Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GSX2_xP6ZueVf-X0Xe2B1AQFpC0.roa
File: GSX2_xP6ZueVf-X0Xe2B1AQFpC0.roa (raw, json)
Hash identifier: q0GzrcxmfbUjRYBLYCZs98y+LnR5mwQ0PqDG1EcZpzY=
Subject key identifier: 19:25:F6:FF:13:FA:66:E7:95:7F:E5:F4:5D:ED:81:D4:04:05:A4:2D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 169A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GSX2_xP6ZueVf-X0Xe2B1AQFpC0.roa
Signing time: Fri 06 Jun 2025 05:09:25 +0000
ROA not before: Fri 06 Jun 2025 05:09:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5786 (0x169a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 05:09:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1925F6FF13FA66E7957FE5F45DED81D40405A42D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d6:10:1d:34:88:51:6b:57:0a:78:65:84:31:
e6:4e:66:de:45:ce:79:43:ab:6f:38:c2:4e:dc:c3:
75:99:81:17:c2:18:f7:49:1a:ab:13:8b:32:51:42:
2e:49:e4:47:9c:dd:f0:f5:e6:94:49:ca:dd:c6:7b:
44:6d:2a:3a:e0:7e:c4:63:87:0d:b6:3f:eb:c8:31:
d7:c2:84:13:08:24:49:47:9e:fa:0e:13:87:cc:d2:
f0:74:3d:66:f4:e4:fd:d8:76:3e:47:40:c5:35:f3:
0e:27:99:b5:9d:fd:e9:85:41:1c:9f:e6:58:cc:4a:
ef:da:a3:58:d4:b2:c2:2e:0a:ca:4e:8c:9e:88:1f:
f6:3b:0e:34:b8:82:f5:e4:01:ed:c5:69:7c:fe:f8:
8e:2f:21:7e:cd:8c:71:6d:16:10:c1:27:3d:6e:b4:
47:ff:12:4e:e7:4d:6c:39:8f:16:b9:cf:18:fc:88:
21:cf:c2:f9:7e:cd:3d:01:c2:21:a3:1b:39:d3:03:
ab:c0:52:ec:71:ee:23:1b:7e:d4:01:0d:b6:38:76:
bb:a3:c4:6a:de:a8:85:7c:6b:78:dd:74:69:81:fa:
65:8b:7d:b7:98:7f:cd:03:d6:f7:82:99:a2:75:4d:
35:8b:bb:eb:5e:5f:da:44:75:a3:e5:9a:5e:ad:15:
8f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:25:F6:FF:13:FA:66:E7:95:7F:E5:F4:5D:ED:81:D4:04:05:A4:2D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GSX2_xP6ZueVf-X0Xe2B1AQFpC0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:d8:d2:82:fc:2b:90:d1:01:ce:9c:49:4d:82:50:86:9f:68:
9d:d4:96:79:bb:56:dc:56:c3:b3:04:2c:a9:61:c1:65:ac:28:
14:a2:dc:94:90:89:66:7b:c7:75:d3:5f:36:5c:b7:e1:65:f3:
42:00:15:5e:85:b2:c8:f8:17:c8:f2:06:f2:6d:fa:c2:fd:24:
fd:dd:e9:90:ad:d5:ff:7f:a4:b0:7a:dc:a2:d4:81:7a:ec:d7:
f3:b2:a8:c1:44:9a:1c:72:7f:1b:5f:36:ff:40:6c:90:32:01:
18:1f:ac:f8:79:04:ea:03:a4:47:88:61:fe:ab:ce:e2:64:68:
d7:38:48:c0:90:c2:80:ec:9c:f1:40:f5:a4:08:1e:bb:71:d0:
de:55:7a:86:c4:b4:91:2e:8b:63:03:e9:93:b0:9c:20:15:39:
e5:db:fd:b2:f9:05:40:06:ae:ca:5a:04:1e:5b:d4:80:f6:80:
76:9d:a8:dc:8b:e8:95:01:a6:ec:a7:79:78:e3:1f:ff:23:d3:
59:d6:d6:b3:be:71:6b:d5:14:d3:3d:32:e2:ba:8f:00:23:0f:
21:03:84:f3:67:9b:89:b6:bf:a0:62:92:d9:2d:cc:ac:5d:06:
bd:2c:77:73:5d:cb:a7:1f:2f:84:2f:67:44:53:ae:4e:5c:7d:
f4:a8:93:c7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
NTA5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5MjVGNkZGMTNGQTY2
RTc5NTdGRTVGNDVERUQ4MUQ0MDQwNUE0MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF1hAdNIhRa1cKeGWEMeZOZt5FznlDq284wk7cw3WZgRfCGPdJ
GqsTizJRQi5J5Eec3fD15pRJyt3Ge0RtKjrgfsRjhw22P+vIMdfChBMIJElHnvoO
E4fM0vB0PWb05P3Ydj5HQMU18w4nmbWd/emFQRyf5ljMSu/ao1jUssIuCspOjJ6I
H/Y7DjS4gvXkAe3FaXz++I4vIX7NjHFtFhDBJz1utEf/Ek7nTWw5jxa5zxj8iCHP
wvl+zT0BwiGjGznTA6vAUuxx7iMbftQBDbY4drujxGreqIV8a3jddGmB+mWLfbeY
f80D1veCmaJ1TTWLu+teX9pEdaPlml6tFY9ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGSX2/xP6ZueVf+X0Xe2B1AQFpC0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HU1gyX3hQNlp1ZVZmLVgw
WGUyQjFBUUZwQzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFvY0oL8K5DRAc6cSU2CUIafaJ3Ulnm7VtxW
w7MELKlhwWWsKBSi3JSQiWZ7x3XTXzZct+Fl80IAFV6Fssj4F8jyBvJt+sL9JP3d
6ZCt1f9/pLB63KLUgXrs1/OyqMFEmhxyfxtfNv9AbJAyARgfrPh5BOoDpEeIYf6r
zuJkaNc4SMCQwoDsnPFA9aQIHrtx0N5VeobEtJEui2MD6ZOwnCAVOeXb/bL5BUAG
rspaBB5b1ID2gHadqNyL6JUBpuyneXjjH/8j01nW1rO+cWvVFNM9MuK6jwAjDyED
hPNnm4m2v6BiktktzKxdBr0sd3Ndy6cfL4QvZ0RTrk5cffSok8c=
-----END CERTIFICATE-----
Generated at Fri Jun 20 18:17:19 2025 by rpki-client