Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6Cy9J8fn4YGH6eoXqvbQP9zNvDY.roa
File: 6Cy9J8fn4YGH6eoXqvbQP9zNvDY.roa (raw, json)
Hash identifier: JyQrBXzPgnejus4ht1lbHB36qkTXHt6daILELggekPQ=
Subject key identifier: E8:2C:BD:27:C7:E7:E1:81:87:E9:EA:17:AA:F6:D0:3F:DC:CD:BC:36
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1616
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6Cy9J8fn4YGH6eoXqvbQP9zNvDY.roa
Signing time: Thu 05 Jun 2025 12:39:26 +0000
ROA not before: Thu 05 Jun 2025 12:39:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5654 (0x1616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 12:39:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E82CBD27C7E7E18187E9EA17AAF6D03FDCCDBC36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:42:84:b6:3f:68:7d:b0:23:62:7b:bf:fc:9f:
3a:7e:bf:86:4d:bc:22:19:15:56:64:2c:56:62:f7:
80:e8:b0:bf:8e:b7:75:c6:aa:6f:2b:3a:2d:d6:33:
ce:63:26:07:98:38:e7:4e:20:ff:98:da:98:25:c4:
69:be:85:7d:ae:b5:d9:d3:a1:e3:92:62:cb:aa:6e:
36:fb:95:99:28:a1:4a:de:7f:a3:5a:51:40:7d:8b:
7b:3f:b2:eb:9a:c1:f0:4b:c6:6f:1d:af:4e:06:c9:
a5:9c:f8:98:2c:81:1c:eb:27:65:df:0f:3c:b6:fa:
d4:0a:c3:42:d1:25:53:c0:3b:a8:f4:54:a3:11:a9:
0a:82:26:cf:32:e5:80:b7:ca:c6:e0:68:a0:3d:bf:
1c:ea:2a:1d:23:a4:0e:db:4f:a4:24:a9:e6:04:0b:
86:61:15:a9:3d:28:87:31:03:c0:96:22:aa:ee:a9:
0c:30:fa:aa:68:07:6c:a7:37:ab:a1:d4:1a:7e:45:
ba:39:ed:19:86:d6:71:fe:9d:9c:b7:c3:0b:aa:02:
ad:14:9f:3f:09:b1:bb:bd:2f:b1:2b:b8:7a:01:b6:
00:a6:70:6a:3b:e7:5c:31:d5:d0:f2:0a:7d:b4:50:
6f:94:21:67:39:fc:8e:1e:a8:f3:71:df:71:35:8e:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:2C:BD:27:C7:E7:E1:81:87:E9:EA:17:AA:F6:D0:3F:DC:CD:BC:36
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6Cy9J8fn4YGH6eoXqvbQP9zNvDY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:b1:32:b8:a5:13:83:00:85:a8:c3:00:0a:67:70:a1:00:19:
88:bc:f7:9c:2f:1c:df:87:e2:14:bb:bd:a9:16:ec:4b:ce:10:
b6:cd:08:84:9f:e1:7a:8c:4b:bc:49:29:d1:56:e1:fe:aa:5e:
0f:4c:05:bf:ba:e2:ae:33:cc:7b:ca:1a:69:64:73:8d:ed:14:
56:84:96:6e:d6:9c:1c:0d:eb:05:b0:12:45:8f:91:21:84:19:
c2:f5:4e:3b:b3:de:2f:c2:3c:14:03:f2:7a:a3:66:b6:3c:99:
21:cf:46:7e:f1:c4:be:de:f4:46:2f:96:84:87:ee:ca:08:a9:
10:57:3f:85:bb:f1:18:4c:b1:5a:f6:a5:23:97:48:02:f5:b4:
28:dc:f9:33:50:d8:1e:fa:49:96:ba:d6:ac:95:3c:ab:bb:b6:
a5:f0:88:86:ff:6a:9b:98:33:d1:7f:3e:88:62:e7:85:b0:e7:
3b:10:28:a5:55:03:62:f0:37:3c:b5:8e:00:af:5d:55:c2:43:
60:c0:44:23:91:a0:61:e2:f1:e2:4f:bb:39:26:20:19:54:e1:
98:0d:12:80:65:23:e6:f1:21:e0:a1:66:b3:d7:cb:11:55:c7:
44:7d:a1:cd:aa:11:13:dc:20:30:fa:00:a4:35:f3:bb:c9:79:
6b:09:e3:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUx
MjM5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU4MkNCRDI3QzdFN0Ux
ODE4N0U5RUExN0FBRjZEMDNGRENDREJDMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVQoS2P2h9sCNie7/8nzp+v4ZNvCIZFVZkLFZi94DosL+Ot3XG
qm8rOi3WM85jJgeYOOdOIP+Y2pglxGm+hX2utdnToeOSYsuqbjb7lZkooUref6Na
UUB9i3s/suuawfBLxm8dr04GyaWc+JgsgRzrJ2XfDzy2+tQKw0LRJVPAO6j0VKMR
qQqCJs8y5YC3ysbgaKA9vxzqKh0jpA7bT6QkqeYEC4ZhFak9KIcxA8CWIqruqQww
+qpoB2ynN6uh1Bp+Rbo57RmG1nH+nZy3wwuqAq0Unz8Jsbu9L7EruHoBtgCmcGo7
51wx1dDyCn20UG+UIWc5/I4eqPNx33E1jhcXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6Cy9J8fn4YGH6eoXqvbQP9zNvDYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82Q3k5SjhmbjRZR0g2ZW9Y
cXZiUVA5ek52RFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACixMrilE4MAhajDAApncKEAGYi895wvHN+H
4hS7vakW7EvOELbNCISf4XqMS7xJKdFW4f6qXg9MBb+64q4zzHvKGmlkc43tFFaE
lm7WnBwN6wWwEkWPkSGEGcL1Tjuz3i/CPBQD8nqjZrY8mSHPRn7xxL7e9EYvloSH
7soIqRBXP4W78RhMsVr2pSOXSAL1tCjc+TNQ2B76SZa61qyVPKu7tqXwiIb/apuY
M9F/Pohi54Ww5zsQKKVVA2LwNzy1jgCvXVXCQ2DARCORoGHi8eJPuzkmIBlU4ZgN
EoBlI+bxIeChZrPXyxFVx0R9oc2qERPcIDD6AKQ187vJeWsJ4x0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:51 2025 by rpki-client