Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-d0xP0MT6IkiD0QOcHQSmV5Gpxw.roa
File: -d0xP0MT6IkiD0QOcHQSmV5Gpxw.roa (raw, json)
Hash identifier: j1mEcolZrIV7y4d+LAEBf3KrU8XZLpiq9cHNvrm82SI=
Subject key identifier: F9:DD:31:3F:43:13:E8:89:22:0F:44:0E:70:74:12:99:5E:46:A7:1C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0EC6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-d0xP0MT6IkiD0QOcHQSmV5Gpxw.roa
Signing time: Mon 26 May 2025 18:38:43 +0000
ROA not before: Mon 26 May 2025 18:38:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3782 (0xec6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 18:38:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F9DD313F4313E889220F440E707412995E46A71C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6d:00:d0:55:ae:b9:fb:de:57:e1:80:8a:c9:
63:12:48:cc:80:24:a7:30:5a:17:10:4e:13:e9:e9:
d0:df:a5:0e:14:c4:78:18:b4:f8:36:78:00:53:eb:
49:b9:6a:d7:77:9f:be:12:6c:58:a3:d2:03:27:2a:
59:39:f1:a6:6b:6b:32:a3:03:d3:10:ab:51:5d:be:
1f:ff:8c:91:e8:3d:6e:c0:8e:11:06:d1:11:5a:84:
ba:59:de:d3:10:66:68:be:6b:09:df:d5:b4:92:a9:
40:a8:49:05:5d:c1:60:b4:07:00:4a:f7:ce:f4:8a:
c5:a1:3f:29:ff:2a:03:73:4c:86:fe:dd:cb:2a:94:
1e:29:64:f1:11:d2:3c:67:9a:01:a8:b3:de:d8:86:
24:77:77:09:d3:a7:88:21:15:a5:9f:e6:7f:f1:e0:
53:56:94:36:47:28:72:98:01:5e:c8:b7:4e:94:ba:
39:fc:41:c4:53:db:56:3e:7b:e9:58:67:67:60:77:
08:28:a2:cd:33:db:05:df:b9:db:57:2e:1b:0b:f8:
a1:31:da:77:82:9a:38:7a:2f:f1:34:d3:06:97:5a:
3f:e5:c1:1c:98:38:3c:8b:e9:17:b8:a7:4b:cb:72:
99:3a:f9:ca:03:29:21:27:24:b9:1e:ed:0f:df:ba:
74:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DD:31:3F:43:13:E8:89:22:0F:44:0E:70:74:12:99:5E:46:A7:1C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-d0xP0MT6IkiD0QOcHQSmV5Gpxw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:f4:63:75:8d:32:ad:8c:89:fa:e5:ed:f7:d6:02:3d:7b:f3:
2e:fe:73:b1:c0:6b:c6:fa:b7:17:d0:d0:70:69:dd:dd:37:ff:
04:1d:16:f2:04:d5:c8:dd:70:91:53:f1:37:98:62:94:ef:c4:
01:56:9e:c2:5b:d9:33:4c:2b:48:72:b4:77:20:be:30:b2:4c:
53:79:a7:1a:90:0c:54:37:2d:9e:cc:63:b5:e6:47:8f:bf:28:
98:06:a9:5a:e0:7b:93:97:38:2b:8a:4a:da:0c:9a:c9:76:10:
7f:e0:f9:24:47:fe:36:03:d8:ad:87:48:18:35:d4:41:ec:58:
1a:b6:f0:2b:eb:e1:d1:3f:dd:0c:af:b0:13:3d:99:58:1c:31:
20:a5:c2:85:af:ad:e2:6d:b7:2e:64:37:74:1f:45:78:be:df:
ed:72:8e:b7:54:34:df:e5:8d:b8:ab:73:87:8c:80:de:56:64:
e1:e8:df:dd:04:06:95:f1:eb:a3:0a:87:bb:10:ff:bc:e7:de:
55:e1:8e:3a:01:bb:9d:b6:39:81:47:1b:aa:ee:85:76:01:1f:
ce:75:83:3a:b8:55:b4:29:94:6c:25:d8:ba:44:33:00:9b:bd:
b9:bd:13:04:db:0f:43:50:84:84:e1:6d:88:12:c9:58:de:0b:
b7:b9:60:54
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYx
ODM4NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5REQzMTNGNDMxM0U4
ODkyMjBGNDQwRTcwNzQxMjk5NUU0NkE3MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3bQDQVa65+95X4YCKyWMSSMyAJKcwWhcQThPp6dDfpQ4UxHgY
tPg2eABT60m5atd3n74SbFij0gMnKlk58aZrazKjA9MQq1Fdvh//jJHoPW7AjhEG
0RFahLpZ3tMQZmi+awnf1bSSqUCoSQVdwWC0BwBK9870isWhPyn/KgNzTIb+3csq
lB4pZPER0jxnmgGos97YhiR3dwnTp4ghFaWf5n/x4FNWlDZHKHKYAV7It06Uujn8
QcRT21Y+e+lYZ2dgdwgoos0z2wXfudtXLhsL+KEx2neCmjh6L/E00waXWj/lwRyY
ODyL6Re4p0vLcpk6+coDKSEnJLke7Q/funSZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+d0xP0MT6IkiD0QOcHQSmV5GpxwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tZDB4UDBNVDZJa2lEMFFP
Y0hRU21WNUdweHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK/0Y3WNMq2Mifrl7ffWAj178y7+c7HAa8b6
txfQ0HBp3d03/wQdFvIE1cjdcJFT8TeYYpTvxAFWnsJb2TNMK0hytHcgvjCyTFN5
pxqQDFQ3LZ7MY7XmR4+/KJgGqVrge5OXOCuKStoMmsl2EH/g+SRH/jYD2K2HSBg1
1EHsWBq28Cvr4dE/3QyvsBM9mVgcMSClwoWvreJtty5kN3QfRXi+3+1yjrdUNN/l
jbirc4eMgN5WZOHo390EBpXx66MKh7sQ/7zn3lXhjjoBu522OYFHG6ruhXYBH851
gzq4VbQplGwl2LpEMwCbvbm9EwTbD0NQhIThbYgSyVjeC7e5YFQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:39:55 2025 by rpki-client