Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YYjOXdLCHkrjuFSJwQkEpyVLD5w.roa
File: YYjOXdLCHkrjuFSJwQkEpyVLD5w.roa (raw, json)
Hash identifier: mqhtR9Po6aBKDDlUMJN1cKbA79jB5RXRF7j5nqkM6Rc=
Subject key identifier: 61:88:CE:5D:D2:C2:1E:4A:E3:B8:54:89:C1:09:04:A7:25:4B:0F:9C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E7C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YYjOXdLCHkrjuFSJwQkEpyVLD5w.roa
Signing time: Mon 26 May 2025 09:38:40 +0000
ROA not before: Mon 26 May 2025 09:38:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3708 (0xe7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 09:38:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6188CE5DD2C21E4AE3B85489C10904A7254B0F9C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5f:6d:1f:a0:5b:d6:64:ba:54:59:39:fa:88:
79:ec:f9:cd:8c:2c:02:27:2f:5e:25:21:58:6c:d9:
56:93:38:82:f2:ee:fa:d2:af:73:d9:06:c4:82:a1:
6b:1f:f2:fb:73:85:77:eb:7e:5c:34:4c:e4:f1:d4:
c9:8e:b8:84:d2:b2:d6:e3:8d:45:46:3c:58:72:79:
db:6f:af:9e:82:3c:86:f4:ff:c6:04:cf:c1:a7:81:
5d:45:c6:da:73:15:15:36:41:e6:0d:71:36:1f:d0:
ac:71:f2:71:1c:96:b7:ce:e3:f0:29:eb:f8:a3:d5:
bd:40:ad:87:41:d3:96:57:6d:60:3d:58:d0:6e:90:
09:9e:f7:d4:5c:48:1f:0c:c9:29:66:1c:a8:66:80:
c4:2b:75:7f:15:cb:26:0f:62:6f:db:d5:b5:92:a1:
dc:f5:a9:08:be:47:3b:dc:e6:a7:10:8e:b4:c5:39:
c3:4b:3b:ab:64:87:2d:71:51:41:e0:a9:06:64:96:
b0:8d:b7:d5:a9:9b:b2:f2:07:92:90:41:7d:ed:ba:
8e:2c:c6:73:d5:32:7a:5f:56:23:10:ef:31:fd:c0:
cc:e0:a0:e5:02:1c:2c:27:7f:47:57:7f:34:fe:8a:
87:4c:d5:37:90:8f:33:c0:8f:b3:2b:99:87:d3:33:
0e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:88:CE:5D:D2:C2:1E:4A:E3:B8:54:89:C1:09:04:A7:25:4B:0F:9C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YYjOXdLCHkrjuFSJwQkEpyVLD5w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:a3:04:36:d0:03:14:64:c9:37:5b:e2:bc:b8:be:a0:97:85:
ef:af:d8:a6:a9:c7:0f:7a:1b:a5:8b:20:7a:74:92:bb:10:bd:
47:f5:07:aa:67:14:1b:e2:5b:9c:6d:41:8b:97:83:fa:51:2c:
11:37:1c:4f:58:c5:fb:70:e5:7c:d7:cb:f2:b5:bf:75:c3:a2:
a8:af:73:1e:e0:ce:24:06:77:7c:a8:04:18:f9:8b:f1:d1:2b:
ba:53:36:4f:12:65:a1:4a:22:f4:9f:a3:2e:a0:4f:2f:67:73:
5e:27:45:5e:86:45:b8:a6:c0:91:da:39:1f:fb:f0:63:95:2f:
a3:63:08:4a:37:9b:39:6b:96:ad:85:06:f2:f9:33:7d:6c:7d:
2a:7c:ce:d0:90:03:2e:b5:de:85:07:69:0d:5d:09:ea:46:be:
7a:fb:5b:f7:26:06:11:3e:b7:4e:3a:e3:fe:cf:e1:07:d5:a7:
a7:3c:05:92:31:27:3b:39:68:e5:bb:eb:b5:16:7c:a1:6e:01:
3e:a3:04:37:fb:5e:45:bf:ec:c8:2b:20:6c:1c:d9:be:f8:ba:
cd:ce:b8:bb:b8:53:91:90:55:18:ec:9c:b8:19:32:18:9f:d0:
4d:f2:fe:57:bd:b9:52:2b:cf:fe:b9:89:22:31:d3:6c:a0:ef:
02:fe:12:ef
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
OTM4NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYxODhDRTVERDJDMjFF
NEFFM0I4NTQ4OUMxMDkwNEE3MjU0QjBGOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgX20foFvWZLpUWTn6iHns+c2MLAInL14lIVhs2VaTOILy7vrS
r3PZBsSCoWsf8vtzhXfrflw0TOTx1MmOuITSstbjjUVGPFhyedtvr56CPIb0/8YE
z8GngV1FxtpzFRU2QeYNcTYf0Kxx8nEclrfO4/Ap6/ij1b1ArYdB05ZXbWA9WNBu
kAme99RcSB8MySlmHKhmgMQrdX8VyyYPYm/b1bWSodz1qQi+Rzvc5qcQjrTFOcNL
O6tkhy1xUUHgqQZklrCNt9Wpm7LyB5KQQX3tuo4sxnPVMnpfViMQ7zH9wMzgoOUC
HCwnf0dXfzT+iodM1TeQjzPAj7MrmYfTMw5tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYYjOXdLCHkrjuFSJwQkEpyVLD5wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZWWpPWGRMQ0hrcmp1RlNK
d1FrRXB5VkxENXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAIGjBDbQAxRkyTdb4ry4vqCXhe+v2Kapxw96
G6WLIHp0krsQvUf1B6pnFBviW5xtQYuXg/pRLBE3HE9Yxftw5XzXy/K1v3XDoqiv
cx7gziQGd3yoBBj5i/HRK7pTNk8SZaFKIvSfoy6gTy9nc14nRV6GRbimwJHaOR/7
8GOVL6NjCEo3mzlrlq2FBvL5M31sfSp8ztCQAy613oUHaQ1dCepGvnr7W/cmBhE+
t0464/7P4QfVp6c8BZIxJzs5aOW767UWfKFuAT6jBDf7XkW/7MgrIGwc2b74us3O
uLu4U5GQVRjsnLgZMhif0E3y/le9uVIrz/65iSIx02yg7wL+Eu8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:45:23 2025 by rpki-client