Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/3C9cS5bZtOmpiiRHxwMw2MO9v9w.roa
File: 3C9cS5bZtOmpiiRHxwMw2MO9v9w.roa (raw, json)
Hash identifier: 5cxOyyjxNOJevHsYULamNyu8CDfGiFx9rKobFGpaA2Y=
Subject key identifier: DC:2F:5C:4B:96:D9:B4:E9:A9:8A:24:47:C7:03:30:D8:C3:BD:BF:DC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1536
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3C9cS5bZtOmpiiRHxwMw2MO9v9w.roa
Signing time: Wed 04 Jun 2025 08:39:24 +0000
ROA not before: Wed 04 Jun 2025 08:39:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5430 (0x1536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 08:39:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DC2F5C4B96D9B4E9A98A2447C70330D8C3BDBFDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fa:d1:c0:8a:e7:74:99:35:f4:23:1f:81:a2:
c7:dd:10:a0:d0:e3:67:34:20:a9:33:ae:fc:e1:24:
1e:71:0d:7e:2a:f0:c3:2a:62:86:66:88:63:73:7b:
54:6e:10:27:6f:69:7b:23:f1:8e:ad:c4:f5:b7:e0:
af:3a:96:2a:2b:ae:d1:10:b6:ee:14:cd:dd:de:b5:
3f:5d:85:02:9b:51:1a:34:ba:6e:69:04:e3:47:f6:
a0:a8:2a:1b:33:70:bf:b8:e2:b6:c7:0d:86:71:e9:
22:41:cf:e2:58:c9:4c:f8:19:29:85:52:2c:56:1c:
04:54:2e:b1:b8:f3:61:ba:57:11:a2:b9:6d:86:ae:
67:e3:67:dc:00:07:11:8c:e3:28:95:aa:56:18:00:
40:49:da:38:f2:8e:c7:c5:ce:dc:13:5a:c8:47:c5:
bd:58:e2:c6:64:32:7d:67:52:5c:e0:aa:53:7a:c6:
b1:b2:02:b6:ff:34:98:9c:7f:14:30:38:df:cd:8e:
af:08:ae:2d:5c:08:9b:f1:2a:8d:d1:b6:a0:5c:28:
77:9a:38:56:97:5c:3c:a9:2b:9a:d7:c1:85:db:b1:
56:ae:1d:36:c7:f7:6f:f3:61:bf:b5:c7:77:c7:b0:
c1:3c:da:00:eb:77:7d:e3:aa:12:06:e4:05:62:1b:
cc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:2F:5C:4B:96:D9:B4:E9:A9:8A:24:47:C7:03:30:D8:C3:BD:BF:DC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3C9cS5bZtOmpiiRHxwMw2MO9v9w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1c:00:23:dd:07:b6:c6:ef:8f:b7:5c:d0:7f:79:97:79:7f:51:
27:e0:98:5b:94:17:f9:4f:0c:c0:4b:3f:48:5d:62:2c:aa:92:
dc:23:8c:91:a9:f5:a4:bb:9d:df:c7:c4:f5:94:0c:74:04:64:
6e:90:a4:3e:46:99:4f:e8:92:17:25:dd:7f:ea:e4:33:83:77:
5a:18:ce:1f:31:12:61:86:02:77:1b:71:73:dd:fb:5c:5a:11:
ea:99:62:92:29:c8:b4:ab:a5:ef:5c:15:be:30:95:ed:b9:bc:
c7:93:73:87:09:54:ea:2a:a1:0b:0a:de:76:9d:3e:c7:e8:70:
0f:cd:51:85:b5:30:b1:a6:20:27:7f:51:21:ad:d3:c7:09:ac:
a9:17:43:dd:80:0b:b9:68:c0:03:5a:aa:f9:68:24:df:5e:3c:
8d:11:77:45:60:de:2a:20:07:a6:18:3f:c8:ba:af:d2:c0:d4:
97:48:6b:d7:5d:d2:9e:4b:11:8a:63:6d:0f:16:a3:5d:49:52:
af:bb:fd:4c:1a:dc:20:1d:81:86:de:c2:52:21:64:9a:55:82:
12:2f:ce:52:4f:12:6e:ed:04:19:6a:ef:e6:ed:b5:a2:d0:59:
32:20:74:c6:1b:8d:de:68:88:7f:f1:92:28:87:97:08:f5:b7:
b5:56:24:24
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFTYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQw
ODM5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERDMkY1QzRCOTZEOUI0
RTlBOThBMjQ0N0M3MDMzMEQ4QzNCREJGREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr+tHAiud0mTX0Ix+BosfdEKDQ42c0IKkzrvzhJB5xDX4q8MMq
YoZmiGNze1RuECdvaXsj8Y6txPW34K86liorrtEQtu4Uzd3etT9dhQKbURo0um5p
BONH9qCoKhszcL+44rbHDYZx6SJBz+JYyUz4GSmFUixWHARULrG482G6VxGiuW2G
rmfjZ9wABxGM4yiVqlYYAEBJ2jjyjsfFztwTWshHxb1Y4sZkMn1nUlzgqlN6xrGy
Arb/NJicfxQwON/Njq8Iri1cCJvxKo3RtqBcKHeaOFaXXDypK5rXwYXbsVauHTbH
92/zYb+1x3fHsME82gDrd33jqhIG5AViG8xXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3C9cS5bZtOmpiiRHxwMw2MO9v9wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zQzljUzViWnRPbXBpaVJI
eHdNdzJNTzl2OXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABwAI90Htsbvj7dc0H95l3l/USfgmFuUF/lP
DMBLP0hdYiyqktwjjJGp9aS7nd/HxPWUDHQEZG6QpD5GmU/okhcl3X/q5DODd1oY
zh8xEmGGAncbcXPd+1xaEeqZYpIpyLSrpe9cFb4wle25vMeTc4cJVOoqoQsK3nad
PsfocA/NUYW1MLGmICd/USGt08cJrKkXQ92AC7lowANaqvloJN9ePI0Rd0Vg3iog
B6YYP8i6r9LA1JdIa9dd0p5LEYpjbQ8Wo11JUq+7/Uwa3CAdgYbewlIhZJpVghIv
zlJPEm7tBBlq7+bttaLQWTIgdMYbjd5oiH/xkiiHlwj1t7VWJCQ=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:11:22 2025 by rpki-client