Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4qSvjQzwGImO-7S8q30f5IWvNzU.roa
File: 4qSvjQzwGImO-7S8q30f5IWvNzU.roa (raw, json)
Hash identifier: X8CaQ+94bg8Mxip9UngCzjrGAzLSAjG/np0kxJWZTWk=
Subject key identifier: E2:A4:AF:8D:0C:F0:18:89:8E:FB:B4:BC:AB:7D:1F:E4:85:AF:37:35
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A92
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4qSvjQzwGImO-7S8q30f5IWvNzU.roa
Signing time: Wed 11 Jun 2025 12:09:46 +0000
ROA not before: Wed 11 Jun 2025 12:09:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6802 (0x1a92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 12:09:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E2A4AF8D0CF018898EFBB4BCAB7D1FE485AF3735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:71:fc:6d:7d:0e:6e:7f:cb:16:0c:63:92:98:
99:8d:38:1a:b4:0a:26:c7:4a:04:5f:36:0f:89:c6:
35:53:4f:01:65:d5:0e:6e:f1:e4:32:be:40:e6:00:
77:93:7c:d3:ae:f3:f7:25:b1:b7:a6:47:0b:6e:b6:
39:c8:91:fe:48:44:af:85:b1:5f:e5:02:9f:84:54:
bf:1f:1c:1c:e5:c9:16:da:65:c0:14:a4:4b:0f:ac:
7b:5e:0a:f8:61:87:71:9c:6b:50:42:7c:44:10:99:
28:ac:79:af:0e:42:45:49:ed:5e:89:d0:19:61:ab:
26:1b:32:ee:3a:9b:77:1a:29:c1:12:ed:e8:70:da:
5b:5d:0f:bb:8d:d9:0f:91:55:a3:00:33:a8:72:a2:
99:63:36:65:da:77:90:3e:40:de:e1:6b:d0:0a:64:
f4:5f:ad:84:c3:5a:45:94:46:af:37:85:a7:4f:fd:
5f:72:ab:d5:7a:90:51:9e:e8:3a:f4:14:d0:56:1c:
8b:09:5b:f8:91:a1:c6:1b:cc:b9:3f:09:e1:be:b5:
38:2e:1e:b0:74:a8:32:3a:f0:0a:9b:81:49:1e:33:
e3:ca:85:08:6e:05:9e:41:9e:63:49:59:5d:a3:18:
8e:32:35:95:95:24:bd:81:37:95:ff:29:a8:3f:4e:
b9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A4:AF:8D:0C:F0:18:89:8E:FB:B4:BC:AB:7D:1F:E4:85:AF:37:35
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4qSvjQzwGImO-7S8q30f5IWvNzU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:8f:f9:02:0c:a1:0f:3c:6f:0b:39:d8:52:7d:ae:25:7c:bf:
47:66:6c:55:88:de:5b:6c:e6:fb:cf:9a:e7:e5:96:38:54:59:
be:59:c8:68:71:e1:6d:08:f3:96:42:f3:31:a2:37:92:88:30:
ee:f5:14:33:be:32:b2:86:d7:4d:3a:20:3b:10:20:70:e4:65:
2b:43:c9:bb:31:14:4d:19:56:de:fa:c8:e2:ca:e9:e3:98:fc:
19:72:0d:26:0d:b2:44:54:0e:3c:03:43:67:ce:60:92:7a:63:
8e:9e:e9:09:93:5e:f0:55:33:ff:0a:ef:f3:f8:d8:eb:42:b2:
4f:67:f5:6f:ed:d8:56:3c:85:1f:55:b5:c9:83:d0:46:56:a1:
8f:b2:70:8a:27:e6:2c:b6:2a:97:10:08:09:d3:d1:10:b9:bd:
32:7c:d7:8e:26:50:b0:78:bc:3b:c9:dc:92:15:47:ef:70:2a:
88:a4:6e:e6:25:74:c9:bf:a8:89:44:e4:bd:fc:a2:ac:fd:df:
c6:b1:c9:54:37:9e:ef:ce:5a:d7:13:e5:dd:be:e0:ce:04:11:
d6:44:75:04:8b:52:64:c9:cc:8a:e9:0c:9d:4c:06:82:d5:57:
9b:fa:5f:c9:2c:75:33:be:0b:d4:c0:82:bf:5f:65:66:04:b1:
8e:bd:76:f7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEx
MjA5NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUyQTRBRjhEMENGMDE4
ODk4RUZCQjRCQ0FCN0QxRkU0ODVBRjM3MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDncfxtfQ5uf8sWDGOSmJmNOBq0CibHSgRfNg+JxjVTTwFl1Q5u
8eQyvkDmAHeTfNOu8/clsbemRwtutjnIkf5IRK+FsV/lAp+EVL8fHBzlyRbaZcAU
pEsPrHteCvhhh3Gca1BCfEQQmSisea8OQkVJ7V6J0BlhqyYbMu46m3caKcES7ehw
2ltdD7uN2Q+RVaMAM6hyopljNmXad5A+QN7ha9AKZPRfrYTDWkWURq83hadP/V9y
q9V6kFGe6Dr0FNBWHIsJW/iRocYbzLk/CeG+tTguHrB0qDI68AqbgUkeM+PKhQhu
BZ5BnmNJWV2jGI4yNZWVJL2BN5X/Kag/TrlFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4qSvjQzwGImO+7S8q30f5IWvNzUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80cVN2alF6d0dJbU8tN1M4
cTMwZjVJV3ZOelUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHOP+QIMoQ88bws52FJ9riV8v0dmbFWI3lts
5vvPmuflljhUWb5ZyGhx4W0I85ZC8zGiN5KIMO71FDO+MrKG1006IDsQIHDkZStD
ybsxFE0ZVt76yOLK6eOY/BlyDSYNskRUDjwDQ2fOYJJ6Y46e6QmTXvBVM/8K7/P4
2OtCsk9n9W/t2FY8hR9VtcmD0EZWoY+ycIon5iy2KpcQCAnT0RC5vTJ8144mULB4
vDvJ3JIVR+9wKoikbuYldMm/qIlE5L38oqz938axyVQ3nu/OWtcT5d2+4M4EEdZE
dQSLUmTJzIrpDJ1MBoLVV5v6X8ksdTO+C9TAgr9fZWYEsY69dvc=
-----END CERTIFICATE-----
Generated at Sat Jun 21 01:51:55 2025 by rpki-client