Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KNAlMuENZe7SLeBGkxAgrhI3lmA.roa
File: KNAlMuENZe7SLeBGkxAgrhI3lmA.roa (raw, json)
Hash identifier: /lJEVuOJA9R517WPfT6Cb0URR/5SxJhnccjqzZ2V7OA=
Subject key identifier: 28:D0:25:32:E1:0D:65:EE:D2:2D:E0:46:93:10:20:AE:12:37:96:60
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14EE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KNAlMuENZe7SLeBGkxAgrhI3lmA.roa
Signing time: Tue 03 Jun 2025 23:39:16 +0000
ROA not before: Tue 03 Jun 2025 23:39:16 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5358 (0x14ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 23:39:16 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=28D02532E10D65EED22DE046931020AE12379660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:31:82:ec:4c:81:d0:8d:4a:01:c4:23:28:d1:
c7:f8:bb:41:7f:cd:4b:f1:43:56:6e:6e:66:c3:e9:
62:ad:be:94:09:5d:ae:11:12:cd:8b:5e:c8:2c:5a:
6f:f5:a3:54:a4:f6:9b:62:72:62:13:3d:f1:dc:1d:
d1:0d:2e:cb:1c:66:c1:4a:7f:00:ef:1f:5c:58:e1:
80:55:4e:65:28:73:7a:89:aa:81:d1:8c:f9:25:1f:
50:3a:34:21:32:b2:71:69:e0:1c:4c:c2:de:50:43:
ae:f2:e1:12:3a:fc:fe:28:11:64:12:c3:d2:8b:06:
56:a8:b6:7a:77:27:77:55:34:5f:49:79:ee:f8:05:
a8:61:30:23:9a:21:42:41:17:9c:b0:81:02:c8:82:
1c:cb:27:fa:05:1e:eb:c5:58:41:c6:0e:88:fc:57:
45:1d:a0:22:75:fd:60:4b:b5:8a:4b:1a:d8:42:40:
c3:cf:56:2c:d7:c2:27:64:61:aa:da:91:d4:d0:8a:
78:f5:24:f7:6a:97:db:14:13:c8:e1:99:26:36:1a:
3e:57:a5:a9:dd:b2:1c:4a:6f:9c:e3:a6:90:2f:e3:
0b:96:06:d9:b8:a2:ec:c5:a6:df:0b:59:cc:03:b1:
db:85:97:fd:89:e7:6d:20:a2:6b:a7:ef:10:4d:bf:
c2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D0:25:32:E1:0D:65:EE:D2:2D:E0:46:93:10:20:AE:12:37:96:60
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KNAlMuENZe7SLeBGkxAgrhI3lmA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:53:11:f7:d0:12:25:fc:78:97:a4:f2:f4:ea:40:99:55:00:
5a:69:03:c8:a9:ba:fa:5e:f5:3f:1e:5f:39:e8:c6:52:11:e0:
0f:43:d1:34:1b:13:20:ff:4e:eb:13:a4:c7:a1:13:71:a8:70:
b6:3f:db:fb:11:9b:d1:73:d9:79:54:cd:01:82:a2:88:b2:23:
36:49:f1:d2:e9:1a:fc:52:3b:07:ca:16:5f:d8:51:45:0d:b5:
d5:fd:40:25:76:a7:20:97:16:66:eb:16:c1:7e:f6:3c:cf:e8:
40:ed:bd:4e:0a:71:89:27:24:2d:a7:c7:90:a5:a9:25:5e:e8:
2a:f8:41:b9:95:9c:1a:1a:10:20:4d:d4:4f:23:58:4b:5b:87:
46:e8:b3:94:be:ca:64:76:7d:37:6f:89:07:17:44:9e:0a:47:
f6:61:57:ef:b0:47:39:5b:c3:4f:86:02:f6:16:b4:7c:75:15:
33:38:eb:f7:4b:c4:e2:fe:7d:6f:a0:88:58:14:ed:b5:be:5e:
d7:57:be:81:3d:ff:03:42:c8:5a:aa:68:ec:ae:77:ab:34:fd:
04:46:a0:76:44:cf:78:c6:ad:71:26:bb:a3:51:af:cf:14:15:
fa:75:e4:ec:d0:30:59:ff:9a:7d:90:66:09:d9:cb:a7:23:3f:
56:cb:15:1b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMy
MzM5MTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI4RDAyNTMyRTEwRDY1
RUVEMjJERTA0NjkzMTAyMEFFMTIzNzk2NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVMYLsTIHQjUoBxCMo0cf4u0F/zUvxQ1ZubmbD6WKtvpQJXa4R
Es2LXsgsWm/1o1Sk9pticmITPfHcHdENLsscZsFKfwDvH1xY4YBVTmUoc3qJqoHR
jPklH1A6NCEysnFp4BxMwt5QQ67y4RI6/P4oEWQSw9KLBlaotnp3J3dVNF9Jee74
BahhMCOaIUJBF5ywgQLIghzLJ/oFHuvFWEHGDoj8V0UdoCJ1/WBLtYpLGthCQMPP
VizXwidkYarakdTQinj1JPdql9sUE8jhmSY2Gj5XpandshxKb5zjppAv4wuWBtm4
ouzFpt8LWcwDsduFl/2J520gomun7xBNv8IVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKNAlMuENZe7SLeBGkxAgrhI3lmAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LTkFsTXVFTlplN1NMZUJH
a3hBZ3JoSTNsbUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKhTEffQEiX8eJek8vTqQJlVAFppA8ipuvpe
9T8eXznoxlIR4A9D0TQbEyD/TusTpMehE3GocLY/2/sRm9Fz2XlUzQGCooiyIzZJ
8dLpGvxSOwfKFl/YUUUNtdX9QCV2pyCXFmbrFsF+9jzP6EDtvU4KcYknJC2nx5Cl
qSVe6Cr4QbmVnBoaECBN1E8jWEtbh0bos5S+ymR2fTdviQcXRJ4KR/ZhV++wRzlb
w0+GAvYWtHx1FTM46/dLxOL+fW+giFgU7bW+XtdXvoE9/wNCyFqqaOyud6s0/QRG
oHZEz3jGrXEmu6NRr88UFfp15OzQMFn/mn2QZgnZy6cjP1bLFRs=
-----END CERTIFICATE-----
Generated at Sat Jun 21 08:51:04 2025 by rpki-client