Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7ccEXnGtCoDGuFV1Ch6MdWsm4QM.roa
File: 7ccEXnGtCoDGuFV1Ch6MdWsm4QM.roa (raw, json)
Hash identifier: AkYSFSCC670Ang2nnVqHd4Ss2vfIkeAmb98Bd3gv5ms=
Subject key identifier: ED:C7:04:5E:71:AD:0A:80:C6:B8:55:75:0A:1E:8C:75:6B:26:E1:03
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BB2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7ccEXnGtCoDGuFV1Ch6MdWsm4QM.roa
Signing time: Fri 13 Jun 2025 00:09:52 +0000
ROA not before: Fri 13 Jun 2025 00:09:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7090 (0x1bb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 00:09:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EDC7045E71AD0A80C6B855750A1E8C756B26E103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e8:29:d9:2a:8f:e5:63:a2:03:21:9a:61:fd:
56:af:0f:0b:8a:41:8c:4e:34:18:6d:c2:a9:6a:f6:
a8:8f:6a:78:da:dc:f8:0d:e7:04:9c:db:65:ba:f9:
87:90:f1:fc:51:8b:44:71:3c:48:ea:1b:64:9c:f4:
72:f0:f4:01:68:61:cf:7e:2d:5c:37:aa:1e:bd:67:
39:a7:e6:e2:ab:50:ec:26:fa:0e:d4:9a:e9:a4:fb:
21:e3:7d:94:a4:2a:ba:d1:c0:eb:c1:5e:ee:c1:e0:
a3:61:6e:02:8e:1f:ed:94:0b:c8:df:d1:cf:ca:67:
4b:0b:e6:d5:24:40:c5:01:cc:9e:ba:51:35:d7:a9:
b3:45:2a:a2:aa:29:36:d8:78:79:e1:cc:fe:18:ec:
d2:5c:7c:ef:ec:4a:48:9c:ac:4a:03:72:0a:de:8c:
94:99:63:d4:ca:7f:2d:77:fd:5a:ef:66:cf:c3:a5:
b0:2e:30:7b:66:eb:42:e4:6a:4c:3b:c6:4e:40:46:
2c:b0:25:fd:f5:f6:f1:1c:c7:43:fe:c7:86:4d:78:
f6:ac:57:90:bc:c5:f7:4d:e8:93:2b:f4:85:fe:f9:
d6:a2:37:28:ae:29:da:8a:ae:ea:57:ad:78:77:3b:
33:6f:ed:4a:4c:3c:a6:8e:f4:f2:a6:78:b1:5f:72:
2b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:C7:04:5E:71:AD:0A:80:C6:B8:55:75:0A:1E:8C:75:6B:26:E1:03
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7ccEXnGtCoDGuFV1Ch6MdWsm4QM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:5a:fd:e4:65:47:6c:a9:eb:60:9a:4d:0f:74:fa:5e:22:cc:
d8:46:7e:10:79:7f:4e:00:f2:7b:a0:3b:ce:7c:6b:45:29:49:
1f:9d:c9:81:a5:c2:e8:ed:15:03:7a:bc:b8:26:25:43:37:28:
16:1b:b7:89:ba:a8:12:40:f5:fb:18:d1:2a:0c:82:34:53:09:
59:2a:8c:31:55:ed:d6:ac:7f:30:55:0f:2c:46:2a:7b:a8:70:
a8:85:e7:f9:c6:b3:04:d0:0a:1e:4d:05:ac:65:19:ce:6d:f7:
56:2e:d0:ca:fe:1c:8a:92:b5:b6:ff:5f:47:d4:8b:79:21:68:
c6:d8:78:00:45:0b:2b:14:65:f8:13:c2:60:db:e9:9e:f4:ba:
b2:d5:15:00:f1:fb:3a:d6:0d:47:0e:e1:48:b4:a1:3e:c3:7e:
d0:50:9d:18:ee:a8:40:b9:cc:4b:dd:26:e0:43:16:ce:ab:1f:
d1:aa:e3:13:76:6b:dd:dd:67:64:8d:a0:5c:e3:70:58:21:9e:
0c:f4:7b:27:b3:4b:29:21:bf:24:cf:3b:09:45:18:35:f5:49:
c9:f3:c6:02:87:52:10:2a:c5:7f:12:68:e8:58:12:d2:16:fd:
b5:8c:3b:24:cc:2a:d0:95:e4:6e:4b:00:1e:7f:fb:a1:b3:62:
2c:48:ab:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMw
MDA5NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVEQzcwNDVFNzFBRDBB
ODBDNkI4NTU3NTBBMUU4Qzc1NkIyNkUxMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC6CnZKo/lY6IDIZph/VavDwuKQYxONBhtwqlq9qiPanja3PgN
5wSc22W6+YeQ8fxRi0RxPEjqG2Sc9HLw9AFoYc9+LVw3qh69Zzmn5uKrUOwm+g7U
mumk+yHjfZSkKrrRwOvBXu7B4KNhbgKOH+2UC8jf0c/KZ0sL5tUkQMUBzJ66UTXX
qbNFKqKqKTbYeHnhzP4Y7NJcfO/sSkicrEoDcgrejJSZY9TKfy13/VrvZs/DpbAu
MHtm60Lkakw7xk5ARiywJf319vEcx0P+x4ZNePasV5C8xfdN6JMr9IX++daiNyiu
KdqKrupXrXh3OzNv7UpMPKaO9PKmeLFfcisZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7ccEXnGtCoDGuFV1Ch6MdWsm4QMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83Y2NFWG5HdENvREd1RlYx
Q2g2TWRXc200UU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHRa/eRlR2yp62CaTQ90+l4izNhGfhB5f04A
8nugO858a0UpSR+dyYGlwujtFQN6vLgmJUM3KBYbt4m6qBJA9fsY0SoMgjRTCVkq
jDFV7dasfzBVDyxGKnuocKiF5/nGswTQCh5NBaxlGc5t91Yu0Mr+HIqStbb/X0fU
i3khaMbYeABFCysUZfgTwmDb6Z70urLVFQDx+zrWDUcO4Ui0oT7DftBQnRjuqEC5
zEvdJuBDFs6rH9Gq4xN2a93dZ2SNoFzjcFghngz0eyezSykhvyTPOwlFGDX1Scnz
xgKHUhAqxX8SaOhYEtIW/bWMOyTMKtCV5G5LAB5/+6GzYixIqzA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:31:57 2025 by rpki-client