Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8Mp1KD-68oZF60hLoUZjfukx7-o.roa
File: 8Mp1KD-68oZF60hLoUZjfukx7-o.roa (raw, json)
Hash identifier: QTMEj+f18TPuLgc7ksNlJaoelwYtzw0rfrMJzpHLgtw=
Subject key identifier: F0:CA:75:28:3F:BA:F2:86:45:EB:48:4B:A1:46:63:7E:E9:31:EF:EA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13AA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8Mp1KD-68oZF60hLoUZjfukx7-o.roa
Signing time: Mon 02 Jun 2025 07:09:13 +0000
ROA not before: Mon 02 Jun 2025 07:09:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5034 (0x13aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 07:09:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F0CA75283FBAF28645EB484BA146637EE931EFEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5e:7d:3c:ae:32:19:87:eb:d4:a6:d2:b9:0b:
d0:d2:ff:21:48:fa:e2:d6:f0:66:a2:23:31:7e:05:
cb:31:52:36:e1:6e:ce:57:8d:41:73:6b:57:4e:4f:
c3:f2:19:ea:19:46:a3:5a:fd:8e:91:27:81:6b:0f:
9a:f5:e7:3c:5e:8b:f4:b0:a5:c9:3f:e4:05:1d:c6:
03:12:fa:ce:25:0d:7c:13:40:77:fa:ab:a5:36:f5:
d0:3e:49:a8:5e:7e:49:6d:9b:9f:8f:6b:b4:a2:12:
6f:13:81:32:a5:f5:10:25:bc:3a:7a:2b:25:d8:33:
63:92:73:e8:fc:e9:14:9e:85:c3:22:d0:64:74:bf:
c8:4c:46:96:43:85:03:c3:42:45:9b:81:97:1f:d2:
bb:7f:08:e5:ed:69:02:53:ad:ab:96:b3:6f:74:ab:
07:5f:e7:5d:6e:05:ce:7b:ee:2d:57:40:44:b2:a1:
8c:07:22:96:c7:ac:0b:b8:8a:09:f4:fa:8b:c3:0f:
47:25:13:1e:49:de:8b:25:ef:18:bb:74:3c:1b:53:
0a:d5:89:4a:bd:ed:8f:a2:89:4c:d0:ab:81:a9:8c:
f6:a9:8f:d7:63:35:19:f7:ec:79:c4:20:53:c8:ed:
a9:e7:29:c3:84:c0:7d:c4:bf:74:b5:5c:ec:67:25:
ea:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:CA:75:28:3F:BA:F2:86:45:EB:48:4B:A1:46:63:7E:E9:31:EF:EA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8Mp1KD-68oZF60hLoUZjfukx7-o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:17:e2:ae:1e:9c:e9:54:67:a0:90:6d:37:d6:53:b1:18:2d:
37:8a:1e:aa:a5:e0:e5:50:8a:bc:28:b0:da:ad:75:a9:84:0b:
9d:69:11:ee:95:33:d2:d8:bb:a7:8b:1f:c8:8f:8c:49:40:77:
f0:08:1f:34:e0:c2:87:4e:95:24:8b:03:e0:90:16:4c:5b:10:
57:9b:91:4d:04:12:31:76:03:c4:4d:7f:d7:5f:a3:32:b0:81:
2d:c1:1a:d2:a5:f1:11:07:6b:e1:46:5c:d3:75:5a:5d:b6:5b:
9a:2e:f1:b5:7d:7b:df:52:4c:7f:58:93:63:28:ef:a6:59:b8:
9e:98:b7:25:5f:e1:5d:0a:22:93:69:e0:a4:bc:d6:6c:36:00:
ba:81:81:11:1f:aa:61:37:12:bd:6c:7d:f0:7b:f2:b3:cb:46:
ac:72:0e:12:3f:02:45:3f:74:f9:23:57:33:a0:19:96:fb:07:
b0:c8:ca:d5:9e:11:f5:f2:f2:2e:4a:0c:50:aa:51:4b:54:f8:
09:64:5c:07:7f:bf:f7:f8:b7:57:0d:13:5b:3c:ef:dc:37:80:
cc:53:02:9c:f6:fd:ff:2d:8e:66:be:91:83:8c:45:e3:ad:1f:
32:75:c9:34:7b:91:95:8d:85:ef:04:26:58:42:5a:e5:15:d3:
62:e6:f4:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIw
NzA5MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYwQ0E3NTI4M0ZCQUYy
ODY0NUVCNDg0QkExNDY2MzdFRTkzMUVGRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGXn08rjIZh+vUptK5C9DS/yFI+uLW8GaiIzF+BcsxUjbhbs5X
jUFza1dOT8PyGeoZRqNa/Y6RJ4FrD5r15zxei/Swpck/5AUdxgMS+s4lDXwTQHf6
q6U29dA+Sahefkltm5+Pa7SiEm8TgTKl9RAlvDp6KyXYM2OSc+j86RSehcMi0GR0
v8hMRpZDhQPDQkWbgZcf0rt/COXtaQJTrauWs290qwdf511uBc577i1XQESyoYwH
IpbHrAu4ign0+ovDD0clEx5J3osl7xi7dDwbUwrViUq97Y+iiUzQq4GpjPapj9dj
NRn37HnEIFPI7annKcOEwH3Ev3S1XOxnJepLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8Mp1KD+68oZF60hLoUZjfukx7+owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84TXAxS0QtNjhvWkY2MGhM
b1VaamZ1a3g3LW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJYX4q4enOlUZ6CQbTfWU7EYLTeKHqql4OVQ
irwosNqtdamEC51pEe6VM9LYu6eLH8iPjElAd/AIHzTgwodOlSSLA+CQFkxbEFeb
kU0EEjF2A8RNf9dfozKwgS3BGtKl8REHa+FGXNN1Wl22W5ou8bV9e99STH9Yk2Mo
76ZZuJ6YtyVf4V0KIpNp4KS81mw2ALqBgREfqmE3Er1sffB78rPLRqxyDhI/AkU/
dPkjVzOgGZb7B7DIytWeEfXy8i5KDFCqUUtU+AlkXAd/v/f4t1cNE1s879w3gMxT
Apz2/f8tjma+kYOMReOtHzJ1yTR7kZWNhe8EJlhCWuUV02Lm9DA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:19 2025 by rpki-client