Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GzMmhMlqoctPWN4Bmwsfb1Yym50.roa
File: GzMmhMlqoctPWN4Bmwsfb1Yym50.roa (raw, json)
Hash identifier: n/sm317mUwnuRxbrLkZZtB0fGiaSj4OAkGq+jqt4bHE=
Subject key identifier: 1B:33:26:84:C9:6A:A1:CB:4F:58:DE:01:9B:0B:1F:6F:56:32:9B:9D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B26
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GzMmhMlqoctPWN4Bmwsfb1Yym50.roa
Signing time: Thu 12 Jun 2025 06:39:51 +0000
ROA not before: Thu 12 Jun 2025 06:39:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6950 (0x1b26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 06:39:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1B332684C96AA1CB4F58DE019B0B1F6F56329B9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ba:9f:d2:68:8e:21:1e:46:c8:c1:be:dd:52:
fd:94:2d:dd:84:df:4a:9d:ae:2b:ca:04:0d:de:c0:
9f:9a:54:08:bf:da:4e:a0:6d:76:a0:82:6e:12:f9:
86:65:b1:c8:23:4f:8c:4e:74:f8:4e:6b:2f:5b:9b:
39:fb:6e:06:b4:20:74:43:bf:19:e9:02:fd:97:5b:
af:2d:48:e8:46:e3:45:c2:69:5c:8e:39:4a:ee:12:
20:67:e5:02:4a:46:5b:2e:1d:68:2e:d3:7f:7c:3f:
58:a0:d5:73:53:5a:68:f8:ae:b3:45:6b:bd:1b:54:
de:b2:47:28:b0:8f:3b:42:3b:97:f9:9d:1c:6a:65:
44:94:55:dc:77:6a:30:99:1b:48:20:44:c5:f6:32:
1e:85:be:43:4e:13:e9:18:51:e9:4f:62:43:57:29:
00:8e:55:97:19:15:3f:01:eb:90:24:61:fa:c6:df:
54:12:66:b8:b1:be:61:7f:12:eb:9e:77:74:45:14:
f5:9a:57:e5:e4:c2:2b:83:a5:30:4c:5f:09:29:a9:
d0:8c:46:47:24:33:d3:19:1a:dd:66:aa:88:7b:35:
06:a0:cd:43:3b:bf:b2:0b:c5:3a:c4:07:16:f8:6e:
8a:5d:b7:76:ec:b2:f3:be:4d:78:50:48:a3:f6:d1:
49:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:33:26:84:C9:6A:A1:CB:4F:58:DE:01:9B:0B:1F:6F:56:32:9B:9D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GzMmhMlqoctPWN4Bmwsfb1Yym50.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:71:1a:27:e3:16:c0:25:15:18:38:73:5c:6b:aa:c7:45:15:
f8:ba:c0:93:45:3c:1e:72:d8:59:d3:c6:f9:f5:04:4b:73:15:
a5:34:dd:05:a5:e8:9b:10:9d:0a:f1:cb:35:9e:74:0d:53:40:
7a:10:e5:7f:d6:e9:ca:fd:e2:6a:fb:57:e3:ec:70:48:29:9b:
cd:81:73:db:b4:b2:ea:1f:d7:51:ea:c6:59:80:eb:f6:eb:7a:
d6:70:09:03:d1:1d:ed:4f:14:29:4c:90:5b:8f:b3:95:7b:b4:
51:09:d0:f3:31:3a:c4:7f:ee:d4:52:d4:77:a8:65:7f:be:22:
46:ca:eb:b2:da:cb:27:57:c5:93:bc:34:e5:44:c8:15:21:e0:
08:24:e3:a9:9f:ca:47:9d:32:06:84:ad:c9:bc:eb:c2:41:52:
d0:18:f1:92:8f:5f:87:95:bd:33:28:70:62:40:0e:3f:d5:53:
7a:1f:72:01:29:ad:97:e4:4e:84:0f:a6:66:73:57:fb:3f:0f:
27:15:7a:13:fd:33:34:bb:3d:74:6d:d9:bb:97:25:56:84:14:
3d:b9:fe:44:2a:0e:80:72:1f:9e:a0:27:06:7b:6e:2f:81:dd:
96:07:5d:e8:b5:70:f3:ff:f0:2e:7c:f9:01:8b:71:39:1c:91:
2d:36:62:7a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIw
NjM5NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFCMzMyNjg0Qzk2QUEx
Q0I0RjU4REUwMTlCMEIxRjZGNTYzMjlCOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoup/SaI4hHkbIwb7dUv2ULd2E30qdrivKBA3ewJ+aVAi/2k6g
bXaggm4S+YZlscgjT4xOdPhOay9bmzn7bga0IHRDvxnpAv2XW68tSOhG40XCaVyO
OUruEiBn5QJKRlsuHWgu0398P1ig1XNTWmj4rrNFa70bVN6yRyiwjztCO5f5nRxq
ZUSUVdx3ajCZG0ggRMX2Mh6FvkNOE+kYUelPYkNXKQCOVZcZFT8B65AkYfrG31QS
ZrixvmF/Euued3RFFPWaV+XkwiuDpTBMXwkpqdCMRkckM9MZGt1mqoh7NQagzUM7
v7ILxTrEBxb4bopdt3bssvO+TXhQSKP20Ul5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGzMmhMlqoctPWN4Bmwsfb1Yym50wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Hek1taE1scW9jdFBXTjRC
bXdzZmIxWXltNTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK9xGifjFsAlFRg4c1xrqsdFFfi6wJNFPB5y
2FnTxvn1BEtzFaU03QWl6JsQnQrxyzWedA1TQHoQ5X/W6cr94mr7V+PscEgpm82B
c9u0suof11HqxlmA6/bretZwCQPRHe1PFClMkFuPs5V7tFEJ0PMxOsR/7tRS1Heo
ZX++IkbK67LayydXxZO8NOVEyBUh4Agk46mfykedMgaErcm868JBUtAY8ZKPX4eV
vTMocGJADj/VU3ofcgEprZfkToQPpmZzV/s/DycVehP9MzS7PXRt2buXJVaEFD25
/kQqDoByH56gJwZ7bi+B3ZYHXei1cPP/8C58+QGLcTkckS02Yno=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:20:35 2025 by rpki-client