Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/NTm5PJRnC2ydqE_smCnIhWR37tU.roa
File: NTm5PJRnC2ydqE_smCnIhWR37tU.roa (raw, json)
Hash identifier: WR96VHcOepiyO4Qy+ppT5VYWc85aEYsuEgtd9bkdMSk=
Subject key identifier: 35:39:B9:3C:94:67:0B:6C:9D:A8:4F:EC:98:29:C8:85:64:77:EE:D5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1506
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NTm5PJRnC2ydqE_smCnIhWR37tU.roa
Signing time: Wed 04 Jun 2025 02:39:19 +0000
ROA not before: Wed 04 Jun 2025 02:39:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5382 (0x1506)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 02:39:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3539B93C94670B6C9DA84FEC9829C8856477EED5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:66:d5:ae:ff:39:7b:fb:c2:d3:6b:a6:c0:41:
6c:98:5c:67:83:66:b1:bb:5d:fc:0c:2f:6b:5c:ea:
25:48:46:a7:9d:f9:c5:cd:ac:b8:6e:79:94:09:d7:
bd:33:80:1e:90:82:b5:7c:c4:dd:c1:fa:2d:b9:75:
14:64:8a:83:c5:d1:19:85:00:97:a6:a6:2a:38:4a:
1c:38:1f:11:76:30:e9:16:36:99:e8:c7:cb:55:1b:
ce:7b:6a:5c:d7:1e:9e:74:2b:5a:c8:d9:93:b6:fa:
f5:b5:5c:4f:e9:cd:ac:6f:71:22:af:60:50:ff:3d:
e3:1f:c9:b4:dd:0a:d6:b8:1c:6c:2e:1c:2c:c2:fc:
2b:74:af:6b:75:7a:b6:95:e0:f4:00:a4:47:a9:01:
83:5a:34:48:ab:6c:c3:fc:8e:1b:6c:1e:50:31:6a:
7f:4f:d4:77:f2:39:fa:96:29:54:8f:1c:40:c7:fa:
18:58:ea:ee:f1:61:19:2d:15:7e:bd:45:d4:87:e0:
47:70:af:09:b6:de:2f:c1:59:a2:47:05:ef:c2:a3:
c7:0a:43:e4:f7:4e:75:d8:f7:aa:68:a8:72:da:7b:
f2:9c:25:0c:3c:e2:b2:98:5a:59:6c:fc:50:b8:8f:
65:ac:06:1b:b0:69:0f:d2:33:c5:13:a8:d3:40:e2:
08:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:39:B9:3C:94:67:0B:6C:9D:A8:4F:EC:98:29:C8:85:64:77:EE:D5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NTm5PJRnC2ydqE_smCnIhWR37tU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:33:49:6c:dd:8f:c2:a7:43:5c:8f:73:6e:bb:e6:4a:2f:ce:
64:37:0f:7c:75:e3:cf:c2:03:19:9d:e5:2c:0b:8a:a6:07:82:
b6:ff:8c:bb:e7:a9:87:38:7e:0a:47:b0:c0:4c:c9:4c:d3:46:
5a:ec:44:42:7c:0f:6d:9c:0c:7d:64:ae:37:64:2c:27:d2:66:
6d:98:df:83:87:5c:0c:ca:29:cc:2f:2b:c2:a1:49:08:5e:54:
9b:3d:1c:9a:c7:68:b6:25:00:4d:04:61:4c:5a:34:d3:ae:c0:
4b:be:73:fa:02:55:95:0c:90:17:48:9e:a1:5e:38:77:ca:ee:
c3:cf:fa:4d:25:44:e5:bf:a7:d6:e2:4a:a9:6a:87:53:ae:d7:
bb:e3:9c:e4:bf:46:b5:59:9f:f5:47:40:bf:51:56:d4:39:1f:
c1:ff:66:c5:bc:31:e9:ca:25:07:b5:87:c0:48:45:37:f8:e4:
90:d5:e9:d4:ce:33:f3:76:15:34:50:32:a0:e0:78:94:ea:72:
6b:3f:6e:45:6e:a0:bf:b5:3a:72:62:99:7a:b2:c3:43:26:36:
27:95:4e:12:95:88:8b:4d:64:9b:dd:fd:d5:f1:22:e9:7d:52:
71:8b:b9:43:f8:4b:03:23:b7:90:c5:f1:de:90:6d:eb:32:0e:
ab:7c:03:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQw
MjM5MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM1MzlCOTNDOTQ2NzBC
NkM5REE4NEZFQzk4MjlDODg1NjQ3N0VFRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuZtWu/zl7+8LTa6bAQWyYXGeDZrG7XfwML2tc6iVIRqed+cXN
rLhueZQJ170zgB6QgrV8xN3B+i25dRRkioPF0RmFAJempio4Shw4HxF2MOkWNpno
x8tVG857alzXHp50K1rI2ZO2+vW1XE/pzaxvcSKvYFD/PeMfybTdCta4HGwuHCzC
/Ct0r2t1eraV4PQApEepAYNaNEirbMP8jhtsHlAxan9P1HfyOfqWKVSPHEDH+hhY
6u7xYRktFX69RdSH4Edwrwm23i/BWaJHBe/Co8cKQ+T3TnXY96poqHLae/KcJQw8
4rKYWlls/FC4j2WsBhuwaQ/SM8UTqNNA4giPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNTm5PJRnC2ydqE/smCnIhWR37tUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OVG01UEpSbkMyeWRxRV9z
bUNuSWhXUjM3dFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADozSWzdj8KnQ1yPc2675kovzmQ3D3x148/C
Axmd5SwLiqYHgrb/jLvnqYc4fgpHsMBMyUzTRlrsREJ8D22cDH1krjdkLCfSZm2Y
34OHXAzKKcwvK8KhSQheVJs9HJrHaLYlAE0EYUxaNNOuwEu+c/oCVZUMkBdInqFe
OHfK7sPP+k0lROW/p9biSqlqh1Ou17vjnOS/RrVZn/VHQL9RVtQ5H8H/ZsW8MenK
JQe1h8BIRTf45JDV6dTOM/N2FTRQMqDgeJTqcms/bkVuoL+1OnJimXqyw0MmNieV
ThKViItNZJvd/dXxIul9UnGLuUP4SwMjt5DF8d6QbesyDqt8A0c=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:13:53 2025 by rpki-client