Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GWvwwId5HTG1tF7L9iyKPPec03Q.roa
File: GWvwwId5HTG1tF7L9iyKPPec03Q.roa (raw, json)
Hash identifier: Ze0F/n4M6TNsNmWfblBNB7YJgjkX+GWKpp1sie2PNJU=
Subject key identifier: 19:6B:F0:C0:87:79:1D:31:B5:B4:5E:CB:F6:2C:8A:3C:F7:9C:D3:74
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17AA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GWvwwId5HTG1tF7L9iyKPPec03Q.roa
Signing time: Sat 07 Jun 2025 15:09:29 +0000
ROA not before: Sat 07 Jun 2025 15:09:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6058 (0x17aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 15:09:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=196BF0C087791D31B5B45ECBF62C8A3CF79CD374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:62:41:95:a2:84:e8:eb:7e:c1:d5:be:69:36:
98:0d:dc:2d:cd:46:81:96:53:c4:33:d2:3d:c8:02:
ca:c4:24:ac:70:56:47:1c:1a:f8:26:de:f9:85:66:
c0:60:88:49:13:22:1b:10:23:44:61:24:bf:3c:1e:
9f:2d:62:2c:0c:58:e3:4a:98:04:3f:f6:c1:f8:1e:
ac:67:3a:c7:18:b5:69:15:82:15:f8:c6:21:60:ef:
03:04:14:2a:d9:25:17:a6:a3:f0:5b:81:28:69:8f:
cd:57:70:2c:84:8a:b3:a9:f5:62:ed:c4:fa:ef:a5:
c9:93:ff:ae:cc:31:e8:89:a2:fc:0a:d2:75:67:b2:
61:05:06:c7:2d:23:d1:f9:c5:74:55:42:81:7e:23:
9e:83:89:52:2b:6b:6f:5b:96:b7:b1:65:99:03:30:
fc:14:33:a4:4e:b5:b1:79:92:bb:55:b6:85:e7:e6:
6c:58:9a:81:c5:8c:f8:9c:57:53:e0:51:f2:b5:57:
e2:d6:23:bc:cf:ec:d2:cb:fc:88:2c:49:80:a5:3f:
18:f0:6f:47:35:1c:26:ab:5c:45:ad:50:82:5d:18:
6e:0c:a0:82:7b:aa:6d:70:d0:1a:cf:54:79:e5:5b:
e2:f6:82:ad:00:61:fe:a9:d0:65:d1:2b:26:df:9b:
dd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:6B:F0:C0:87:79:1D:31:B5:B4:5E:CB:F6:2C:8A:3C:F7:9C:D3:74
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GWvwwId5HTG1tF7L9iyKPPec03Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:48:4a:bc:08:45:d8:c9:d4:9d:ff:a0:46:c4:59:44:03:ef:
22:25:c8:a5:57:64:dc:b3:b7:0a:22:46:a6:63:8c:b1:b3:8e:
28:7e:56:73:67:86:6e:a0:d1:88:94:21:64:8e:e4:1e:79:6d:
6c:16:f9:65:fd:10:53:80:84:ee:44:e7:04:e4:8f:77:42:77:
e0:8c:fb:6a:60:98:7e:fc:78:f1:05:aa:5b:71:33:44:70:04:
b1:60:a6:78:c8:f1:e8:7c:f9:c2:a0:67:db:ca:c2:7b:a2:8b:
f4:03:bc:99:23:3c:f4:ca:af:69:76:45:62:ad:d5:2a:3f:41:
51:8f:4f:2a:e6:a0:d5:bf:d6:45:5f:bd:74:50:d2:c8:a0:cf:
c8:5b:7f:9a:b5:41:2c:01:5f:78:75:d2:c0:ac:ba:30:ad:4d:
e8:ce:93:00:16:53:99:a6:bf:f2:48:9f:d3:75:25:d7:75:c9:
b5:c8:e4:1f:ef:c7:56:4e:35:4e:b1:33:b4:be:ec:6d:1b:c7:
69:37:50:bf:7d:c5:06:f2:18:8b:47:29:ad:26:95:2a:8a:79:
93:32:5a:bf:29:2f:5d:c2:6e:6d:24:cc:e6:c8:16:1e:da:7e:
18:6b:5d:14:98:9c:76:2b:6c:c9:84:a1:f0:fb:70:1b:6f:f3:
1e:4e:0e:a5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF6owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcx
NTA5MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5NkJGMEMwODc3OTFE
MzFCNUI0NUVDQkY2MkM4QTNDRjc5Q0QzNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnYkGVooTo637B1b5pNpgN3C3NRoGWU8Qz0j3IAsrEJKxwVkcc
Gvgm3vmFZsBgiEkTIhsQI0RhJL88Hp8tYiwMWONKmAQ/9sH4HqxnOscYtWkVghX4
xiFg7wMEFCrZJRemo/BbgShpj81XcCyEirOp9WLtxPrvpcmT/67MMeiJovwK0nVn
smEFBsctI9H5xXRVQoF+I56DiVIra29blrexZZkDMPwUM6ROtbF5krtVtoXn5mxY
moHFjPicV1PgUfK1V+LWI7zP7NLL/IgsSYClPxjwb0c1HCarXEWtUIJdGG4MoIJ7
qm1w0BrPVHnlW+L2gq0AYf6p0GXRKybfm91zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGWvwwId5HTG1tF7L9iyKPPec03QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HV3Z3d0lkNUhURzF0RjdM
OWl5S1BQZWMwM1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAClISrwIRdjJ1J3/oEbEWUQD7yIlyKVXZNyz
twoiRqZjjLGzjih+VnNnhm6g0YiUIWSO5B55bWwW+WX9EFOAhO5E5wTkj3dCd+CM
+2pgmH78ePEFqltxM0RwBLFgpnjI8eh8+cKgZ9vKwnuii/QDvJkjPPTKr2l2RWKt
1So/QVGPTyrmoNW/1kVfvXRQ0sigz8hbf5q1QSwBX3h10sCsujCtTejOkwAWU5mm
v/JIn9N1Jdd1ybXI5B/vx1ZONU6xM7S+7G0bx2k3UL99xQbyGItHKa0mlSqKeZMy
Wr8pL13Cbm0kzObIFh7afhhrXRSYnHYrbMmEofD7cBtv8x5ODqU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 08:14:07 2025 by rpki-client