Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-LbWA_b6O45Iqq4rL67cpVVeczY.roa
File: -LbWA_b6O45Iqq4rL67cpVVeczY.roa (raw, json)
Hash identifier: rJfmOr4e/KXdW5j7tQjTAHcG1VWuK+Q/30k2Xx6HuL4=
Subject key identifier: F8:B6:D6:03:F6:FA:3B:8E:48:AA:AE:2B:2F:AE:DC:A5:55:5E:73:36
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C0E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-LbWA_b6O45Iqq4rL67cpVVeczY.roa
Signing time: Fri 13 Jun 2025 11:40:52 +0000
ROA not before: Fri 13 Jun 2025 11:40:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7182 (0x1c0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 11:40:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F8B6D603F6FA3B8E48AAAE2B2FAEDCA5555E7336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:80:a4:fa:67:4a:ec:b7:0b:31:04:31:c3:d7:
91:1b:f5:7c:ae:1a:8a:c1:47:77:ae:d0:29:9e:65:
ef:e9:4c:26:4a:4f:cc:b7:8c:f6:db:83:0d:23:0d:
56:a9:e0:79:75:b5:79:c4:f5:c3:13:e5:8b:6d:43:
30:57:64:ac:68:e8:e3:a4:34:9d:b3:0f:d1:12:26:
ad:f9:2a:b5:db:26:82:b6:33:5e:aa:38:5a:5d:ed:
90:16:da:56:ad:05:86:e8:b6:ce:97:e4:ec:a4:82:
ae:5f:51:2c:9d:5c:9c:c6:bd:db:27:00:56:6c:9b:
d0:88:26:bd:09:8b:c3:a5:80:9a:e2:7c:89:68:54:
7c:d2:93:5b:13:9a:67:ba:d1:77:95:4e:dd:b5:2c:
c6:e0:10:49:0a:95:03:e3:66:90:35:8f:73:5d:ff:
15:13:15:fc:23:09:dc:1e:2d:63:4f:cc:b7:12:96:
5b:9d:8c:ad:55:6d:14:94:24:30:44:67:81:42:a8:
98:ac:be:61:94:7a:0c:28:31:97:42:34:54:5a:f2:
40:02:a9:81:b5:44:ac:d4:7d:1f:90:f9:69:00:ef:
e6:e0:1d:df:e0:ff:ff:7f:df:7a:e6:09:56:04:ab:
ca:ee:e9:e7:dc:74:6a:dd:0f:dd:c9:1e:a7:18:91:
6c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:B6:D6:03:F6:FA:3B:8E:48:AA:AE:2B:2F:AE:DC:A5:55:5E:73:36
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-LbWA_b6O45Iqq4rL67cpVVeczY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:2c:09:c4:df:4e:8a:b6:41:4c:cc:48:21:5c:fa:b5:69:63:
bc:69:5b:4a:c5:c6:cf:13:33:6a:1b:48:21:ee:e6:e9:78:01:
1c:b8:2f:10:15:ce:04:04:23:71:55:cf:0f:e0:05:47:10:d4:
74:f4:04:a2:9f:f6:43:e9:43:61:25:8d:ec:a7:74:c3:33:af:
31:47:d6:7b:0d:16:f4:27:d8:45:f2:60:15:e8:da:31:6a:47:
ed:d0:d0:31:4e:b9:82:20:4c:5c:77:63:05:50:10:5d:35:24:
76:e0:ba:4c:89:50:f3:f4:0a:f5:6c:2e:0b:fa:a7:d9:5c:1b:
6b:01:e2:35:4d:7a:db:fd:f7:6f:3f:43:86:97:a4:0c:24:e2:
d0:e0:85:4c:09:3a:cb:4f:a1:36:dc:8d:b7:b3:08:f0:b8:fc:
fb:f8:3f:11:1f:1a:eb:ba:88:b1:67:d2:c3:14:2a:26:96:a4:
07:d2:ca:35:2d:be:17:28:81:29:98:88:bc:16:49:55:39:c7:
c6:b0:ca:2f:3d:79:78:8b:49:dd:da:39:c9:0a:0b:da:3f:e7:
6c:ec:a0:cb:d6:78:ee:96:62:9f:d7:5b:dd:74:49:2c:ea:73:
19:14:23:3e:ee:c9:07:f5:c0:a8:89:29:8d:28:5d:51:e5:3e:
d2:0a:0c:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
MTQwNTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY4QjZENjAzRjZGQTNC
OEU0OEFBQUUyQjJGQUVEQ0E1NTU1RTczMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTgKT6Z0rstwsxBDHD15Eb9XyuGorBR3eu0CmeZe/pTCZKT8y3
jPbbgw0jDVap4Hl1tXnE9cMT5YttQzBXZKxo6OOkNJ2zD9ESJq35KrXbJoK2M16q
OFpd7ZAW2latBYbots6X5Oykgq5fUSydXJzGvdsnAFZsm9CIJr0Ji8OlgJrifIlo
VHzSk1sTmme60XeVTt21LMbgEEkKlQPjZpA1j3Nd/xUTFfwjCdweLWNPzLcSllud
jK1VbRSUJDBEZ4FCqJisvmGUegwoMZdCNFRa8kACqYG1RKzUfR+Q+WkA7+bgHd/g
//9/33rmCVYEq8ru6efcdGrdD93JHqcYkWxtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+LbWA/b6O45Iqq4rL67cpVVeczYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tTGJXQV9iNk80NUlxcTRy
TDY3Y3BWVmVjelkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFIsCcTfToq2QUzMSCFc+rVpY7xpW0rFxs8T
M2obSCHu5ul4ARy4LxAVzgQEI3FVzw/gBUcQ1HT0BKKf9kPpQ2EljeyndMMzrzFH
1nsNFvQn2EXyYBXo2jFqR+3Q0DFOuYIgTFx3YwVQEF01JHbgukyJUPP0CvVsLgv6
p9lcG2sB4jVNetv9928/Q4aXpAwk4tDghUwJOstPoTbcjbezCPC4/Pv4PxEfGuu6
iLFn0sMUKiaWpAfSyjUtvhcogSmYiLwWSVU5x8awyi89eXiLSd3aOckKC9o/52zs
oMvWeO6WYp/XW910SSzqcxkUIz7uyQf1wKiJKY0oXVHlPtIKDJI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 18:11:21 2025 by rpki-client