Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YAJ48LIGx3bbZrB5oYzm7d1k35M.roa
File: YAJ48LIGx3bbZrB5oYzm7d1k35M.roa (raw, json)
Hash identifier: lxIEjZYZ+Ylls7PlWhyVVE9y/8IhjAYF2NLDSqSN/2o=
Subject key identifier: 60:02:78:F0:B2:06:C7:76:DB:66:B0:79:A1:8C:E6:ED:DD:64:DF:93
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0114
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YAJ48LIGx3bbZrB5oYzm7d1k35M.roa
Signing time: Thu 08 May 2025 12:37:41 +0000
ROA not before: Thu 08 May 2025 12:37:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 276 (0x114)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 12:37:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=600278F0B206C776DB66B079A18CE6EDDD64DF93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:12:86:92:2f:3d:b7:94:63:ce:b5:e8:a6:6e:
92:6e:c2:4d:f5:41:43:ee:02:19:3e:38:4f:31:e8:
82:e9:9c:f5:62:3b:2d:24:58:71:33:22:5b:8c:0a:
79:4d:3f:ab:b7:81:20:20:55:6e:24:ff:01:56:86:
b2:1f:67:e2:fc:94:d3:a1:1f:ac:0c:69:70:74:f3:
5b:3e:24:20:8a:4c:1d:2a:ef:89:bf:fe:45:a0:a8:
06:b1:d8:ea:c7:2e:f9:1a:2b:44:54:02:2b:56:39:
74:d4:0b:7e:fc:c4:99:f9:41:7a:e5:75:69:7b:ed:
d6:18:70:53:88:e1:a9:d4:35:73:41:4e:35:26:e7:
81:19:3d:b3:20:70:92:fa:9a:81:3e:fa:70:3e:d3:
a6:af:87:77:32:ef:1d:40:f5:2b:10:5e:df:22:c4:
ba:d8:3c:bc:9e:e7:d1:a3:a9:26:6c:52:fe:9f:44:
91:9b:57:25:0f:3b:eb:94:05:51:0d:86:17:e4:08:
5c:e6:01:00:64:21:9b:bc:89:dd:46:59:97:bd:28:
aa:97:59:d6:7f:c5:ea:8e:a7:54:96:72:c1:c6:e7:
7f:33:16:44:80:9b:60:94:c5:39:c3:7d:03:14:a1:
ea:d6:b5:ca:36:cc:0d:f1:45:e3:78:0d:ee:17:ce:
fa:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:02:78:F0:B2:06:C7:76:DB:66:B0:79:A1:8C:E6:ED:DD:64:DF:93
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YAJ48LIGx3bbZrB5oYzm7d1k35M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:47:92:7f:04:f3:83:6f:eb:39:51:d2:56:f6:7b:b2:c8:32:
5e:b4:ff:a2:9a:b9:00:c3:b4:40:91:21:cf:12:68:cc:5f:0a:
81:cf:ae:83:82:eb:79:73:11:be:2b:a2:55:f9:e5:0b:62:bf:
27:fa:0b:4a:91:52:18:38:a1:03:b4:bc:08:14:c2:0a:a7:fd:
ea:f0:b7:40:6f:40:7e:09:58:e5:4f:62:ce:2d:46:84:12:15:
68:cb:ef:cb:a1:49:ce:bd:25:2b:38:d7:a2:59:49:57:9c:8e:
10:92:1c:4b:3c:6d:a3:38:e9:68:8c:cd:02:27:1c:25:b6:8d:
67:bd:e0:dd:6d:73:85:65:33:7c:33:e6:af:91:c8:6f:c6:e1:
c2:b6:11:63:d2:a8:c4:d7:42:84:3a:4d:09:db:1e:d7:67:eb:
53:fc:fa:bb:2f:82:a5:95:35:a2:36:f2:ed:cc:bc:09:e0:82:
58:56:90:6f:88:4f:9f:cc:a2:a4:a6:65:bd:34:9b:56:fb:91:
20:2a:9b:08:f8:1b:00:a8:be:97:8b:13:ec:62:8d:33:87:8b:
84:e3:a4:3e:4b:04:cd:c3:e7:de:07:3f:86:e1:bd:9f:4c:72:
28:16:f2:95:f6:20:5a:86:ce:6d:a9:97:32:9c:ef:bf:3f:34:
68:87:ca:16
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICARQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
MjM3NDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYwMDI3OEYwQjIwNkM3
NzZEQjY2QjA3OUExOENFNkVEREQ2NERGOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJEoaSLz23lGPOteimbpJuwk31QUPuAhk+OE8x6ILpnPViOy0k
WHEzIluMCnlNP6u3gSAgVW4k/wFWhrIfZ+L8lNOhH6wMaXB081s+JCCKTB0q74m/
/kWgqAax2OrHLvkaK0RUAitWOXTUC378xJn5QXrldWl77dYYcFOI4anUNXNBTjUm
54EZPbMgcJL6moE++nA+06avh3cy7x1A9SsQXt8ixLrYPLye59GjqSZsUv6fRJGb
VyUPO+uUBVENhhfkCFzmAQBkIZu8id1GWZe9KKqXWdZ/xeqOp1SWcsHG538zFkSA
m2CUxTnDfQMUoerWtco2zA3xReN4De4XzvohAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYAJ48LIGx3bbZrB5oYzm7d1k35MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZQUo0OExJR3gzYmJackI1
b1l6bTdkMWszNU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABhHkn8E84Nv6zlR0lb2e7LIMl60/6KauQDD
tECRIc8SaMxfCoHProOC63lzEb4rolX55Qtivyf6C0qRUhg4oQO0vAgUwgqn/erw
t0BvQH4JWOVPYs4tRoQSFWjL78uhSc69JSs416JZSVecjhCSHEs8baM46WiMzQIn
HCW2jWe94N1tc4VlM3wz5q+RyG/G4cK2EWPSqMTXQoQ6TQnbHtdn61P8+rsvgqWV
NaI28u3MvAngglhWkG+IT5/MoqSmZb00m1b7kSAqmwj4GwCovpeLE+xijTOHi4Tj
pD5LBM3D594HP4bhvZ9McigW8pX2IFqGzm2plzKc778/NGiHyhY=
-----END CERTIFICATE-----
Generated at Sat May 17 22:37:21 2025 by rpki-client