Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ICoODwceJ4sHwL4l5u7pVhZj06s.roa
File: ICoODwceJ4sHwL4l5u7pVhZj06s.roa (raw, json)
Hash identifier: PNhd2U4BjTeJbQidr/0p96Hw1xcwmG9JFtpNPRlZ5Yg=
Subject key identifier: 20:2A:0E:0F:07:1E:27:8B:07:C0:BE:25:E6:EE:E9:56:16:63:D3:AB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 047C
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ICoODwceJ4sHwL4l5u7pVhZj06s.roa
Signing time: Tue 13 May 2025 01:37:58 +0000
ROA not before: Tue 13 May 2025 01:37:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148 (0x47c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 01:37:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=202A0E0F071E278B07C0BE25E6EEE9561663D3AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b5:fb:6c:a3:28:d8:26:ec:60:9c:44:de:60:
8a:ef:4e:e7:86:81:44:c2:55:75:fd:06:75:b1:d8:
9b:b9:b2:83:9f:a6:1e:02:63:fc:91:20:b8:cd:26:
6e:f4:31:19:81:b5:3d:1e:5c:de:80:e9:60:0e:f9:
1f:85:78:07:5e:ae:56:7f:3e:9c:c7:14:b1:37:b3:
29:73:1b:c2:06:3f:75:f6:da:21:75:fe:a9:e7:10:
6a:99:4e:a7:d6:29:17:6f:49:f2:0f:ea:e1:44:7c:
80:dd:a9:5a:c7:5d:9e:db:d8:62:3b:49:56:be:58:
f5:5d:5a:b3:74:6a:26:46:15:03:91:5a:49:90:ed:
8f:59:4a:bb:34:6a:df:04:3a:cb:59:8e:8f:a7:ff:
dd:81:69:22:0d:a7:2e:cd:45:ae:ac:f5:f4:27:2b:
5f:17:af:e5:1e:1e:83:66:ec:07:c9:06:a1:b1:76:
9a:b6:7c:04:e0:ff:81:f8:33:88:8b:60:9c:09:03:
a5:f9:6a:08:c6:5e:56:dd:eb:dd:ec:e8:7b:0a:35:
20:dd:72:2f:78:d0:c6:a7:47:cf:8b:95:15:fe:a3:
b2:c6:fd:e9:b2:43:46:9c:e3:56:1b:f8:bc:f8:9e:
e3:fb:c6:3d:d9:fb:89:7e:a6:a5:d0:c1:06:2a:b9:
66:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2A:0E:0F:07:1E:27:8B:07:C0:BE:25:E6:EE:E9:56:16:63:D3:AB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ICoODwceJ4sHwL4l5u7pVhZj06s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:d3:8f:d0:50:00:6e:60:4b:21:ee:0f:68:86:6f:a1:40:5c:
db:e1:94:81:db:c3:9b:43:59:ab:96:e1:12:9e:06:02:65:ff:
50:5b:74:fb:a3:78:53:67:e0:fc:f8:65:22:50:d8:c9:05:d8:
f3:47:5b:8a:b4:13:61:da:76:56:bd:80:58:5f:c3:f4:ed:b4:
95:fd:13:d1:6e:8e:1e:47:94:22:df:f5:e8:74:5e:9c:3e:c1:
b8:26:55:0c:bc:37:8d:51:b0:fb:40:b6:22:58:b9:ed:4c:ec:
e5:f6:62:ee:76:c3:2d:5a:e3:9a:44:f4:80:30:89:0f:ff:8e:
55:b4:51:16:41:36:d1:56:05:63:d5:9b:cf:a8:fd:08:b9:e2:
65:68:8a:f2:98:6c:bd:82:0e:c5:ac:5e:54:7e:83:78:1f:97:
7d:40:2d:b2:f4:96:6f:d1:e3:61:1b:fe:62:fd:b9:d3:39:fb:
66:b6:90:37:a2:ca:6c:6f:49:fe:b2:39:70:91:25:c1:0a:15:
7a:c5:5e:3f:b5:47:82:0f:88:d6:d0:86:e4:7f:f4:47:2b:e7:
81:1d:31:a3:84:1a:98:04:ea:99:79:40:4e:8e:84:09:e6:01:
0a:90:dd:1a:d5:0a:1a:37:3a:82:44:9c:fb:6a:c5:05:d0:ba:
16:38:9b:da
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
MTM3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIwMkEwRTBGMDcxRTI3
OEIwN0MwQkUyNUU2RUVFOTU2MTY2M0QzQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUtftsoyjYJuxgnETeYIrvTueGgUTCVXX9BnWx2Ju5soOfph4C
Y/yRILjNJm70MRmBtT0eXN6A6WAO+R+FeAderlZ/PpzHFLE3sylzG8IGP3X22iF1
/qnnEGqZTqfWKRdvSfIP6uFEfIDdqVrHXZ7b2GI7SVa+WPVdWrN0aiZGFQORWkmQ
7Y9ZSrs0at8EOstZjo+n/92BaSINpy7NRa6s9fQnK18Xr+UeHoNm7AfJBqGxdpq2
fATg/4H4M4iLYJwJA6X5agjGXlbd693s6HsKNSDdci940ManR8+LlRX+o7LG/emy
Q0ac41Yb+Lz4nuP7xj3Z+4l+pqXQwQYquWazAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUICoODwceJ4sHwL4l5u7pVhZj06swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JQ29PRHdjZUo0c0h3TDRs
NXU3cFZoWmowNnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBABnTj9BQAG5gSyHuD2iGb6FAXNvhlIHbw5tD
WauW4RKeBgJl/1BbdPujeFNn4Pz4ZSJQ2MkF2PNHW4q0E2Hadla9gFhfw/TttJX9
E9Fujh5HlCLf9eh0Xpw+wbgmVQy8N41RsPtAtiJYue1M7OX2Yu52wy1a45pE9IAw
iQ//jlW0URZBNtFWBWPVm8+o/Qi54mVoivKYbL2CDsWsXlR+g3gfl31ALbL0lm/R
42Eb/mL9udM5+2a2kDeiymxvSf6yOXCRJcEKFXrFXj+1R4IPiNbQhuR/9Ecr54Ed
MaOEGpgE6pl5QE6OhAnmAQqQ3RrVCho3OoJEnPtqxQXQuhY4m9o=
-----END CERTIFICATE-----
Generated at Sat May 17 22:41:18 2025 by rpki-client