Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Yv0plnlURBS15hDDgoInZTvA1MY.roa
File: Yv0plnlURBS15hDDgoInZTvA1MY.roa (raw, json)
Hash identifier: ihttq5fHIKahcZsngDt2mUSzGKL7OWG76qJY+Mx/hds=
Subject key identifier: 62:FD:29:96:79:54:44:14:B5:E6:10:C3:82:82:27:65:3B:C0:D4:C6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 09F4
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Yv0plnlURBS15hDDgoInZTvA1MY.roa
Signing time: Tue 20 May 2025 08:38:56 +0000
ROA not before: Tue 20 May 2025 08:38:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2548 (0x9f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 08:38:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=62FD299679544414B5E610C3828227653BC0D4C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:41:9d:4a:8f:d5:16:ea:2e:d9:eb:7f:4b:06:
11:28:63:d2:ee:37:d8:f9:21:75:25:65:42:00:b4:
78:8a:b8:22:cc:b9:e0:ad:d3:bd:c5:ac:88:24:24:
e7:c9:14:3c:63:62:7c:ba:e1:4d:3d:ea:80:51:8b:
04:25:33:b7:14:9b:62:82:54:b9:04:30:7a:b7:b6:
9f:78:aa:0d:00:b3:0d:05:fe:a1:0b:af:fc:f9:8a:
8c:e0:08:de:57:09:48:cb:3d:0a:4e:b5:c9:99:8a:
07:19:59:a5:57:2f:68:f3:af:37:32:b0:4e:bc:4f:
d8:70:d8:98:e2:f1:34:77:e8:5d:b3:8d:58:bd:9b:
74:71:9c:df:d8:39:c9:0e:e9:1c:fc:5a:40:7a:d3:
02:3d:9b:68:df:8f:89:60:ca:34:f4:b1:76:3b:04:
44:64:5e:35:11:34:a1:d0:71:bf:f4:e8:0b:6c:4f:
56:ae:4d:ce:58:a3:e5:9c:0c:0d:ed:c1:7d:bf:dc:
3c:92:21:ca:7a:8a:c8:57:fc:0b:87:3e:55:e1:19:
89:ad:43:f3:c1:2d:56:ea:5c:82:94:c2:11:09:84:
2b:fe:94:46:2e:40:c3:2f:78:e9:bc:85:ac:d2:2f:
b9:39:ab:81:4d:ba:71:d4:f4:5b:7e:a8:ea:63:99:
a6:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FD:29:96:79:54:44:14:B5:E6:10:C3:82:82:27:65:3B:C0:D4:C6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Yv0plnlURBS15hDDgoInZTvA1MY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:51:82:ad:cb:c0:5f:fe:75:2b:d6:e9:e2:2a:82:38:09:d3:
59:80:58:03:fc:10:d5:57:b9:18:12:ac:75:f1:2a:09:db:66:
fe:f5:3c:50:e9:82:b1:1e:a0:00:5a:07:15:54:d6:dc:06:a6:
75:27:fa:c2:d3:75:9e:fd:1d:44:2c:61:ef:6d:d2:19:c2:4e:
5e:52:3e:49:8f:52:26:23:74:72:6f:c4:64:f0:18:81:0a:22:
00:c4:c5:4c:65:f0:da:f7:aa:d0:e7:3e:28:8b:7d:25:81:82:
a5:52:a8:89:b6:9d:78:df:df:6c:8c:9c:1a:81:80:1b:19:e2:
5e:bd:47:cc:d2:87:be:76:b8:23:75:fa:60:51:75:ec:49:61:
75:03:24:89:22:c5:58:ca:c4:14:bf:74:ab:20:c0:28:4b:80:
95:bb:de:67:8b:f5:80:05:ca:59:a0:c2:32:5c:a6:48:4e:0e:
15:40:05:4b:c6:7c:4c:c5:fe:ed:f5:e2:0f:3e:f1:37:bb:36:
03:25:3f:78:27:cb:25:5b:3b:ef:7f:cf:a8:0a:25:b6:f3:e2:
40:14:9b:5b:21:4b:6e:c3:29:40:1c:4a:8a:9b:91:6b:02:d5:
ba:e8:78:e1:de:d2:f3:fc:00:a8:23:0e:db:8b:6c:ac:e5:4a:
e2:07:bf:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAw
ODM4NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYyRkQyOTk2Nzk1NDQ0
MTRCNUU2MTBDMzgyODIyNzY1M0JDMEQ0QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEQZ1Kj9UW6i7Z639LBhEoY9LuN9j5IXUlZUIAtHiKuCLMueCt
073FrIgkJOfJFDxjYny64U096oBRiwQlM7cUm2KCVLkEMHq3tp94qg0Asw0F/qEL
r/z5iozgCN5XCUjLPQpOtcmZigcZWaVXL2jzrzcysE68T9hw2Jji8TR36F2zjVi9
m3RxnN/YOckO6Rz8WkB60wI9m2jfj4lgyjT0sXY7BERkXjURNKHQcb/06AtsT1au
Tc5Yo+WcDA3twX2/3DySIcp6ishX/AuHPlXhGYmtQ/PBLVbqXIKUwhEJhCv+lEYu
QMMveOm8hazSL7k5q4FNunHU9Ft+qOpjmaaVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYv0plnlURBS15hDDgoInZTvA1MYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZdjBwbG5sVVJCUzE1aERE
Z29JblpUdkExTVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAHlRgq3LwF/+dSvW6eIqgjgJ01mAWAP8ENVX
uRgSrHXxKgnbZv71PFDpgrEeoABaBxVU1twGpnUn+sLTdZ79HUQsYe9t0hnCTl5S
PkmPUiYjdHJvxGTwGIEKIgDExUxl8Nr3qtDnPiiLfSWBgqVSqIm2nXjf32yMnBqB
gBsZ4l69R8zSh752uCN1+mBRdexJYXUDJIkixVjKxBS/dKsgwChLgJW73meL9YAF
ylmgwjJcpkhODhVABUvGfEzF/u314g8+8Te7NgMlP3gnyyVbO+9/z6gKJbbz4kAU
m1shS27DKUAcSoqbkWsC1broeOHe0vP8AKgjDtuLbKzlSuIHv0I=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:35 2025 by rpki-client