Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ne8A0VlVQZOPvOgPp8YJqr5txq8.roa
File: Ne8A0VlVQZOPvOgPp8YJqr5txq8.roa (raw, json)
Hash identifier: OlcMWJuHtXx2GwTfYCce4mxyN14NnFxQcjC8jHDloh8=
Subject key identifier: 35:EF:00:D1:59:55:41:93:8F:BC:E8:0F:A7:C6:09:AA:BE:6D:C6:AF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 17DA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ne8A0VlVQZOPvOgPp8YJqr5txq8.roa
Signing time: Sat 07 Jun 2025 21:09:33 +0000
ROA not before: Sat 07 Jun 2025 21:09:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6106 (0x17da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 21:09:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=35EF00D1595541938FBCE80FA7C609AABE6DC6AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ec:2f:d3:ae:fe:b1:12:8a:10:8f:c3:03:8d:
31:8c:20:43:65:1f:c5:da:56:0e:06:27:28:fc:b2:
f5:33:b7:34:a9:ed:ed:40:45:4b:79:76:ad:3f:22:
5a:e8:ac:b8:9f:d8:87:01:55:b9:a5:6f:15:c2:6c:
d9:37:3a:5a:77:b8:10:0c:e2:a9:95:0f:c4:92:43:
49:92:7d:71:4e:d0:c8:44:f3:b1:04:31:b1:a1:bf:
05:cc:b1:af:0c:bc:2c:5a:f0:d1:e2:2d:15:39:82:
42:33:56:ae:02:ef:95:72:3a:31:98:8f:55:c1:72:
04:30:25:d8:0a:9e:4a:6d:38:c2:58:66:dd:f1:6d:
b3:dd:88:63:dd:16:0d:ba:29:81:c4:49:fc:d7:12:
74:61:87:c6:d9:1e:14:4d:a1:da:08:c2:0e:71:f4:
35:5a:13:9a:e5:11:fa:aa:6e:bd:15:33:e1:7e:f6:
ab:eb:2a:ae:49:63:d5:ec:0d:4f:da:b5:f3:50:fa:
7c:10:75:3a:72:d3:b4:91:16:39:50:af:1d:f8:66:
80:35:d1:70:7b:19:85:3e:0a:ab:fa:a8:6c:3a:e5:
44:c4:b1:55:3b:f0:68:b6:8e:df:2b:94:e4:f3:cc:
53:55:25:c9:dc:e9:ef:b5:c5:b1:36:50:8a:3c:75:
1a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:EF:00:D1:59:55:41:93:8F:BC:E8:0F:A7:C6:09:AA:BE:6D:C6:AF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ne8A0VlVQZOPvOgPp8YJqr5txq8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:85:51:15:2d:ef:3b:33:24:96:48:75:e9:a0:d2:c7:c7:2a:
e1:27:ad:bb:7b:9d:08:e3:a8:69:35:98:ab:32:07:d2:ed:86:
51:16:59:d3:f4:6a:a6:bb:d2:11:00:f9:28:a2:e7:e5:4a:ec:
d5:97:c7:0d:d4:d6:ae:5d:a8:56:3d:8a:c9:7d:f8:95:86:b8:
c2:ba:7b:39:ba:91:00:84:41:04:71:75:ce:f1:db:a8:0e:d0:
bf:ec:02:84:94:c1:77:0f:13:62:a9:97:9a:16:88:e1:69:01:
a1:d9:e0:a5:a3:bd:9c:10:62:24:27:a8:ca:f5:a7:05:96:96:
02:18:c0:5f:a0:b2:7e:ea:44:e5:0f:f3:eb:42:95:3c:90:15:
29:35:b3:85:af:9b:10:1f:af:2e:5b:65:07:ce:c7:a4:1e:9f:
aa:53:6e:82:f2:d1:ec:94:e6:4c:3c:b8:d1:d6:e3:f0:b1:21:
74:11:5e:c6:45:33:a7:7f:ce:2e:09:60:b3:23:6b:22:49:b3:
3c:ee:78:6b:b2:f8:fd:5f:16:45:5f:f6:e1:e3:8c:ec:d9:dc:
a0:8a:87:c9:29:08:0c:b9:82:d4:30:f6:46:cb:31:89:68:10:
a6:81:4e:08:cb:cf:ac:78:8a:6b:b1:2a:68:c5:a5:58:f4:f3:
51:e8:91:19
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcy
MTA5MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM1RUYwMEQxNTk1NTQx
OTM4RkJDRTgwRkE3QzYwOUFBQkU2REM2QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC27C/Trv6xEooQj8MDjTGMIENlH8XaVg4GJyj8svUztzSp7e1A
RUt5dq0/IlrorLif2IcBVbmlbxXCbNk3Olp3uBAM4qmVD8SSQ0mSfXFO0MhE87EE
MbGhvwXMsa8MvCxa8NHiLRU5gkIzVq4C75VyOjGYj1XBcgQwJdgKnkptOMJYZt3x
bbPdiGPdFg26KYHESfzXEnRhh8bZHhRNodoIwg5x9DVaE5rlEfqqbr0VM+F+9qvr
Kq5JY9XsDU/atfNQ+nwQdTpy07SRFjlQrx34ZoA10XB7GYU+Cqv6qGw65UTEsVU7
8Gi2jt8rlOTzzFNVJcnc6e+1xbE2UIo8dRpfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNe8A0VlVQZOPvOgPp8YJqr5txq8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OZThBMFZsVlFaT1B2T2dQ
cDhZSnFyNXR4cTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABWFURUt7zszJJZIdemg0sfHKuEnrbt7nQjj
qGk1mKsyB9LthlEWWdP0aqa70hEA+Sii5+VK7NWXxw3U1q5dqFY9isl9+JWGuMK6
ezm6kQCEQQRxdc7x26gO0L/sAoSUwXcPE2Kpl5oWiOFpAaHZ4KWjvZwQYiQnqMr1
pwWWlgIYwF+gsn7qROUP8+tClTyQFSk1s4WvmxAfry5bZQfOx6Qen6pTboLy0eyU
5kw8uNHW4/CxIXQRXsZFM6d/zi4JYLMjayJJszzueGuy+P1fFkVf9uHjjOzZ3KCK
h8kpCAy5gtQw9kbLMYloEKaBTgjLz6x4imuxKmjFpVj081HokRk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:58:47 2025 by rpki-client