Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PJ7V603BLN-gmp865-ixZGOsStc.roa
File: PJ7V603BLN-gmp865-ixZGOsStc.roa (raw, json)
Hash identifier: nxODnx/y58LtkxPOQ6ILXuLXjqVv0tzcHSi/B9bhGOQ=
Subject key identifier: 3C:9E:D5:EB:4D:C1:2C:DF:A0:9A:9F:3A:E7:E8:B1:64:63:AC:4A:D7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C7E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PJ7V603BLN-gmp865-ixZGOsStc.roa
Signing time: Sat 14 Jun 2025 01:39:54 +0000
ROA not before: Sat 14 Jun 2025 01:39:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7294 (0x1c7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 01:39:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3C9ED5EB4DC12CDFA09A9F3AE7E8B16463AC4AD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:76:40:36:5c:0c:fa:56:c6:b6:cc:92:85:df:
95:38:fb:01:20:3a:ff:1a:51:57:47:de:0f:96:ef:
bc:c1:d1:e8:c3:fd:9d:2d:33:dd:49:0b:25:7b:dc:
c8:40:4d:28:a2:73:5f:80:e8:a0:0a:85:a6:b5:c8:
90:95:a7:55:11:a7:35:81:08:db:8c:e6:63:c9:55:
c3:e3:0e:0b:46:8c:fa:26:e4:5d:6c:2c:9f:4a:2d:
18:7f:2a:97:6d:50:70:e4:c3:83:2e:c0:d2:d7:92:
57:c2:e7:ea:39:45:87:b2:60:84:2d:df:43:2f:86:
40:7a:8d:b9:9d:d4:92:cf:cd:60:d5:b1:a4:64:37:
a1:8f:9a:74:dd:d9:4f:4a:3a:b0:55:8a:06:83:09:
15:12:72:aa:c3:8d:ea:b2:cb:4b:24:91:7a:09:df:
d9:7a:1e:14:1a:b6:8a:66:0e:4d:6c:03:8a:19:00:
1d:26:18:67:6d:72:19:b3:5a:f7:b4:31:b0:92:4d:
f2:70:f5:1c:4d:61:64:66:ab:4f:05:54:23:39:bc:
61:e7:d0:b6:4b:54:7d:a6:6e:02:7a:63:f7:a4:8c:
6b:68:ff:f1:fb:84:30:ec:2a:35:e5:8f:b8:99:94:
7b:e1:6a:4d:ce:92:31:5b:c4:f3:47:4c:fb:c5:6f:
65:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9E:D5:EB:4D:C1:2C:DF:A0:9A:9F:3A:E7:E8:B1:64:63:AC:4A:D7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PJ7V603BLN-gmp865-ixZGOsStc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:4b:e8:d6:24:a3:f3:e4:df:bf:5c:e3:a2:a6:6e:f5:2a:57:
e5:ab:56:ff:96:85:e9:b2:dc:1f:fe:95:76:2c:f0:19:74:2a:
29:b1:00:e1:ac:eb:28:76:68:6e:45:59:0e:20:14:fc:24:42:
d0:99:b2:d7:7b:35:14:c6:c7:50:4a:fe:bd:f8:ec:25:17:2d:
93:16:5a:bd:5b:b6:ba:41:95:c4:c1:c1:61:a9:76:47:97:d9:
41:de:74:74:4d:32:f8:3a:3c:18:9e:91:81:9f:04:87:b7:ee:
50:20:57:71:4f:2a:4d:4c:b2:a4:27:97:9f:75:21:5a:2d:31:
a7:d4:15:e3:c3:57:ac:2f:8d:96:e4:b3:2a:04:24:24:30:32:
50:52:c1:89:33:3d:2d:5b:40:db:f6:0f:27:71:6c:54:15:9e:
10:e8:b7:5d:9b:25:c5:b1:be:ca:c8:a2:80:1c:ea:fe:8f:28:
4d:1e:c6:b3:3a:c3:0b:ac:56:ea:2a:31:87:91:7f:17:0f:99:
f0:82:e3:03:90:96:e7:42:c2:10:35:77:1c:fd:7b:ba:cc:29:
ca:21:d6:86:09:fc:e5:a0:22:88:4d:c1:09:bf:19:be:2a:93:
88:1a:05:37:a3:67:84:40:c3:aa:d5:dd:78:2b:1f:e3:2a:18:
8f:30:80:3d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
MTM5NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNDOUVENUVCNERDMTJD
REZBMDlBOUYzQUU3RThCMTY0NjNBQzRBRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvdkA2XAz6Vsa2zJKF35U4+wEgOv8aUVdH3g+W77zB0ejD/Z0t
M91JCyV73MhATSiic1+A6KAKhaa1yJCVp1URpzWBCNuM5mPJVcPjDgtGjPom5F1s
LJ9KLRh/KpdtUHDkw4MuwNLXklfC5+o5RYeyYIQt30MvhkB6jbmd1JLPzWDVsaRk
N6GPmnTd2U9KOrBVigaDCRUScqrDjeqyy0skkXoJ39l6HhQatopmDk1sA4oZAB0m
GGdtchmzWve0MbCSTfJw9RxNYWRmq08FVCM5vGHn0LZLVH2mbgJ6Y/ekjGto//H7
hDDsKjXlj7iZlHvhak3OkjFbxPNHTPvFb2UDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPJ7V603BLN+gmp865+ixZGOsStcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QSjdWNjAzQkxOLWdtcDg2
NS1peFpHT3NTdGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIxL6NYko/Pk379c46KmbvUqV+WrVv+Whemy
3B/+lXYs8Bl0KimxAOGs6yh2aG5FWQ4gFPwkQtCZstd7NRTGx1BK/r347CUXLZMW
Wr1btrpBlcTBwWGpdkeX2UHedHRNMvg6PBiekYGfBIe37lAgV3FPKk1MsqQnl591
IVotMafUFePDV6wvjZbksyoEJCQwMlBSwYkzPS1bQNv2DydxbFQVnhDot12bJcWx
vsrIooAc6v6PKE0exrM6wwusVuoqMYeRfxcPmfCC4wOQludCwhA1dxz9e7rMKcoh
1oYJ/OWgIohNwQm/Gb4qk4gaBTejZ4RAw6rV3XgrH+MqGI8wgD0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 11:37:18 2025 by rpki-client