Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/s-iCosFF-GczdBBK5kl125KhanY.roa
File: s-iCosFF-GczdBBK5kl125KhanY.roa (raw, json)
Hash identifier: M7EEw342tVfotN0eH0qKOobIiasjAcJiPBK0svvKTz8=
Subject key identifier: B3:E8:82:A2:C1:45:F8:67:33:74:10:4A:E6:49:75:DB:92:A1:6A:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 19FC
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/s-iCosFF-GczdBBK5kl125KhanY.roa
Signing time: Tue 10 Jun 2025 17:39:49 +0000
ROA not before: Tue 10 Jun 2025 17:39:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 125.169.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6652 (0x19fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 17:39:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B3E882A2C145F8673374104AE64975DB92A16A76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6a:6b:6b:97:f2:a8:c5:8c:06:2b:29:ce:8d:
f1:4e:71:58:4e:e8:6f:08:40:65:c2:ca:da:38:d2:
f4:44:09:a3:90:a5:40:34:e4:5f:4d:e3:51:d2:7c:
c3:46:04:3f:94:b2:62:a4:b2:5e:a5:5f:db:d0:88:
09:48:fb:dd:e5:61:46:41:ab:62:94:a4:07:46:39:
4d:00:a2:15:00:4e:31:4b:43:43:0b:19:81:81:fc:
66:ab:b1:18:8b:7c:f0:2e:96:ee:4b:47:74:c7:29:
8d:2d:11:28:bc:21:ee:25:af:90:26:c4:2d:68:71:
31:de:be:ed:68:21:13:64:c7:d6:25:e6:10:3e:8b:
70:d3:54:1a:50:b8:f0:10:1f:ec:e9:c0:84:37:bf:
0f:92:96:bb:d2:dd:c6:fd:69:c7:1f:42:05:fb:1b:
08:62:eb:3c:15:c0:84:92:52:d1:5d:84:22:a9:4a:
34:77:15:43:96:0d:d7:fa:53:fe:1d:d6:bd:36:9a:
81:62:49:44:bc:72:56:51:18:46:30:06:59:9b:f2:
99:0d:75:a5:80:71:3e:c0:7a:c4:11:72:19:44:72:
1a:c1:19:35:21:f3:37:b1:9d:cc:0e:d8:4f:a8:99:
0a:da:af:ee:b8:0a:0b:c9:a0:b7:23:b9:38:fa:c0:
e0:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E8:82:A2:C1:45:F8:67:33:74:10:4A:E6:49:75:DB:92:A1:6A:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/s-iCosFF-GczdBBK5kl125KhanY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
125.169.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:82:ee:cc:fc:47:4b:1f:f3:5d:b8:9d:f4:bf:73:b1:f7:21:
ac:50:61:5e:2f:4e:7f:18:08:bc:09:a8:8d:3d:c1:25:10:24:
c4:7c:4e:34:f1:3c:b9:63:10:2f:de:d2:a7:fb:97:bc:35:54:
54:6f:6b:99:b8:42:62:ab:f2:8d:82:0d:bb:05:18:8d:bf:06:
41:45:bf:92:4c:86:a8:58:8b:03:16:4b:c3:61:9b:df:82:5d:
ad:3c:6f:87:2a:3c:c0:77:9d:1e:20:ed:73:05:cd:ab:c4:4e:
20:86:ea:81:f9:61:3c:ca:97:42:80:7d:78:66:f2:1b:df:70:
0b:17:f4:32:0b:ff:cb:4d:e1:8a:1f:2d:d6:65:f7:b9:0d:2d:
07:19:fe:9a:50:94:4e:05:0b:cb:5d:8a:16:32:a7:69:9f:aa:
c5:e2:88:27:aa:f7:81:a8:33:54:05:06:fa:5a:34:57:50:11:
9f:e5:26:79:c7:90:2e:10:7a:df:9e:79:8c:34:bf:39:22:8f:
21:ab:4a:fc:bb:4c:98:23:0d:44:ad:7d:89:e5:f9:2a:c4:00:
8a:9d:ab:c2:a9:b9:83:4e:a9:ef:2b:31:e0:55:21:a7:eb:86:
47:4a:ca:a9:04:bb:65:68:ec:db:04:7a:66:e8:0e:b8:23:f4:
79:87:6f:88
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGfwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAx
NzM5NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIzRTg4MkEyQzE0NUY4
NjczMzc0MTA0QUU2NDk3NURCOTJBMTZBNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUamtrl/KoxYwGKynOjfFOcVhO6G8IQGXCyto40vRECaOQpUA0
5F9N41HSfMNGBD+UsmKksl6lX9vQiAlI+93lYUZBq2KUpAdGOU0AohUATjFLQ0ML
GYGB/GarsRiLfPAulu5LR3THKY0tESi8Ie4lr5AmxC1ocTHevu1oIRNkx9Yl5hA+
i3DTVBpQuPAQH+zpwIQ3vw+SlrvS3cb9accfQgX7Gwhi6zwVwISSUtFdhCKpSjR3
FUOWDdf6U/4d1r02moFiSUS8clZRGEYwBlmb8pkNdaWAcT7AesQRchlEchrBGTUh
8zexncwO2E+omQrar+64CgvJoLcjuTj6wOB1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUs+iCosFF+GczdBBK5kl125KhanYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zLWlDb3NGRi1HY3pkQkJL
NWtsMTI1S2hhblkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
fakwDQYJKoZIhvcNAQELBQADggEBAJCC7sz8R0sf8124nfS/c7H3IaxQYV4vTn8Y
CLwJqI09wSUQJMR8TjTxPLljEC/e0qf7l7w1VFRva5m4QmKr8o2CDbsFGI2/BkFF
v5JMhqhYiwMWS8Nhm9+CXa08b4cqPMB3nR4g7XMFzavETiCG6oH5YTzKl0KAfXhm
8hvfcAsX9DIL/8tN4YofLdZl97kNLQcZ/ppQlE4FC8tdihYyp2mfqsXiiCeq94Go
M1QFBvpaNFdQEZ/lJnnHkC4Qet+eeYw0vzkijyGrSvy7TJgjDUStfYnl+SrEAIqd
q8KpuYNOqe8rMeBVIafrhkdKyqkEu2Vo7NsEemboDrgj9HmHb4g=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:08:37 2025 by rpki-client