:fd:6e:74:af:bb:3f:dd:1e:d3:
6e:f3:08:a0:16:55:46:cb:76:65:68:96:75:b9:b8:
87:74:2a:43:56:7c:09:93:16:21:d7:14:dd:9f:38:
87:09:06:76:48:aa:fb:30:46:b7:27:d4:7f:84:b4:
cc:b8:fd:b4:4b:79:94:ba:b6:49:fa:cf:54:a2:e9:
73:a3:03:06:43:50:ba:6e:ca:bf:8e:d6:0b:a1:f7:
28:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:97:71:18:29:AE:29:45:4F:52:5C:F2:36:90:E9:66:52:DD:1F:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wpdxGCmuKUVPUlzyNpDpZlLdHx8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:cb:69:15:d2:89:86:12:83:c1:59:2b:3c:77:25:2a:9e:47:
cd:b9:71:06:25:62:81:49:84:d3:46:33:a8:59:1e:34:ca:ae:
a5:29:f4:8a:c4:38:99:74:56:e7:07:67:08:0e:4f:05:17:3a:
e3:bd:3c:e4:19:63:50:1e:91:ea:2b:2d:12:59:6a:e6:61:f3:
1c:e8:93:15:3c:e2:cb:2a:fa:66:90:4c:05:f7:35:9d:97:60:
52:d7:75:14:1e:f2:32:01:98:7b:5b:2e:cc:9f:b8:6d:20:88:
22:d3:ad:ea:1d:06:dd:17:6f:a8:9e:18:bf:51:54:96:4c:31:
38:06:38:e4:1f:3a:99:a9:28:16:27:a9:a6:82:82:61:be:23:
72:ce:d3:7e:c3:46:2a:41:97:8f:93:44:b4:db:40:17:74:9b:
c6:c0:12:31:89:f0:1b:f4:a1:d6:47:79:d3:04:12:13:35:ec:
85:61:44:01:a9:11:5b:03:ef:2f:f1:54:01:2a:17:65:cd:cc:
1f:cc:04:de:dd:ed:34:6d:ee:29:c9:f2:fb:78:16:90:d0:82:
3e:f0:a4:23:2a:19:40:d3:6f:d0:9a:d7:35:8f:f9:20:9b:ce:
84:fc:39:ea:2b:13:95:f4:f6:43:6e:17:8b:bf:8b:c8:dc:96:
1b:77:ff:17
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGkQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
MjQwMjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMyOTc3MTE4MjlBRTI5
NDU0RjUyNUNGMjM2OTBFOTY2NTJERDFGMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7RlxUyRzfj2HpuVeB/Ds2nmkHnoAtNgN4bEVlxAerXQZ/MpbM
DAT7UGno5jGq3Xe761tNKoJJRbd6kir/76PuEiN9M4vRHPppq4+HFGEo6FysG/zQ
3iPUWk+zFmxxr75B5lbcjTkahYzF/Om6Bk9DeLqXQZJDUuVCHD5GS5sCsL3+5uHm
mKYCx4YNP+iu8K6yNIg+rKha/2DLavObmQ6hPhqGUNhtLI6zcP1udK+7P90e027z
CKAWVUbLdmVolnW5uId0KkNWfAmTFiHXFN2fOIcJBnZIqvswRrcn1H+EtMy4/bRL
eZS6tkn6z1Si6XOjAwZDULpuyr+O1guh9yiNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwpdxGCmuKUVPUlzyNpDpZlLdHx8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93cGR4R0NtdUtVVlBVbHp5
TnBEcFpsTGRIeDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAKrLaRXSiYYSg8FZKzx3JSqeR825cQYlYoFJ
hNNGM6hZHjTKrqUp9IrEOJl0VucHZwgOTwUXOuO9POQZY1AekeorLRJZauZh8xzo
kxU84ssq+maQTAX3NZ2XYFLXdRQe8jIBmHtbLsyfuG0giCLTreodBt0Xb6ieGL9R
VJZMMTgGOOQfOpmpKBYnqaaCgmG+I3LO037DRipBl4+TRLTbQBd0m8bAEjGJ8Bv0
odZHedMEEhM17IVhRAGpEVsD7y/xVAEqF2XNzB/MBN7d7TRt7inJ8vt4FpDQgj7w
pCMqGUDTb9Ca1zWP+SCbzoT8OeorE5X09kNuF4u/i8jclht3/xc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:55:15 2025 by rpki-client