Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IaiMK9faD3BaVp9Cp8mP5Cgfn7Y.roa
File: IaiMK9faD3BaVp9Cp8mP5Cgfn7Y.roa (raw, json)
Hash identifier: ZxJEL5LPeaB1CR9NfmIkDOro2LDSG4HaT88q5bt40c4=
Subject key identifier: 21:A8:8C:2B:D7:DA:0F:70:5A:56:9F:42:A7:C9:8F:E4:28:1F:9F:B6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1D1E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IaiMK9faD3BaVp9Cp8mP5Cgfn7Y.roa
Signing time: Sat 14 Jun 2025 21:41:07 +0000
ROA not before: Sat 14 Jun 2025 21:41:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7454 (0x1d1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 21:41:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=21A88C2BD7DA0F705A569F42A7C98FE4281F9FB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:67:1e:f7:5a:3c:29:a4:96:ca:b5:e9:f6:73:
eb:88:3e:ff:f4:89:bd:c8:a2:f1:4b:03:95:f6:03:
57:64:6c:85:77:69:ac:69:35:9f:64:f9:95:02:e6:
b8:34:b6:ff:69:1e:ee:16:a6:22:e4:b1:8c:59:1b:
b2:39:36:f1:78:61:82:db:1e:de:d1:da:cf:f1:c3:
71:5d:6d:5c:5a:85:19:65:69:08:c3:05:f0:b6:1c:
da:88:5f:dc:8d:4f:bd:24:b3:ba:20:10:3f:d6:44:
0d:1c:68:4d:64:2a:cb:55:d4:dc:51:20:45:57:fa:
65:c8:9b:c5:0c:e0:80:7f:ff:40:a2:81:ae:0d:95:
76:0e:fd:2d:6e:94:ac:fa:8d:45:dd:a5:bc:d7:5f:
84:e1:6d:c2:64:dd:92:ba:38:db:2a:a7:5a:8f:f2:
6a:e9:98:1c:f6:70:86:5b:f2:92:c7:2e:35:69:70:
0f:49:b4:e0:38:a3:04:d0:26:3b:c3:08:26:97:94:
67:1c:48:97:90:db:46:aa:b2:bb:22:25:e0:1d:63:
a6:d8:d2:11:b9:62:42:0d:bc:37:e7:6e:8e:55:1b:
24:ab:4c:36:ec:58:12:41:3f:03:e9:2e:79:95:42:
89:15:c9:19:67:3d:0e:30:ee:6a:31:2e:b8:dd:54:
52:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A8:8C:2B:D7:DA:0F:70:5A:56:9F:42:A7:C9:8F:E4:28:1F:9F:B6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IaiMK9faD3BaVp9Cp8mP5Cgfn7Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:2d:0d:75:17:f7:8b:df:df:f4:86:5c:cb:55:c9:8b:6a:f2:
59:1f:12:bd:c1:32:95:e2:b2:c2:f1:d2:c1:81:ad:fd:17:65:
33:cc:62:2b:74:03:cf:9c:08:3d:d5:64:f7:d5:9a:bc:8f:90:
8f:4a:45:83:07:68:f6:c7:e7:41:fd:35:a7:ab:9c:3b:1c:d0:
a0:8b:d0:34:8e:63:a7:3d:31:53:b5:00:c0:70:af:c0:3e:e8:
69:9c:36:00:82:65:1e:c2:19:9f:f4:0e:c1:48:53:81:d4:64:
47:8e:50:21:84:b5:f7:a1:78:7f:05:fe:28:24:db:77:11:71:
b4:8e:4b:28:59:82:5b:23:a3:de:70:22:4c:e9:b6:fe:b0:7e:
e5:8b:dd:77:f7:ca:fa:01:d4:51:a5:4b:19:c8:be:cb:9f:ce:
e0:ef:17:7c:8e:3e:a9:2f:c5:e8:2f:c7:e7:89:16:95:df:46:
25:d5:ef:d6:67:63:53:ce:6a:e6:6c:46:fb:ca:48:dd:42:a1:
32:f9:d6:49:09:43:e2:26:fe:3a:40:a3:a3:34:e0:34:cd:ef:
15:26:75:8e:9d:c3:47:d8:07:82:f2:58:17:02:30:f2:cc:72:
0e:1e:29:05:18:15:3e:d9:a7:ba:2f:a5:31:f0:0b:8f:a0:fd:
fd:de:97:2e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQy
MTQxMDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIxQTg4QzJCRDdEQTBG
NzA1QTU2OUY0MkE3Qzk4RkU0MjgxRjlGQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1Zx73WjwppJbKten2c+uIPv/0ib3IovFLA5X2A1dkbIV3aaxp
NZ9k+ZUC5rg0tv9pHu4WpiLksYxZG7I5NvF4YYLbHt7R2s/xw3FdbVxahRllaQjD
BfC2HNqIX9yNT70ks7ogED/WRA0caE1kKstV1NxRIEVX+mXIm8UM4IB//0Ciga4N
lXYO/S1ulKz6jUXdpbzXX4ThbcJk3ZK6ONsqp1qP8mrpmBz2cIZb8pLHLjVpcA9J
tOA4owTQJjvDCCaXlGccSJeQ20aqsrsiJeAdY6bY0hG5YkINvDfnbo5VGySrTDbs
WBJBPwPpLnmVQokVyRlnPQ4w7moxLrjdVFJdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIaiMK9faD3BaVp9Cp8mP5Cgfn7YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JYWlNSzlmYUQzQmFWcDlD
cDhtUDVDZ2ZuN1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACktDXUX94vf3/SGXMtVyYtq8lkfEr3BMpXi
ssLx0sGBrf0XZTPMYit0A8+cCD3VZPfVmryPkI9KRYMHaPbH50H9NaernDsc0KCL
0DSOY6c9MVO1AMBwr8A+6GmcNgCCZR7CGZ/0DsFIU4HUZEeOUCGEtfeheH8F/igk
23cRcbSOSyhZglsjo95wIkzptv6wfuWL3Xf3yvoB1FGlSxnIvsufzuDvF3yOPqkv
xegvx+eJFpXfRiXV79ZnY1POauZsRvvKSN1CoTL51kkJQ+Im/jpAo6M04DTN7xUm
dY6dw0fYB4LyWBcCMPLMcg4eKQUYFT7Zp7ovpTHwC4+g/f3ely4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:05:16 2025 by rpki-client