Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5wIRJmNA-aAw1nGfIxZMtChTrCU.roa
File: 5wIRJmNA-aAw1nGfIxZMtChTrCU.roa (raw, json)
Hash identifier: HZPCGH4WIv/uRPbwdUER2ZzGximWFjQ8PgxLnVD4lXI=
Subject key identifier: E7:02:11:26:63:40:F9:A0:30:D6:71:9F:23:16:4C:B4:28:53:AC:25
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A16
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5wIRJmNA-aAw1nGfIxZMtChTrCU.roa
Signing time: Tue 10 Jun 2025 20:39:44 +0000
ROA not before: Tue 10 Jun 2025 20:39:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6678 (0x1a16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 20:39:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E70211266340F9A030D6719F23164CB42853AC25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:db:57:18:80:f2:05:ea:37:58:e5:5f:e4:e2:
3e:50:6c:18:ef:1d:bf:33:d8:65:51:10:86:a8:3e:
bc:08:35:33:76:b2:1e:36:8c:3d:e4:e8:e3:d9:46:
8c:44:29:de:cb:00:79:6a:40:75:1c:ea:f9:59:4f:
1f:66:18:e3:89:dd:d8:15:c1:bf:7e:a6:8b:0b:5a:
38:85:c6:0e:11:28:29:e3:9b:1b:06:26:f6:a4:15:
e1:bf:d5:db:93:d4:ba:65:63:84:84:62:b1:69:5c:
e2:5b:d4:56:6d:a8:3a:ff:e2:62:5c:e5:8f:d6:64:
01:90:0c:47:c1:2a:d9:f9:97:49:c1:25:27:92:83:
de:10:f5:50:77:0e:7a:90:cd:b1:19:ee:8c:56:99:
20:19:89:f2:40:62:af:0d:cd:d4:4c:90:d8:17:ca:
ed:61:ad:a9:a3:f7:00:4a:69:00:25:3e:7b:65:ee:
aa:17:e9:5d:04:24:84:6b:74:7a:a8:bd:2c:c8:a3:
a2:66:29:3f:ae:08:af:53:ab:36:b0:d9:52:5a:72:
95:59:6c:f1:06:ca:e2:c9:05:25:39:00:57:0c:75:
41:d9:28:80:48:01:33:f4:60:6c:b5:21:70:64:76:
c7:9b:f0:03:79:5e:7f:a6:80:01:18:a2:1e:31:0c:
00:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:02:11:26:63:40:F9:A0:30:D6:71:9F:23:16:4C:B4:28:53:AC:25
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5wIRJmNA-aAw1nGfIxZMtChTrCU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:c7:22:82:d4:de:67:b5:f6:78:8f:49:fe:69:95:c8:0f:9a:
19:5a:8f:0b:ff:3d:b9:6a:57:c9:0b:e9:b6:a6:b8:a1:d9:5a:
87:db:23:22:0a:49:9d:43:d8:13:45:c3:99:ad:4b:d3:db:d6:
bd:c3:d9:7b:d6:28:da:77:50:f4:70:5e:59:e0:98:57:ca:fa:
ac:0b:4e:37:04:39:82:82:fa:5b:91:32:e3:b0:f1:b5:3b:f5:
fd:eb:31:cf:7f:2d:5f:ce:d9:70:83:8b:9d:de:fe:2d:17:1c:
ee:6c:bd:4d:47:15:e6:f1:cd:10:a9:e4:ec:c3:3a:e7:b5:0a:
cc:33:d0:7a:38:72:50:e7:a7:bd:0f:a2:0b:0f:4e:31:a8:c1:
c7:12:cf:0b:64:f3:36:43:a2:46:9a:55:b1:f6:8e:08:9f:53:
b9:a0:03:d5:7b:15:b1:01:c0:cf:e6:5d:0f:b4:85:a8:42:69:
7a:88:a8:86:34:65:18:f9:cf:81:f0:c0:cd:d8:93:44:d9:fe:
28:c1:87:c1:d9:6b:5b:43:ec:14:f5:bb:3b:2f:5a:e6:98:c6:
7b:f1:53:5e:8c:88:50:5e:6b:34:06:71:ca:72:98:97:f0:cc:
cf:01:9a:d2:d0:e5:46:89:8e:88:f3:49:c8:79:2c:78:c2:d7:
ed:d7:61:b9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAy
MDM5NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU3MDIxMTI2NjM0MEY5
QTAzMEQ2NzE5RjIzMTY0Q0I0Mjg1M0FDMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh21cYgPIF6jdY5V/k4j5QbBjvHb8z2GVREIaoPrwINTN2sh42
jD3k6OPZRoxEKd7LAHlqQHUc6vlZTx9mGOOJ3dgVwb9+posLWjiFxg4RKCnjmxsG
JvakFeG/1duT1LplY4SEYrFpXOJb1FZtqDr/4mJc5Y/WZAGQDEfBKtn5l0nBJSeS
g94Q9VB3DnqQzbEZ7oxWmSAZifJAYq8NzdRMkNgXyu1hramj9wBKaQAlPntl7qoX
6V0EJIRrdHqovSzIo6JmKT+uCK9Tqzaw2VJacpVZbPEGyuLJBSU5AFcMdUHZKIBI
ATP0YGy1IXBkdseb8AN5Xn+mgAEYoh4xDAAfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5wIRJmNA+aAw1nGfIxZMtChTrCUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81d0lSSm1OQS1hQXcxbkdm
SXhaTXRDaFRyQ1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADPHIoLU3me19niPSf5plcgPmhlajwv/Pblq
V8kL6bamuKHZWofbIyIKSZ1D2BNFw5mtS9Pb1r3D2XvWKNp3UPRwXlngmFfK+qwL
TjcEOYKC+luRMuOw8bU79f3rMc9/LV/O2XCDi53e/i0XHO5svU1HFebxzRCp5OzD
Oue1Cswz0Ho4clDnp70PogsPTjGowccSzwtk8zZDokaaVbH2jgifU7mgA9V7FbEB
wM/mXQ+0hahCaXqIqIY0ZRj5z4HwwM3Yk0TZ/ijBh8HZa1tD7BT1uzsvWuaYxnvx
U16MiFBeazQGccpymJfwzM8BmtLQ5UaJjojzSch5LHjC1+3XYbk=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:04:15 2025 by rpki-client