Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/I1AYBl5iVOVS_XmJjsdehqGYV-U.roa
File: I1AYBl5iVOVS_XmJjsdehqGYV-U.roa (raw, json)
Hash identifier: iF0yQJsmvzJkqqhUK3PiPllBcTVl+B1U8p9XceYQOGU=
Subject key identifier: 23:50:18:06:5E:62:54:E5:52:FD:79:89:8E:C7:5E:86:A1:98:57:E5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BEE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/I1AYBl5iVOVS_XmJjsdehqGYV-U.roa
Signing time: Fri 13 Jun 2025 07:39:53 +0000
ROA not before: Fri 13 Jun 2025 07:39:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7150 (0x1bee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 07:39:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=235018065E6254E552FD79898EC75E86A19857E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:f0:78:4e:8d:07:00:99:90:43:26:1d:17:
bb:2f:03:9a:16:3f:ab:4e:69:76:de:51:bb:cb:50:
9d:dd:e5:7d:aa:5a:9b:ab:1b:ff:ba:95:a5:31:30:
51:86:8e:18:6f:1d:96:03:45:62:e2:a0:c8:11:62:
ae:de:9c:59:e5:04:1a:7a:96:b3:49:ff:5e:7c:f3:
35:3f:75:c9:f1:64:d4:df:31:b3:41:b5:3b:4c:8d:
9b:6d:aa:5c:98:16:a1:8c:4d:1d:63:43:5c:c2:91:
54:6e:85:8a:1c:f1:39:f7:a1:dd:05:23:87:8a:4a:
47:f7:c9:41:5e:c3:99:97:a5:90:d9:d5:93:ab:2d:
19:f0:14:94:1c:b9:c4:d5:33:8a:e0:0a:29:59:0a:
d6:d1:15:c3:b6:85:28:72:89:eb:89:00:a7:29:20:
b9:20:e3:ce:f7:be:cb:1c:ee:2a:60:e8:57:de:3d:
3a:2a:64:17:18:39:52:5f:62:c9:51:36:bd:4a:7e:
fa:8c:e3:65:18:0b:29:30:61:48:c9:24:be:fc:4a:
d3:e2:a9:0c:32:29:e5:16:11:3b:ee:95:e2:1c:8a:
c7:ee:9b:81:49:d5:c4:37:07:5f:86:ea:ea:8b:2d:
01:33:19:32:27:06:de:bb:49:49:55:2f:1f:ec:4a:
93:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:50:18:06:5E:62:54:E5:52:FD:79:89:8E:C7:5E:86:A1:98:57:E5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/I1AYBl5iVOVS_XmJjsdehqGYV-U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:02:6b:db:aa:e7:bc:bb:47:82:c1:72:01:a8:ef:74:07:32:
2f:38:76:21:05:51:fd:03:dd:2b:e6:eb:20:23:dd:36:82:a5:
aa:b9:11:d2:27:90:c9:c5:df:f7:17:d7:72:70:aa:eb:0d:bc:
96:f9:cb:81:c7:1b:06:c5:2d:ff:b6:4d:14:b8:68:0f:6b:8e:
43:94:cd:dc:bb:c9:b7:8a:e4:2c:94:1c:17:65:a3:9a:49:f9:
f0:a6:7e:e9:f6:25:b4:8f:cf:e5:4a:6e:20:d9:f3:77:22:42:
53:18:88:43:25:4a:c4:8b:d7:d0:b9:b8:33:71:ef:82:f6:da:
7e:58:6c:4c:dd:34:ce:47:b3:68:ad:97:ba:86:b4:10:51:57:
fd:1b:b1:6b:94:0e:74:58:b4:c9:c9:48:31:23:e6:52:c8:56:
a9:0a:70:53:d6:a9:78:4c:3a:53:40:ee:9c:74:fd:2a:c2:be:
dc:ca:25:7c:7b:38:9b:2c:05:d5:e0:42:02:37:64:36:79:c2:
2b:6e:1b:d1:a8:15:23:6e:31:04:26:79:d7:a3:6c:4a:23:1d:
96:dc:84:2b:d1:40:3c:08:6e:3f:44:79:01:d4:d4:96:6b:f0:
c4:5b:cb:a2:3b:d1:8d:79:16:d7:7c:4b:33:b1:2e:86:8e:4d:
92:07:a0:91
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG+4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMw
NzM5NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIzNTAxODA2NUU2MjU0
RTU1MkZENzk4OThFQzc1RTg2QTE5ODU3RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1hvB4To0HAJmQQyYdF7svA5oWP6tOaXbeUbvLUJ3d5X2qWpur
G/+6laUxMFGGjhhvHZYDRWLioMgRYq7enFnlBBp6lrNJ/1588zU/dcnxZNTfMbNB
tTtMjZttqlyYFqGMTR1jQ1zCkVRuhYoc8Tn3od0FI4eKSkf3yUFew5mXpZDZ1ZOr
LRnwFJQcucTVM4rgCilZCtbRFcO2hShyieuJAKcpILkg4873vssc7ipg6FfePToq
ZBcYOVJfYslRNr1KfvqM42UYCykwYUjJJL78StPiqQwyKeUWETvuleIcisfum4FJ
1cQ3B1+G6uqLLQEzGTInBt67SUlVLx/sSpPNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUI1AYBl5iVOVS/XmJjsdehqGYV+UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JMUFZQmw1aVZPVlNfWG1K
anNkZWhxR1lWLVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIYCa9uq57y7R4LBcgGo73QHMi84diEFUf0D
3Svm6yAj3TaCpaq5EdInkMnF3/cX13JwqusNvJb5y4HHGwbFLf+2TRS4aA9rjkOU
zdy7ybeK5CyUHBdlo5pJ+fCmfun2JbSPz+VKbiDZ83ciQlMYiEMlSsSL19C5uDNx
74L22n5YbEzdNM5Hs2itl7qGtBBRV/0bsWuUDnRYtMnJSDEj5lLIVqkKcFPWqXhM
OlNA7px0/SrCvtzKJXx7OJssBdXgQgI3ZDZ5wituG9GoFSNuMQQmedejbEojHZbc
hCvRQDwIbj9EeQHU1JZr8MRby6I70Y15Ftd8SzOxLoaOTZIHoJE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:23:17 2025 by rpki-client