Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4qO9DZEudMQnUX9GZHeWMwIQY6U.roa
File: 4qO9DZEudMQnUX9GZHeWMwIQY6U.roa (raw, json)
Hash identifier: R2ujMZkYbfVWnOtkteI5Hhu3pAEwRjqCtFClJLpKwKI=
Subject key identifier: E2:A3:BD:0D:91:2E:74:C4:27:51:7F:46:64:77:96:33:02:10:63:A5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BC6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4qO9DZEudMQnUX9GZHeWMwIQY6U.roa
Signing time: Fri 13 Jun 2025 02:46:26 +0000
ROA not before: Fri 13 Jun 2025 02:46:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7110 (0x1bc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 02:46:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E2A3BD0D912E74C427517F4664779633021063A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:24:99:7e:d6:fc:6d:e5:f6:79:ee:7c:cc:8c:
84:ae:ce:8d:ff:a4:d7:72:68:30:35:d7:d9:fe:97:
3a:2f:de:9e:bf:d2:39:be:16:17:cf:7b:a0:46:bf:
26:01:ba:dd:a4:c5:f1:0b:c9:84:59:47:60:70:fd:
25:17:4a:9f:8e:64:cb:65:c4:b3:d3:a0:07:e1:1a:
46:f1:ee:c8:a1:e5:d6:9b:4a:f1:24:38:50:9a:fd:
a2:11:3b:b4:99:99:f9:ac:eb:a1:85:6d:ba:a6:60:
78:e2:66:9e:1b:c2:b6:43:47:0f:7a:a0:ee:73:ab:
44:60:47:0f:e9:48:fa:c6:f6:b2:97:84:b1:71:ab:
da:91:88:87:98:73:2e:e4:ec:a2:bb:a0:8f:17:82:
f4:3b:8b:c7:59:a1:b2:46:05:37:95:53:96:c0:f3:
f5:e0:06:09:e9:54:78:07:e6:d5:e8:8b:14:a5:dc:
8b:52:1a:f8:6d:5a:ad:bc:43:b0:4d:9b:3c:06:f0:
0b:b9:a8:9f:21:04:b2:d9:7a:b0:1b:a0:fc:ea:ec:
5c:cf:fe:07:ee:9c:57:37:5c:20:c2:8a:2f:79:26:
ce:29:cf:fd:11:95:14:16:02:f6:cf:c0:6a:97:0b:
5c:b4:db:88:59:49:c5:4b:3a:71:49:a8:36:eb:68:
5d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A3:BD:0D:91:2E:74:C4:27:51:7F:46:64:77:96:33:02:10:63:A5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4qO9DZEudMQnUX9GZHeWMwIQY6U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:17:e9:f9:bd:ac:9e:70:b3:ac:74:c2:44:a9:6d:35:52:a4:
e8:91:31:6e:72:08:42:5b:c7:24:a3:3f:73:ba:fc:76:4c:d0:
31:db:24:72:71:94:b2:19:9e:13:25:c2:6e:b9:68:ff:5d:44:
e9:8f:33:c7:e2:c8:e6:83:eb:5f:c7:63:39:13:2e:9f:9e:23:
b1:0f:35:0b:01:5e:05:8b:e7:4a:e9:f3:77:65:30:d0:5f:fc:
fc:75:a3:56:cc:d5:c3:42:5c:e6:4c:29:06:f8:a6:df:c0:dc:
cb:3b:39:38:a2:1a:6e:10:4b:1e:96:b7:d4:1d:49:c8:4d:b4:
52:12:c5:cf:ab:ab:5f:97:9c:d8:31:db:d9:f7:61:90:07:14:
fa:f1:21:48:9a:fc:5c:4c:a6:de:f4:cd:ca:99:5d:0c:90:d7:
13:35:21:41:88:82:53:3e:e3:4d:cf:59:39:01:77:ef:ac:cb:
fb:9e:fc:9b:f7:2d:4a:8d:74:8c:3c:2b:c7:25:a8:ce:01:68:
cb:e9:cc:77:9f:1a:a1:a2:30:d5:1e:56:4b:bb:f3:b1:51:0e:
0d:7d:3a:48:41:c2:5e:c6:4a:ae:82:f8:e8:96:f7:2b:e5:33:
ca:0d:58:c3:b2:d7:e6:01:d1:b2:23:69:e3:9a:b2:07:47:97:
83:86:19:c9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG8YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMw
MjQ2MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUyQTNCRDBEOTEyRTc0
QzQyNzUxN0Y0NjY0Nzc5NjMzMDIxMDYzQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3JJl+1vxt5fZ57nzMjISuzo3/pNdyaDA119n+lzov3p6/0jm+
FhfPe6BGvyYBut2kxfELyYRZR2Bw/SUXSp+OZMtlxLPToAfhGkbx7sih5dabSvEk
OFCa/aIRO7SZmfms66GFbbqmYHjiZp4bwrZDRw96oO5zq0RgRw/pSPrG9rKXhLFx
q9qRiIeYcy7k7KK7oI8XgvQ7i8dZobJGBTeVU5bA8/XgBgnpVHgH5tXoixSl3ItS
GvhtWq28Q7BNmzwG8Au5qJ8hBLLZerAboPzq7FzP/gfunFc3XCDCii95Js4pz/0R
lRQWAvbPwGqXC1y024hZScVLOnFJqDbraF23AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4qO9DZEudMQnUX9GZHeWMwIQY6UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80cU85RFpFdWRNUW5VWDlH
WkhlV013SVFZNlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABkX6fm9rJ5ws6x0wkSpbTVSpOiRMW5yCEJb
xySjP3O6/HZM0DHbJHJxlLIZnhMlwm65aP9dROmPM8fiyOaD61/HYzkTLp+eI7EP
NQsBXgWL50rp83dlMNBf/Px1o1bM1cNCXOZMKQb4pt/A3Ms7OTiiGm4QSx6Wt9Qd
SchNtFISxc+rq1+XnNgx29n3YZAHFPrxIUia/FxMpt70zcqZXQyQ1xM1IUGIglM+
403PWTkBd++sy/ue/Jv3LUqNdIw8K8clqM4BaMvpzHefGqGiMNUeVku787FRDg19
OkhBwl7GSq6C+OiW9yvlM8oNWMOy1+YB0bIjaeOasgdHl4OGGck=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:10:11 2025 by rpki-client