Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YYYfgK9bSsALsB_hIoT9ObZghks.roa
File: YYYfgK9bSsALsB_hIoT9ObZghks.roa (raw, json)
Hash identifier: G+wnBFISbn/vQ6DkzK7KPYS0R2Bq9YDk5V6/eOFP308=
Subject key identifier: 61:86:1F:80:AF:5B:4A:C0:0B:B0:1F:E1:22:84:FD:39:B6:60:86:4B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0714
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YYYfgK9bSsALsB_hIoT9ObZghks.roa
Signing time: Fri 16 May 2025 12:38:42 +0000
ROA not before: Fri 16 May 2025 12:38:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1812 (0x714)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 12:38:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=61861F80AF5B4AC00BB01FE12284FD39B660864B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:49:bd:93:03:81:f9:4f:19:6e:3f:d0:1c:
87:1f:d5:28:d7:0c:3c:50:21:9d:c1:7f:59:69:77:
6f:46:6e:53:d0:16:be:ba:78:19:88:8c:3d:b9:34:
f8:01:1c:74:25:d8:8e:09:e2:07:9a:96:d1:dd:38:
de:ba:26:e0:c1:8a:e7:60:b6:ab:7e:1b:44:50:87:
6f:60:69:46:5a:e3:cf:ea:72:f4:f6:e7:e4:19:1f:
86:d5:74:76:80:90:50:49:d9:37:ba:fd:dc:25:7f:
90:d2:a9:60:53:f9:c7:78:86:7e:0e:cc:74:14:da:
ca:f4:c4:3a:1d:4b:0c:31:e8:ac:99:80:e8:49:a7:
ee:12:f4:7a:6d:d3:d2:22:41:79:a0:b6:f2:5f:2f:
13:e8:55:7c:a2:d1:da:bd:2f:7c:c4:a3:5b:c0:78:
47:0b:4f:b5:d5:37:98:48:4b:70:63:50:be:6e:e0:
6e:10:be:a3:31:bf:91:b8:47:28:68:39:4b:f5:be:
9e:40:63:d8:2f:1d:14:55:9b:d8:a3:4b:ae:fd:8b:
a9:c0:a6:33:41:61:63:ee:cc:fd:5f:6d:63:77:99:
ed:32:be:1a:69:8e:c2:4f:0d:4c:1a:08:28:91:a4:
41:9b:a9:1a:b3:0b:f9:75:ee:2d:98:72:eb:9b:50:
ab:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:86:1F:80:AF:5B:4A:C0:0B:B0:1F:E1:22:84:FD:39:B6:60:86:4B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YYYfgK9bSsALsB_hIoT9ObZghks.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:db:c3:17:0f:ef:5b:6a:fe:f7:e3:af:63:17:69:5f:fc:a0:
b1:4e:18:e3:ac:d7:ad:bf:f3:fa:fa:cd:dc:98:bd:4a:cc:7a:
cf:e6:e0:cc:75:46:46:5a:de:9e:67:d9:5f:4c:a9:fd:3d:94:
08:6a:6b:7f:98:18:30:43:38:a5:94:dd:00:2e:7a:3a:bf:3f:
cc:40:d8:1a:f7:ae:ad:1e:14:67:34:4f:1c:77:5d:6f:a1:3d:
5e:a2:9b:a6:70:07:3c:5c:ea:d8:ed:a9:04:15:33:f1:6e:65:
ec:79:99:1e:d4:a9:fb:de:ca:5b:e7:e2:a9:1d:4b:36:40:04:
1e:4e:c8:27:d3:72:2e:98:8c:ed:48:75:cf:4b:7f:da:22:6f:
4e:89:9a:f7:db:42:ae:29:c8:ed:8b:a4:7a:39:82:5c:72:73:
ce:50:fc:b7:7c:33:c7:fc:65:08:df:fa:a9:98:9e:06:05:a1:
a9:2a:4f:4c:97:6d:7c:85:e0:d6:37:d0:52:64:f7:65:60:3e:
f9:23:8e:e2:b5:46:9c:25:73:19:a7:aa:21:a0:5d:b9:be:cc:
b3:21:71:b7:d4:6f:71:9a:41:d5:53:30:01:25:5b:50:dc:f5:
58:05:00:dc:82:33:a3:4a:43:4a:37:c6:a7:ec:be:08:e9:38:
2b:56:54:58
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MjM4NDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYxODYxRjgwQUY1QjRB
QzAwQkIwMUZFMTIyODRGRDM5QjY2MDg2NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8QUm9kwOB+U8Zbj/QHIcf1SjXDDxQIZ3Bf1lpd29GblPQFr66
eBmIjD25NPgBHHQl2I4J4gealtHdON66JuDBiudgtqt+G0RQh29gaUZa48/qcvT2
5+QZH4bVdHaAkFBJ2Te6/dwlf5DSqWBT+cd4hn4OzHQU2sr0xDodSwwx6KyZgOhJ
p+4S9Hpt09IiQXmgtvJfLxPoVXyi0dq9L3zEo1vAeEcLT7XVN5hIS3BjUL5u4G4Q
vqMxv5G4RyhoOUv1vp5AY9gvHRRVm9ijS679i6nApjNBYWPuzP1fbWN3me0yvhpp
jsJPDUwaCCiRpEGbqRqzC/l17i2YcuubUKsNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYYYfgK9bSsALsB/hIoT9ObZghkswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZWVlmZ0s5YlNzQUxzQl9o
SW9UOU9iWmdoa3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHfbwxcP71tq/vfjr2MXaV/8oLFOGOOs162/
8/r6zdyYvUrMes/m4Mx1RkZa3p5n2V9Mqf09lAhqa3+YGDBDOKWU3QAuejq/P8xA
2Br3rq0eFGc0Txx3XW+hPV6im6ZwBzxc6tjtqQQVM/FuZex5mR7Uqfveylvn4qkd
SzZABB5OyCfTci6YjO1Idc9Lf9oib06JmvfbQq4pyO2LpHo5glxyc85Q/Ld8M8f8
ZQjf+qmYngYFoakqT0yXbXyF4NY30FJk92VgPvkjjuK1RpwlcxmnqiGgXbm+zLMh
cbfUb3GaQdVTMAElW1Dc9VgFANyCM6NKQ0o3xqfsvgjpOCtWVFg=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:22:35 2025 by rpki-client