Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/C5nm-GjGGfVFvb4xTJJDiGHrGUo.roa
File: C5nm-GjGGfVFvb4xTJJDiGHrGUo.roa (raw, json)
Hash identifier: ucgcqLOeVq3IlB5buBGzwvaf7s1udjDNJBGhxkzxpV4=
Subject key identifier: 0B:99:E6:F8:68:C6:19:F5:45:BD:BE:31:4C:92:43:88:61:EB:19:4A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13B6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/C5nm-GjGGfVFvb4xTJJDiGHrGUo.roa
Signing time: Mon 02 Jun 2025 08:39:25 +0000
ROA not before: Mon 02 Jun 2025 08:39:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5046 (0x13b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 08:39:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0B99E6F868C619F545BDBE314C92438861EB194A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f2:ec:c0:7c:08:2d:26:0f:bc:e6:fe:53:94:
46:b0:ef:bb:00:c2:f8:ce:c2:14:ce:6d:9b:03:d2:
83:e5:62:5a:6b:b5:84:ba:dc:fc:b3:7d:33:52:5c:
23:71:fe:88:3f:f1:96:cd:3b:26:a1:e5:8d:04:93:
c3:c0:b9:80:b1:28:82:c2:a0:ea:bf:4a:55:53:e8:
0a:07:b9:3b:79:84:68:51:aa:42:9d:cc:c2:a8:d4:
13:e0:8e:c4:cd:51:12:1c:26:97:87:f6:e7:c0:66:
3d:7e:49:b7:6a:06:40:9e:89:44:4c:cb:bb:51:03:
32:4e:bb:a2:23:98:3e:38:bb:2a:4c:dc:e3:ae:b7:
7b:85:47:03:f7:f2:90:4e:fd:35:ca:15:46:d0:90:
09:a8:d9:26:ef:be:99:41:59:13:d9:b9:ad:f5:2d:
b8:11:85:c7:b6:5d:4e:2b:2e:c2:d4:a4:34:60:2a:
9d:63:b8:50:f8:0e:1d:07:37:2f:32:e0:14:65:55:
df:95:68:e8:30:df:af:38:c0:e8:c4:f1:d7:94:0d:
63:00:dd:ab:41:cc:d4:96:5e:56:ef:1f:cf:3b:88:
ed:bd:a1:ce:97:6d:43:7b:7d:57:2f:3e:43:5c:8f:
4b:1b:41:f0:6d:15:ac:cf:e8:9d:2f:d0:5c:4a:cf:
7d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:99:E6:F8:68:C6:19:F5:45:BD:BE:31:4C:92:43:88:61:EB:19:4A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/C5nm-GjGGfVFvb4xTJJDiGHrGUo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:b6:0e:3d:7f:30:60:60:1c:db:4f:48:a4:ce:47:ed:78:34:
68:a0:0a:e4:8f:a5:25:7b:16:74:80:07:b2:19:39:64:d3:12:
94:02:c0:c8:43:35:45:17:4c:90:50:a4:9f:6d:55:55:5c:e3:
14:31:e3:c8:92:71:3a:52:cd:3b:03:13:92:95:e5:80:52:81:
5e:cb:4c:c6:f3:29:30:38:8e:0b:f2:fd:42:51:10:af:25:14:
97:ee:c9:fb:f1:82:22:14:ce:71:82:18:8c:b0:21:b9:be:5c:
cb:95:3d:29:cf:7e:c3:f8:e9:e4:fd:78:56:76:eb:0b:32:7a:
c5:5a:59:ce:40:f6:94:49:03:ec:9c:41:33:20:27:50:06:9c:
d1:79:ab:4c:e8:45:8f:1b:7f:11:e3:a0:4f:5c:51:6c:22:95:
e3:73:c5:5d:e1:c5:63:d5:7a:c4:a4:37:09:1a:fd:96:fc:bd:
c4:72:23:a7:df:04:06:16:c5:1a:91:36:3e:75:7d:e3:8a:b8:
6e:08:c7:b4:f3:94:a7:a0:f2:03:c3:19:83:2a:fc:56:2d:ee:
d1:c9:32:3b:26:bd:d8:20:28:58:9e:df:6a:c0:d4:b6:80:b7:
4e:ac:a4:3b:96:a2:4e:b2:cc:e3:f2:a2:99:3c:7e:e2:a2:4f:
5f:8c:ad:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIw
ODM5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBCOTlFNkY4NjhDNjE5
RjU0NUJEQkUzMTRDOTI0Mzg4NjFFQjE5NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG8uzAfAgtJg+85v5TlEaw77sAwvjOwhTObZsD0oPlYlprtYS6
3PyzfTNSXCNx/og/8ZbNOyah5Y0Ek8PAuYCxKILCoOq/SlVT6AoHuTt5hGhRqkKd
zMKo1BPgjsTNURIcJpeH9ufAZj1+SbdqBkCeiURMy7tRAzJOu6IjmD44uypM3OOu
t3uFRwP38pBO/TXKFUbQkAmo2SbvvplBWRPZua31LbgRhce2XU4rLsLUpDRgKp1j
uFD4Dh0HNy8y4BRlVd+VaOgw3684wOjE8deUDWMA3atBzNSWXlbvH887iO29oc6X
bUN7fVcvPkNcj0sbQfBtFazP6J0v0FxKz31zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUC5nm+GjGGfVFvb4xTJJDiGHrGUowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DNW5tLUdqR0dmVkZ2YjR4
VEpKRGlHSHJHVW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABW2Dj1/MGBgHNtPSKTOR+14NGigCuSPpSV7
FnSAB7IZOWTTEpQCwMhDNUUXTJBQpJ9tVVVc4xQx48iScTpSzTsDE5KV5YBSgV7L
TMbzKTA4jgvy/UJREK8lFJfuyfvxgiIUznGCGIywIbm+XMuVPSnPfsP46eT9eFZ2
6wsyesVaWc5A9pRJA+ycQTMgJ1AGnNF5q0zoRY8bfxHjoE9cUWwileNzxV3hxWPV
esSkNwka/Zb8vcRyI6ffBAYWxRqRNj51feOKuG4Ix7TzlKeg8gPDGYMq/FYt7tHJ
MjsmvdggKFie32rA1LaAt06spDuWok6yzOPyopk8fuKiT1+MrUg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:19:51 2025 by rpki-client