Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Iy_38jbvWzZJewJ2Ke2LI857zsw.roa
File: Iy_38jbvWzZJewJ2Ke2LI857zsw.roa (raw, json)
Hash identifier: Lne5vyHDulVIXwXUFEu6Wv1jVrk0LkS9ftQbVymUXQ8=
Subject key identifier: 23:2F:F7:F2:36:EF:5B:36:49:7B:02:76:29:ED:8B:23:CE:7B:CE:CC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1826
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Iy_38jbvWzZJewJ2Ke2LI857zsw.roa
Signing time: Sun 08 Jun 2025 06:39:35 +0000
ROA not before: Sun 08 Jun 2025 06:39:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6182 (0x1826)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 06:39:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=232FF7F236EF5B36497B027629ED8B23CE7BCECC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d8:5e:72:7e:7b:e4:13:8c:81:e2:f1:bc:f8:
c5:c0:b5:8e:74:3a:55:af:89:e3:22:03:b7:42:3f:
4d:02:e1:b6:cc:0f:30:d2:a7:35:05:97:e1:ab:11:
47:b7:cf:a9:bf:cb:51:30:fb:31:68:62:74:e9:43:
0f:37:82:ea:b1:a4:01:56:26:52:63:af:d7:ce:0d:
c2:77:f4:31:2f:46:b9:ab:41:b7:16:15:ec:4c:7e:
e9:8f:ee:f1:10:b7:14:8c:29:8d:63:f5:69:42:e6:
bd:99:20:4c:76:47:c0:05:5d:86:e2:fa:df:87:c5:
1d:0a:aa:5c:03:1e:3b:6f:cd:20:17:a3:02:aa:a1:
ef:eb:16:13:f3:90:f7:54:a7:ff:99:4d:8b:af:6e:
ab:3c:a1:73:4f:f3:e5:c3:05:31:be:fc:1c:3e:22:
26:49:d5:01:32:95:8e:90:0d:b3:b3:da:9d:ce:6b:
27:23:d9:09:13:f0:ff:d6:a7:21:3c:20:92:e6:a6:
df:0a:65:e6:90:73:a7:b3:fe:18:9a:e9:43:66:56:
54:a0:9f:67:90:c2:da:a8:11:42:8c:47:06:dc:bd:
85:52:5c:05:1d:c0:fc:10:13:02:3b:a6:71:ee:d7:
2f:7e:e7:64:7c:46:d6:8f:f7:d2:1f:b6:dd:f1:ee:
6d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2F:F7:F2:36:EF:5B:36:49:7B:02:76:29:ED:8B:23:CE:7B:CE:CC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Iy_38jbvWzZJewJ2Ke2LI857zsw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:9c:b3:86:b7:17:c5:85:9f:10:31:54:7b:b3:ff:77:32:86:
2c:41:43:fc:ce:9d:17:dc:6c:1c:4e:db:53:fa:c1:25:38:a1:
be:88:20:8d:53:84:cf:f9:2e:74:f6:81:8f:d6:44:95:a5:88:
ee:ad:c2:0b:66:c9:5a:e9:b3:25:86:5a:4f:13:9e:5e:a4:4d:
39:6c:eb:1f:67:f1:8c:92:dc:24:ae:63:8b:3c:66:12:b4:e5:
fb:9b:34:7c:67:e6:83:e8:51:58:3c:97:a5:a0:42:fd:e9:a4:
7f:b3:bd:54:99:8a:49:c7:79:30:be:d6:25:1a:89:5f:d8:24:
13:9d:64:0f:bb:e9:7c:d6:3f:62:53:3e:0d:b3:a1:02:66:37:
2d:56:ea:17:06:59:a6:3e:03:b3:61:cd:ba:10:0d:7f:d4:04:
d7:96:2f:c9:df:c2:c0:f1:fe:4c:de:4c:14:50:66:c0:94:4c:
27:44:b6:d7:9f:ee:a9:8a:fd:e2:33:51:dd:67:e1:b8:ce:28:
16:b4:f8:52:1f:61:cd:d2:4a:6d:06:d2:35:64:61:0f:87:23:
45:04:38:7f:f5:02:42:1d:f6:f2:1a:76:56:f7:a6:61:61:62:
d1:34:d8:80:fb:d8:e0:ea:d3:ce:2d:b4:96:e3:1c:7c:9c:ab:
e2:d3:d2:3c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgw
NjM5MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIzMkZGN0YyMzZFRjVC
MzY0OTdCMDI3NjI5RUQ4QjIzQ0U3QkNFQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC22F5yfnvkE4yB4vG8+MXAtY50OlWvieMiA7dCP00C4bbMDzDS
pzUFl+GrEUe3z6m/y1Ew+zFoYnTpQw83guqxpAFWJlJjr9fODcJ39DEvRrmrQbcW
FexMfumP7vEQtxSMKY1j9WlC5r2ZIEx2R8AFXYbi+t+HxR0KqlwDHjtvzSAXowKq
oe/rFhPzkPdUp/+ZTYuvbqs8oXNP8+XDBTG+/Bw+IiZJ1QEylY6QDbOz2p3Oaycj
2QkT8P/WpyE8IJLmpt8KZeaQc6ez/hia6UNmVlSgn2eQwtqoEUKMRwbcvYVSXAUd
wPwQEwI7pnHu1y9+52R8RtaP99Iftt3x7m2HAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIy/38jbvWzZJewJ2Ke2LI857zswwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JeV8zOGpidld6Wkpld0oy
S2UyTEk4NTd6c3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGmcs4a3F8WFnxAxVHuz/3cyhixBQ/zOnRfc
bBxO21P6wSU4ob6III1ThM/5LnT2gY/WRJWliO6twgtmyVrpsyWGWk8Tnl6kTTls
6x9n8YyS3CSuY4s8ZhK05fubNHxn5oPoUVg8l6WgQv3ppH+zvVSZiknHeTC+1iUa
iV/YJBOdZA+76XzWP2JTPg2zoQJmNy1W6hcGWaY+A7NhzboQDX/UBNeWL8nfwsDx
/kzeTBRQZsCUTCdEttef7qmK/eIzUd1n4bjOKBa0+FIfYc3SSm0G0jVkYQ+HI0UE
OH/1AkId9vIadlb3pmFhYtE02ID72ODq084ttJbjHHycq+LT0jw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 18:11:14 2025 by rpki-client