Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0vgPJdxPi9iFHQkKV0N5kAxTAfU.roa
File: 0vgPJdxPi9iFHQkKV0N5kAxTAfU.roa (raw, json)
Hash identifier: ZfxhDh7rDKaItXQid1PszFTqL/g05N6M//sX0tl5aqo=
Subject key identifier: D2:F8:0F:25:DC:4F:8B:D8:85:1D:09:0A:57:43:79:90:0C:53:01:F5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A86
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0vgPJdxPi9iFHQkKV0N5kAxTAfU.roa
Signing time: Wed 11 Jun 2025 10:39:56 +0000
ROA not before: Wed 11 Jun 2025 10:39:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6790 (0x1a86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 10:39:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D2F80F25DC4F8BD8851D090A574379900C5301F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0c:54:f3:0c:cc:f5:2e:23:42:6a:a7:a1:82:
30:44:e2:69:3d:62:7e:0f:b6:b3:81:f1:0a:a9:d0:
ba:28:47:99:46:09:18:36:fb:83:f4:6a:81:88:8b:
c7:83:32:a9:ba:61:ea:e2:79:f2:a5:3b:71:b2:90:
74:78:01:c3:22:1a:da:1f:6f:59:aa:56:c5:c5:9e:
2c:de:e2:19:d8:91:77:41:ef:ff:6f:e6:56:d9:c3:
39:ef:1d:8a:c2:c8:70:50:e8:07:45:7e:c9:e3:95:
f7:4b:8f:92:49:16:41:2e:d2:ad:61:b5:49:ad:9f:
70:ff:f1:19:ff:d0:af:a5:a8:d7:90:d0:f0:6a:55:
01:21:d1:82:d9:f5:06:36:58:2b:45:eb:1a:5b:c0:
c5:2c:ac:5c:d5:5f:5c:a3:43:a4:4b:2e:85:52:4e:
ef:96:e1:01:be:c3:3c:3b:21:2f:a8:2f:1d:dd:c8:
97:8b:4c:5e:d3:29:07:4b:4c:40:3f:f0:36:56:50:
4c:90:ab:5f:86:48:66:8b:be:50:e3:38:3b:87:8d:
3d:8c:04:4e:54:1b:50:60:3b:62:c2:96:3c:c9:8c:
16:cd:49:ea:db:c9:cf:de:f3:08:89:f1:7d:f8:4a:
a1:33:31:2f:48:05:10:9d:4d:88:bf:e4:ad:ea:8d:
2a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F8:0F:25:DC:4F:8B:D8:85:1D:09:0A:57:43:79:90:0C:53:01:F5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0vgPJdxPi9iFHQkKV0N5kAxTAfU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:4b:c2:1a:ca:9b:63:4a:24:e0:59:13:df:d6:62:e6:5b:65:
9a:23:d5:32:92:e0:91:a8:eb:7f:18:3b:40:1d:f0:f8:c0:18:
27:00:90:18:2d:f5:a5:ee:2c:1f:c9:7b:ec:fd:2d:de:a4:02:
f9:ba:65:e3:bf:b2:fb:9a:81:9f:23:96:fd:2f:e1:3e:11:4c:
0e:ed:da:af:36:39:db:b6:79:6e:51:dc:5e:55:f9:98:48:9f:
7e:9d:94:53:29:2d:85:3a:b6:68:ac:bb:0f:71:a6:d6:eb:8f:
5a:4d:fb:c0:09:a0:1f:8b:3e:92:d5:d9:ef:77:7c:86:d8:bc:
78:61:9c:ee:86:c6:27:38:62:3b:46:f7:e9:f1:1d:ff:c1:85:
0d:12:9f:e4:25:60:a5:f9:a5:68:f2:67:a7:e5:fb:1f:09:06:
65:60:f3:2d:f7:66:a0:d0:84:4f:aa:61:2d:d5:00:08:61:4b:
b2:a1:93:2a:d8:fa:0d:7b:cc:be:56:14:a0:60:75:aa:c6:1f:
e3:9d:fd:0c:3f:c0:fa:e1:b4:93:99:87:5f:72:0f:43:9a:6c:
8b:12:3d:7b:6b:e6:f8:f1:9e:fb:cb:b0:6e:af:74:8b:9b:91:
14:45:9f:d9:50:0a:df:2a:55:21:14:4a:64:80:16:be:8b:ab:
c8:1e:fa:f5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEx
MDM5NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQyRjgwRjI1REM0RjhC
RDg4NTFEMDkwQTU3NDM3OTkwMEM1MzAxRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDODFTzDMz1LiNCaqehgjBE4mk9Yn4PtrOB8Qqp0LooR5lGCRg2
+4P0aoGIi8eDMqm6YeriefKlO3GykHR4AcMiGtofb1mqVsXFnize4hnYkXdB7/9v
5lbZwznvHYrCyHBQ6AdFfsnjlfdLj5JJFkEu0q1htUmtn3D/8Rn/0K+lqNeQ0PBq
VQEh0YLZ9QY2WCtF6xpbwMUsrFzVX1yjQ6RLLoVSTu+W4QG+wzw7IS+oLx3dyJeL
TF7TKQdLTEA/8DZWUEyQq1+GSGaLvlDjODuHjT2MBE5UG1BgO2LCljzJjBbNSerb
yc/e8wiJ8X34SqEzMS9IBRCdTYi/5K3qjSpjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0vgPJdxPi9iFHQkKV0N5kAxTAfUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wdmdQSmR4UGk5aUZIUWtL
VjBONWtBeFRBZlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE1LwhrKm2NKJOBZE9/WYuZbZZoj1TKS4JGo
638YO0Ad8PjAGCcAkBgt9aXuLB/Je+z9Ld6kAvm6ZeO/svuagZ8jlv0v4T4RTA7t
2q82Odu2eW5R3F5V+ZhIn36dlFMpLYU6tmisuw9xptbrj1pN+8AJoB+LPpLV2e93
fIbYvHhhnO6Gxic4YjtG9+nxHf/BhQ0Sn+QlYKX5pWjyZ6fl+x8JBmVg8y33ZqDQ
hE+qYS3VAAhhS7KhkyrY+g17zL5WFKBgdarGH+Od/Qw/wPrhtJOZh19yD0OabIsS
PXtr5vjxnvvLsG6vdIubkRRFn9lQCt8qVSEUSmSAFr6Lq8ge+vU=
-----END CERTIFICATE-----
Generated at Sat Jun 21 19:10:47 2025 by rpki-client