Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/C6JYyRE0w5CQmbmaWQuDZ9KpYvU.roa
File: C6JYyRE0w5CQmbmaWQuDZ9KpYvU.roa (raw, json)
Hash identifier: ZdGmjPVxCYZy/bzDdp21ut2+QVHbMB7QbN1dg75Zby0=
Subject key identifier: 0B:A2:58:C9:11:34:C3:90:90:99:B9:9A:59:0B:83:67:D2:A9:62:F5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1726
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/C6JYyRE0w5CQmbmaWQuDZ9KpYvU.roa
Signing time: Fri 06 Jun 2025 22:39:29 +0000
ROA not before: Fri 06 Jun 2025 22:39:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5926 (0x1726)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 22:39:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0BA258C91134C3909099B99A590B8367D2A962F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:42:46:18:56:15:d8:0f:36:8d:5e:a0:aa:9d:
0b:21:12:e2:ce:73:84:4c:0e:57:9d:9f:40:9b:03:
05:60:7f:f6:3e:29:11:82:7e:71:e3:d7:e6:9e:8d:
c4:da:de:71:89:8e:d5:95:e1:d0:7f:cc:15:85:08:
82:52:f0:66:10:92:92:62:4e:51:61:e6:98:3d:18:
aa:71:1c:1c:1b:fb:54:0b:6c:60:1d:bb:dc:b3:a5:
95:25:97:0d:05:d0:00:e5:51:93:af:11:ef:79:da:
34:09:66:16:ea:55:3a:07:1d:05:19:3a:4c:54:14:
7a:b0:2f:9e:b5:21:ee:79:fa:34:9c:ab:3d:66:be:
9e:b3:9f:dd:9e:21:27:e5:73:97:7b:bd:2f:62:03:
25:5e:2a:a1:4e:2c:0c:54:9b:19:df:5f:58:25:05:
29:87:4d:4b:f8:90:7a:aa:7a:98:6a:3c:04:37:ef:
ea:7e:79:c9:5e:d4:b7:b1:46:c2:c4:91:85:dc:9b:
b5:32:98:67:de:a7:e8:7c:a2:8a:37:a0:5a:a0:c1:
c2:67:64:52:45:61:a4:41:e2:81:15:04:ea:ef:bc:
b6:b4:0d:79:7f:71:d7:83:16:35:7c:c2:b6:a7:65:
f2:2b:d0:5b:88:5f:1c:7c:9d:0c:1a:9a:cc:47:e5:
2b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A2:58:C9:11:34:C3:90:90:99:B9:9A:59:0B:83:67:D2:A9:62:F5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/C6JYyRE0w5CQmbmaWQuDZ9KpYvU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:80:7e:e3:0c:84:51:d6:e3:9d:2d:ee:6b:7e:2d:90:c2:d9:
a3:e4:d3:f9:29:e1:6d:3c:d6:be:95:00:07:12:98:e4:75:33:
4f:06:31:0d:c6:bc:56:a4:c1:9f:0d:63:23:23:2f:28:33:39:
b4:77:50:30:91:c1:71:98:be:10:64:77:4f:03:9c:68:b7:8b:
de:54:20:c5:4f:5f:fc:69:54:67:06:cd:5c:6e:94:2e:b1:23:
2b:93:eb:3b:6a:42:fb:e7:e9:e6:09:9b:9d:af:bd:87:79:f3:
55:f2:10:85:09:47:dc:b1:59:a8:12:2e:96:6c:83:00:bd:da:
bd:2a:75:b5:4f:df:a5:c9:c8:20:6b:e3:73:c0:f5:b6:d8:7e:
8c:e9:85:45:7e:c8:9c:ff:43:c2:ef:fc:8d:34:19:7e:8e:b0:
cc:0a:8a:a7:4a:f7:e1:d3:57:73:88:87:62:0b:a3:76:42:8d:
29:10:f1:87:a4:cb:d1:c5:d2:90:ee:ac:e7:d6:da:ea:b3:a2:
c4:08:7d:40:30:6a:c6:1b:c3:89:fa:0b:6c:30:4f:c5:2e:17:
6f:51:96:73:c8:44:ca:70:e5:eb:9e:ef:4c:22:1f:49:45:6a:
a0:af:cf:d2:a0:1b:8e:a4:5f:ef:ae:9f:39:f1:80:0f:28:dd:
42:47:7d:c3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYy
MjM5MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBCQTI1OEM5MTEzNEMz
OTA5MDk5Qjk5QTU5MEI4MzY3RDJBOTYyRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeQkYYVhXYDzaNXqCqnQshEuLOc4RMDledn0CbAwVgf/Y+KRGC
fnHj1+aejcTa3nGJjtWV4dB/zBWFCIJS8GYQkpJiTlFh5pg9GKpxHBwb+1QLbGAd
u9yzpZUllw0F0ADlUZOvEe952jQJZhbqVToHHQUZOkxUFHqwL561Ie55+jScqz1m
vp6zn92eISflc5d7vS9iAyVeKqFOLAxUmxnfX1glBSmHTUv4kHqqephqPAQ37+p+
ecle1LexRsLEkYXcm7UymGfep+h8ooo3oFqgwcJnZFJFYaRB4oEVBOrvvLa0DXl/
cdeDFjV8wranZfIr0FuIXxx8nQwamsxH5Su5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUC6JYyRE0w5CQmbmaWQuDZ9KpYvUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DNkpZeVJFMHc1Q1FtYm1h
V1F1RFo5S3BZdlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEGAfuMMhFHW450t7mt+LZDC2aPk0/kp4W08
1r6VAAcSmOR1M08GMQ3GvFakwZ8NYyMjLygzObR3UDCRwXGYvhBkd08DnGi3i95U
IMVPX/xpVGcGzVxulC6xIyuT6ztqQvvn6eYJm52vvYd581XyEIUJR9yxWagSLpZs
gwC92r0qdbVP36XJyCBr43PA9bbYfozphUV+yJz/Q8Lv/I00GX6OsMwKiqdK9+HT
V3OIh2ILo3ZCjSkQ8Yeky9HF0pDurOfW2uqzosQIfUAwasYbw4n6C2wwT8UuF29R
lnPIRMpw5eue70wiH0lFaqCvz9KgG46kX++unznxgA8o3UJHfcM=
-----END CERTIFICATE-----
Generated at Sun Jun 22 11:04:14 2025 by rpki-client