Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8WDKfPw2-u2VcC0zep88qPad-1s.roa
File: 8WDKfPw2-u2VcC0zep88qPad-1s.roa (raw, json)
Hash identifier: f5SI45BQ+olavvWQudfFIUmXlReoMZBLv4SkuznLdcY=
Subject key identifier: F1:60:CA:7C:FC:36:FA:ED:95:70:2D:33:7A:9F:3C:A8:F6:9D:FB:5B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1786
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8WDKfPw2-u2VcC0zep88qPad-1s.roa
Signing time: Sat 07 Jun 2025 10:39:43 +0000
ROA not before: Sat 07 Jun 2025 10:39:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6022 (0x1786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 10:39:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F160CA7CFC36FAED95702D337A9F3CA8F69DFB5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:35:35:c0:d3:0e:b4:32:7a:45:7a:30:2a:3b:
3f:5b:1d:f1:57:a3:89:e5:62:94:8c:cb:b6:f1:0b:
0c:95:b0:da:6c:23:ad:e8:5b:1e:d1:6b:ac:bc:8d:
a0:b3:c7:b7:b9:0d:a2:ff:04:65:53:e4:e5:64:42:
d4:da:d2:b1:c7:0e:09:14:5a:b6:45:fd:98:71:b5:
56:27:88:6d:0a:50:31:f6:d0:52:7b:67:1e:2d:59:
d4:f9:65:24:72:25:53:fd:b7:9e:a7:cb:c2:b2:c9:
10:f3:3d:0d:c5:71:95:87:9e:9d:be:57:d0:9e:36:
86:87:94:2b:f2:1b:02:8e:ce:22:82:4b:c7:bd:75:
c2:b3:8c:74:71:9e:07:5a:ee:e6:41:17:3a:fe:01:
3d:ce:98:c4:bc:25:98:14:c5:67:4c:be:6d:41:1a:
5b:14:2f:c1:fd:dc:47:1a:c7:fa:31:7f:b8:89:14:
62:f5:79:19:59:03:2a:00:1b:33:6a:9e:40:3b:03:
67:e9:93:bb:95:f9:02:c0:49:ea:fa:69:77:55:0b:
27:08:f9:a1:00:4a:35:ab:70:7f:fd:84:8c:c0:02:
be:71:28:14:7f:1d:4e:c1:b1:aa:c1:99:2b:e0:03:
51:b6:52:5c:15:bb:6f:d5:f3:f4:ff:3d:60:8d:05:
fa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:60:CA:7C:FC:36:FA:ED:95:70:2D:33:7A:9F:3C:A8:F6:9D:FB:5B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8WDKfPw2-u2VcC0zep88qPad-1s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:b1:4e:90:85:6c:ad:1c:ba:e0:de:1f:33:98:dd:b7:51:a3:
e6:65:cf:5e:97:7e:ac:35:ca:4c:c6:c4:79:00:9a:bb:fe:6d:
04:93:91:23:a9:19:18:11:16:26:bc:5f:ac:3c:db:03:1f:f9:
b3:00:00:9a:c8:84:0b:2a:4b:83:75:1d:fa:58:5a:62:13:00:
14:8f:a7:73:2a:2d:af:e4:5f:db:c1:d7:e5:51:41:24:d8:27:
64:49:8b:96:36:92:04:74:6c:bb:8f:16:87:0b:ca:7d:19:e0:
ca:5b:1c:fd:3c:f7:fe:98:f6:dc:5f:fa:9f:84:bd:0e:d5:f8:
56:3f:c6:d2:75:2a:2c:a4:9d:8d:93:23:2b:ec:b9:24:3b:61:
7c:af:6c:ae:81:92:34:b9:ad:f0:81:d8:97:a4:0c:ec:be:6a:
96:c9:55:82:a5:51:39:8e:e3:06:82:cb:57:f2:fb:ef:94:a0:
bb:2d:3f:0e:44:52:9b:f3:a6:1f:7b:f4:56:76:fe:79:31:34:
9b:0a:1d:6b:86:01:33:10:8f:36:ff:9f:c5:9e:49:2d:2e:97:
8e:5a:7c:b8:0f:f9:3f:39:0e:f0:d9:08:b0:60:ee:df:42:32:
b3:f6:4b:c1:3b:73:d4:5d:51:a3:86:29:4a:be:16:b5:b7:76:
4d:29:7d:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
MDM5NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYxNjBDQTdDRkMzNkZB
RUQ5NTcwMkQzMzdBOUYzQ0E4RjY5REZCNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLNTXA0w60MnpFejAqOz9bHfFXo4nlYpSMy7bxCwyVsNpsI63o
Wx7Ra6y8jaCzx7e5DaL/BGVT5OVkQtTa0rHHDgkUWrZF/ZhxtVYniG0KUDH20FJ7
Zx4tWdT5ZSRyJVP9t56ny8KyyRDzPQ3FcZWHnp2+V9CeNoaHlCvyGwKOziKCS8e9
dcKzjHRxngda7uZBFzr+AT3OmMS8JZgUxWdMvm1BGlsUL8H93Ecax/oxf7iJFGL1
eRlZAyoAGzNqnkA7A2fpk7uV+QLASer6aXdVCycI+aEASjWrcH/9hIzAAr5xKBR/
HU7BsarBmSvgA1G2UlwVu2/V8/T/PWCNBfpFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8WDKfPw2+u2VcC0zep88qPad+1swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84V0RLZlB3Mi11MlZjQzB6
ZXA4OHFQYWQtMXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIKxTpCFbK0cuuDeHzOY3bdRo+Zlz16Xfqw1
ykzGxHkAmrv+bQSTkSOpGRgRFia8X6w82wMf+bMAAJrIhAsqS4N1HfpYWmITABSP
p3MqLa/kX9vB1+VRQSTYJ2RJi5Y2kgR0bLuPFocLyn0Z4MpbHP089/6Y9txf+p+E
vQ7V+FY/xtJ1KiyknY2TIyvsuSQ7YXyvbK6BkjS5rfCB2JekDOy+apbJVYKlUTmO
4waCy1fy+++UoLstPw5EUpvzph979FZ2/nkxNJsKHWuGATMQjzb/n8WeSS0ul45a
fLgP+T85DvDZCLBg7t9CMrP2S8E7c9RdUaOGKUq+FrW3dk0pfSw=
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:35:12 2025 by rpki-client