Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/3YYO_RQ_SRkvhbsgHst1tMbsKAY.roa
File: 3YYO_RQ_SRkvhbsgHst1tMbsKAY.roa (raw, json)
Hash identifier: ooCp+9W3xM9n93qSQzkMfIWDvOORCq754q8crW60UJ4=
Subject key identifier: DD:86:0E:FD:14:3F:49:19:2F:85:BB:20:1E:CB:75:B4:C6:EC:28:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0800
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3YYO_RQ_SRkvhbsgHst1tMbsKAY.roa
Signing time: Sat 17 May 2025 18:08:12 +0000
ROA not before: Sat 17 May 2025 18:08:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2048 (0x800)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 18:08:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DD860EFD143F49192F85BB201ECB75B4C6EC2806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8f:45:12:5d:1a:22:8f:11:a4:50:f3:27:fd:
eb:bc:54:01:54:59:f0:0f:33:6d:4e:76:40:46:7c:
c7:c2:e0:b0:b8:38:10:28:dc:ec:3b:78:ee:66:a1:
47:30:78:a1:d5:2f:e0:24:42:d9:98:7f:ed:9e:88:
b9:8a:64:cd:ff:0b:9f:5d:64:ac:a5:c7:46:2f:7d:
e6:80:cf:82:65:79:f8:d0:58:93:ce:f0:42:ee:b0:
0e:6b:9a:b5:e3:55:61:9e:c7:8b:00:ac:e3:45:9f:
c9:7a:76:24:98:dd:ef:60:ab:2d:5c:f2:86:59:e9:
8d:40:8e:0d:aa:d0:37:a6:e0:26:9d:68:89:76:1e:
77:8d:6e:89:8c:c9:03:4d:03:52:a8:fb:c9:0b:ab:
79:5d:bd:3a:13:32:5d:6f:df:0e:d4:42:db:65:66:
0f:02:6d:db:da:5a:b9:a5:f5:8b:8d:32:b0:0d:80:
15:a6:71:de:06:30:de:5a:c0:0a:8d:cb:83:b2:c4:
8c:81:a6:d7:59:e3:d4:d5:c0:72:a4:b3:6c:c1:82:
45:92:b2:ec:05:b7:49:b6:e4:23:15:32:0b:8f:65:
b5:bf:37:c5:c3:ba:b9:a9:7b:be:a0:5f:32:47:b9:
54:ac:e5:91:d0:fa:06:42:cd:5d:6a:6b:35:db:59:
4c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:86:0E:FD:14:3F:49:19:2F:85:BB:20:1E:CB:75:B4:C6:EC:28:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3YYO_RQ_SRkvhbsgHst1tMbsKAY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:5e:66:d5:e8:fa:04:41:9b:d7:0c:df:b5:73:19:c7:f5:2b:
be:1c:cb:22:c2:69:ba:19:4c:eb:9d:04:98:9e:b6:c6:40:f0:
7a:60:f1:43:35:fd:b0:c7:7b:e9:d4:38:91:12:cc:fd:5c:8b:
dd:1b:00:df:57:05:75:61:77:74:8a:ca:e1:86:9b:de:07:2c:
3d:3e:b0:0e:3e:f6:69:3e:44:82:9c:9c:e2:78:8b:0e:d3:2a:
a7:1c:83:e3:cb:95:48:ca:95:17:d9:ad:e0:69:d0:10:d8:3b:
26:54:9e:d0:0d:83:2a:3d:18:45:fa:aa:b9:24:cc:eb:cc:fa:
2a:c8:1f:92:92:04:f3:4d:a8:dc:8d:7b:ad:a6:a7:fb:2b:c1:
77:b1:4f:29:9c:09:0d:54:bc:7b:10:47:ee:6a:bd:3a:72:67:
1e:67:aa:e7:96:d7:27:92:42:63:5a:d4:f5:99:11:e9:79:81:
63:e7:c1:2f:07:7e:53:ec:0d:e0:6f:66:cd:1e:08:6d:dc:f6:
06:d7:25:3c:49:2f:65:31:f5:f5:83:e0:14:b0:03:59:b2:d2:
6e:fd:54:de:4a:6b:6b:9f:16:01:50:07:fe:9d:39:78:14:9a:
76:89:0c:2a:e4:93:1b:de:e3:18:16:84:c8:28:6f:2b:2f:b4:
36:93:db:70
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCAAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
ODA4MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEREODYwRUZEMTQzRjQ5
MTkyRjg1QkIyMDFFQ0I3NUI0QzZFQzI4MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrj0USXRoijxGkUPMn/eu8VAFUWfAPM21OdkBGfMfC4LC4OBAo
3Ow7eO5moUcweKHVL+AkQtmYf+2eiLmKZM3/C59dZKylx0YvfeaAz4JlefjQWJPO
8ELusA5rmrXjVWGex4sArONFn8l6diSY3e9gqy1c8oZZ6Y1Ajg2q0Dem4CadaIl2
HneNbomMyQNNA1Ko+8kLq3ldvToTMl1v3w7UQttlZg8CbdvaWrml9YuNMrANgBWm
cd4GMN5awAqNy4OyxIyBptdZ49TVwHKks2zBgkWSsuwFt0m25CMVMguPZbW/N8XD
urmpe76gXzJHuVSs5ZHQ+gZCzV1qazXbWUyLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3YYO/RQ/SRkvhbsgHst1tMbsKAYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zWVlPX1JRX1NSa3ZoYnNn
SHN0MXRNYnNLQVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAAReZtXo+gRBm9cM37VzGcf1K74cyyLCaboZ
TOudBJietsZA8Hpg8UM1/bDHe+nUOJESzP1ci90bAN9XBXVhd3SKyuGGm94HLD0+
sA4+9mk+RIKcnOJ4iw7TKqccg+PLlUjKlRfZreBp0BDYOyZUntANgyo9GEX6qrkk
zOvM+irIH5KSBPNNqNyNe62mp/srwXexTymcCQ1UvHsQR+5qvTpyZx5nqueW1yeS
QmNa1PWZEel5gWPnwS8HflPsDeBvZs0eCG3c9gbXJTxJL2Ux9fWD4BSwA1my0m79
VN5Ka2ufFgFQB/6dOXgUmnaJDCrkkxve4xgWhMgobysvtDaT23A=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:00:45 2025 by rpki-client