Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ly2JeJ8oxG9ero1ilmD4z34NIbg.roa
File: ly2JeJ8oxG9ero1ilmD4z34NIbg.roa (raw, json)
Hash identifier: 0EJc90Nkljm7PWVL7mwgvB88UWM4Fa9MJwdPHbuBPSU=
Subject key identifier: 97:2D:89:78:9F:28:C4:6F:5E:AE:8D:62:96:60:F8:CF:7E:0D:21:B8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16A4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ly2JeJ8oxG9ero1ilmD4z34NIbg.roa
Signing time: Fri 06 Jun 2025 06:39:26 +0000
ROA not before: Fri 06 Jun 2025 06:39:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5796 (0x16a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 06:39:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=972D89789F28C46F5EAE8D629660F8CF7E0D21B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ea:c5:f9:85:e8:18:ea:7d:16:04:f3:a7:8b:
81:2d:41:ca:da:83:30:61:db:d6:38:d9:96:74:e9:
68:0d:2d:3f:09:34:fa:55:7d:73:fa:e7:04:63:c9:
cb:80:54:3b:49:82:37:1c:f7:bc:9e:52:68:03:29:
e0:67:8f:0e:ff:94:ce:b8:58:48:34:0d:69:6d:8f:
68:5c:07:a2:26:10:58:2f:6d:06:da:5e:f3:e2:cd:
77:7f:d5:14:73:d5:cb:b7:6c:f9:cd:1a:53:63:ed:
fb:1d:0d:45:73:16:9b:6f:6e:1c:34:b4:87:b1:04:
3f:c9:98:04:33:38:f3:16:53:0e:e8:31:ea:cd:5d:
ab:37:f4:72:6b:2e:68:fd:eb:5b:94:49:91:42:ab:
c9:04:af:07:c3:2d:a5:90:48:53:26:f1:86:79:d1:
35:1b:ab:93:43:87:b2:21:38:1c:e6:9c:fb:26:7d:
d0:4a:75:f2:6d:ba:9c:21:ec:ef:81:86:0e:a4:cf:
bf:35:9c:bd:59:4e:42:a2:1c:d7:70:6c:c6:89:b7:
f2:d8:6a:f2:f3:00:6b:68:92:a3:13:e4:35:30:75:
c5:96:ef:d2:24:b7:d1:97:4f:83:65:f5:ce:ba:c0:
ab:89:8e:57:67:3b:36:e7:c2:a5:b6:41:0d:ae:4e:
13:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2D:89:78:9F:28:C4:6F:5E:AE:8D:62:96:60:F8:CF:7E:0D:21:B8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ly2JeJ8oxG9ero1ilmD4z34NIbg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:83:67:1a:0b:3b:cf:aa:68:b9:b5:9e:6e:54:29:53:4e:aa:
7a:de:cd:d6:9e:37:67:47:8b:b0:10:62:b8:ec:b9:18:30:a1:
94:07:99:3d:b4:d1:62:db:3f:ed:23:9c:ab:71:4f:f7:6f:50:
d7:a6:6e:ea:aa:fd:3e:42:65:5a:d6:3f:83:b7:ba:42:df:54:
c7:f4:bf:d0:ab:e6:ca:4b:c9:b5:a0:17:3e:31:3a:bf:da:a1:
fa:0b:6b:80:2e:ff:03:95:27:07:bc:b4:a9:9b:ec:6f:20:d5:
08:02:c7:6e:09:a8:bb:d1:0e:2b:5e:0e:54:85:13:e2:64:8f:
a7:10:f8:05:5e:d1:cb:be:0c:21:a4:9a:b3:ca:09:7b:6e:b2:
b2:2a:1c:5e:c3:5f:49:01:9f:4d:82:37:e6:a3:f5:bf:a0:56:
88:96:67:86:4d:15:07:a2:a4:ef:a8:7a:b7:6f:5e:5b:1d:fa:
22:84:b2:bf:e3:a3:39:86:78:83:e5:6d:32:ee:62:5d:29:29:
04:b0:31:69:0f:db:cb:55:1d:03:ec:b2:4a:da:46:d9:ce:2a:
90:b4:1a:cd:22:de:2e:fb:42:20:9f:1a:60:b3:54:c1:7f:30:
59:46:79:81:93:49:b5:db:d6:54:4e:9a:a0:8a:76:e9:86:56:
21:eb:b3:01
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFqQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
NjM5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk3MkQ4OTc4OUYyOEM0
NkY1RUFFOEQ2Mjk2NjBGOENGN0UwRDIxQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG6sX5hegY6n0WBPOni4EtQcragzBh29Y42ZZ06WgNLT8JNPpV
fXP65wRjycuAVDtJgjcc97yeUmgDKeBnjw7/lM64WEg0DWltj2hcB6ImEFgvbQba
XvPizXd/1RRz1cu3bPnNGlNj7fsdDUVzFptvbhw0tIexBD/JmAQzOPMWUw7oMerN
Xas39HJrLmj961uUSZFCq8kErwfDLaWQSFMm8YZ50TUbq5NDh7IhOBzmnPsmfdBK
dfJtupwh7O+Bhg6kz781nL1ZTkKiHNdwbMaJt/LYavLzAGtokqMT5DUwdcWW79Ik
t9GXT4Nl9c66wKuJjldnOzbnwqW2QQ2uThPZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUly2JeJ8oxG9ero1ilmD4z34NIbgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9seTJKZUo4b3hHOWVybzFp
bG1ENHozNE5JYmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABWDZxoLO8+qaLm1nm5UKVNOqnrezdaeN2dH
i7AQYrjsuRgwoZQHmT200WLbP+0jnKtxT/dvUNembuqq/T5CZVrWP4O3ukLfVMf0
v9Cr5spLybWgFz4xOr/aofoLa4Au/wOVJwe8tKmb7G8g1QgCx24JqLvRDiteDlSF
E+Jkj6cQ+AVe0cu+DCGkmrPKCXtusrIqHF7DX0kBn02CN+aj9b+gVoiWZ4ZNFQei
pO+oerdvXlsd+iKEsr/jozmGeIPlbTLuYl0pKQSwMWkP28tVHQPsskraRtnOKpC0
Gs0i3i77QiCfGmCzVMF/MFlGeYGTSbXb1lROmqCKdumGViHrswE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:28:44 2025 by rpki-client