Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4-IRhovcsMRmGZ0siWEuGAzgFgg.roa
File: 4-IRhovcsMRmGZ0siWEuGAzgFgg.roa (raw, json)
Hash identifier: 5zGG3BbN14CxlEgranOUYUqfSs/iPoH0hl4MIThnMa4=
Subject key identifier: E3:E2:11:86:8B:DC:B0:C4:66:19:9D:2C:89:61:2E:18:0C:E0:16:08
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1ADE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4-IRhovcsMRmGZ0siWEuGAzgFgg.roa
Signing time: Wed 11 Jun 2025 21:40:42 +0000
ROA not before: Wed 11 Jun 2025 21:40:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6878 (0x1ade)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 21:40:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E3E211868BDCB0C466199D2C89612E180CE01608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0a:ba:7c:3c:40:57:56:92:3f:20:3d:64:a2:
69:c3:5d:ad:21:6d:be:91:94:23:65:6f:51:46:1f:
3f:69:29:90:83:e2:d6:43:7d:c3:c0:bf:d4:d4:ac:
4d:4d:35:f5:35:94:0b:ee:08:1c:8e:22:66:fd:94:
3f:9b:b9:24:8e:c5:d3:58:59:f0:6e:1d:b7:da:86:
cc:d6:84:53:3e:28:8b:04:d1:d7:49:03:6b:5e:78:
e1:b9:19:7c:c2:60:d4:60:7c:47:05:67:69:49:cd:
d1:ac:8d:43:76:41:49:47:f9:b5:83:2a:78:7f:ba:
aa:76:1d:60:93:d3:17:e8:0c:9c:c3:42:f1:81:7c:
ab:33:c2:55:6c:31:2c:f7:6d:a0:d3:6e:61:e6:e8:
1b:8d:8f:62:b6:17:d4:aa:5c:25:8a:e2:e5:67:7e:
0e:19:52:d5:40:87:2d:aa:ad:b1:ad:8e:e6:ab:e7:
8b:05:77:a5:5f:df:32:40:74:cd:cc:d5:62:46:20:
f5:a6:8c:22:b4:07:49:7c:6a:24:f4:b3:6a:45:63:
a8:1d:54:8b:de:38:a3:14:c6:69:0a:3c:02:e1:9b:
47:82:ce:0b:90:8d:c5:00:4e:a9:34:58:f5:17:70:
38:0d:ba:83:cb:69:61:ee:55:a7:f0:e2:e4:0f:07:
f9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E2:11:86:8B:DC:B0:C4:66:19:9D:2C:89:61:2E:18:0C:E0:16:08
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4-IRhovcsMRmGZ0siWEuGAzgFgg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:8f:3a:e7:02:34:7b:0b:90:c2:af:16:ed:de:dd:21:ee:37:
bc:42:aa:88:80:32:32:66:2b:23:45:1b:87:b5:ec:e6:2b:76:
d8:46:2d:8a:4e:73:29:ee:47:01:fc:be:9f:11:62:ed:cb:f4:
76:93:55:7c:72:7c:e1:31:80:54:06:c4:48:c9:50:a0:76:71:
bf:f1:25:95:7b:25:ec:5e:4e:4c:18:ea:ce:9b:1c:8d:46:c0:
00:4e:68:87:d1:c8:36:52:dc:4f:fe:86:d9:0e:44:52:5d:46:
9a:06:5b:47:cb:63:7b:5e:91:a0:b9:17:20:9d:16:ac:9e:33:
ab:9f:74:cf:ce:22:2b:33:5e:a4:5c:b2:5e:52:6e:61:df:15:
9e:2d:7a:a7:c7:4e:24:a2:4d:ae:a6:d5:4b:9e:25:b7:82:2e:
b1:d2:85:ff:5b:6a:57:75:97:88:03:f9:2e:08:98:4c:95:b2:
f8:fe:ca:8e:6d:56:04:5a:6b:6e:b1:23:94:08:51:7a:5e:34:
0d:46:93:7e:89:de:92:84:20:26:e4:74:f2:ea:e4:42:cc:9d:
30:13:60:ce:dd:a5:b0:cf:8e:da:58:be:1d:02:b1:0b:6d:32:
66:7f:58:cc:5a:56:14:8f:7a:03:f6:d3:86:6f:4a:3e:6e:2e:
f3:d0:1d:a9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEy
MTQwNDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUzRTIxMTg2OEJEQ0Iw
QzQ2NjE5OUQyQzg5NjEyRTE4MENFMDE2MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwCrp8PEBXVpI/ID1komnDXa0hbb6RlCNlb1FGHz9pKZCD4tZD
fcPAv9TUrE1NNfU1lAvuCByOImb9lD+buSSOxdNYWfBuHbfahszWhFM+KIsE0ddJ
A2teeOG5GXzCYNRgfEcFZ2lJzdGsjUN2QUlH+bWDKnh/uqp2HWCT0xfoDJzDQvGB
fKszwlVsMSz3baDTbmHm6BuNj2K2F9SqXCWK4uVnfg4ZUtVAhy2qrbGtjuar54sF
d6Vf3zJAdM3M1WJGIPWmjCK0B0l8aiT0s2pFY6gdVIveOKMUxmkKPALhm0eCzguQ
jcUATqk0WPUXcDgNuoPLaWHuVafw4uQPB/n1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4+IRhovcsMRmGZ0siWEuGAzgFggwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80LUlSaG92Y3NNUm1HWjBz
aVdFdUdBemdGZ2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFKPOucCNHsLkMKvFu3e3SHuN7xCqoiAMjJm
KyNFG4e17OYrdthGLYpOcynuRwH8vp8RYu3L9HaTVXxyfOExgFQGxEjJUKB2cb/x
JZV7JexeTkwY6s6bHI1GwABOaIfRyDZS3E/+htkORFJdRpoGW0fLY3tekaC5FyCd
FqyeM6ufdM/OIiszXqRcsl5SbmHfFZ4teqfHTiSiTa6m1UueJbeCLrHShf9bald1
l4gD+S4ImEyVsvj+yo5tVgRaa26xI5QIUXpeNA1Gk36J3pKEICbkdPLq5ELMnTAT
YM7dpbDPjtpYvh0CsQttMmZ/WMxaVhSPegP204ZvSj5uLvPQHak=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:31:11 2025 by rpki-client