Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QFvN1_b2DLx-VqWXGVS99xliV60.roa
File: QFvN1_b2DLx-VqWXGVS99xliV60.roa (raw, json)
Hash identifier: CvcfGhVcO6ZfBEvzxMZSLENYPPaAQM2v3Y4P8U7YYJc=
Subject key identifier: 40:5B:CD:D7:F6:F6:0C:BC:7E:56:A5:97:19:54:BD:F7:19:62:57:AD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B12
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QFvN1_b2DLx-VqWXGVS99xliV60.roa
Signing time: Thu 12 Jun 2025 04:09:58 +0000
ROA not before: Thu 12 Jun 2025 04:09:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6930 (0x1b12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 04:09:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=405BCDD7F6F60CBC7E56A5971954BDF7196257AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b2:85:b7:6b:16:dc:c0:38:df:e3:76:0a:4b:
d3:fa:66:63:58:6c:43:0d:d5:a6:48:ee:2f:9e:75:
bf:b3:c4:e9:4e:90:44:e6:48:0c:45:b9:f4:9d:33:
dc:f2:bb:c0:0f:02:a9:be:e9:5b:6b:7f:23:3e:15:
22:d8:8a:54:7c:6c:c2:42:da:44:36:b6:c6:a1:92:
96:39:ba:d3:9e:66:ea:37:76:11:90:d1:19:17:57:
20:4d:82:54:ab:ff:e1:21:fc:22:20:8e:99:c6:60:
12:94:8e:98:5d:0d:f6:e0:dd:2c:6b:a2:ec:31:b4:
eb:7a:aa:b5:02:b7:40:b8:7e:73:c6:bf:67:a4:72:
76:ec:f1:2e:2b:92:a4:6d:ff:2a:bd:7a:db:03:9e:
87:12:36:e6:27:4c:e3:a7:58:b2:37:a0:34:1a:59:
d8:78:fb:34:b1:64:02:8b:61:98:b6:64:8f:07:31:
ca:db:b5:68:7a:8f:81:e3:fb:4a:8b:15:9a:ab:f0:
4e:75:2e:ce:87:1d:a2:4a:a6:76:08:cd:26:7d:60:
c0:23:01:e7:c2:77:ac:64:eb:e4:d7:5e:2e:57:a2:
4b:a0:8f:23:03:99:81:4f:f7:5d:18:08:2b:65:f1:
43:c3:89:e2:11:7f:a2:1f:e1:aa:38:6b:8f:b0:b9:
4a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:5B:CD:D7:F6:F6:0C:BC:7E:56:A5:97:19:54:BD:F7:19:62:57:AD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QFvN1_b2DLx-VqWXGVS99xliV60.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:e0:dd:11:bd:3e:32:e6:73:3e:15:65:08:e5:9b:aa:24:25:
f3:34:73:18:50:de:f7:93:70:23:1c:24:f8:86:62:ff:06:89:
89:a2:38:14:7f:04:29:b9:48:34:32:11:82:6e:a7:05:18:8b:
28:24:ca:0b:61:51:a9:22:25:c0:c0:1b:5e:cc:da:ce:d6:8c:
7c:5c:ae:d6:4e:b3:f7:f1:3f:be:5b:74:f6:b7:18:9b:87:cb:
3b:d0:f7:65:27:8e:2f:60:eb:fa:a7:92:1a:8d:6f:1c:da:77:
f0:5b:c5:10:3e:c9:25:c1:9b:1a:02:7f:09:4d:05:66:4c:a7:
dc:f9:a1:67:c1:69:4a:58:f7:61:25:16:bc:54:12:32:c4:74:
73:d0:9c:e8:69:dd:a7:30:92:1f:e1:a3:55:de:90:8b:7a:a8:
ae:5c:24:aa:5b:d3:0b:3f:a9:72:b7:06:53:43:3c:1d:65:58:
b3:2c:37:0e:de:1c:87:db:1c:a7:3d:cc:5d:f2:17:73:42:c6:
54:66:6e:56:4e:bf:c4:35:4e:f7:fc:dc:9c:0f:8b:cd:2a:6e:
22:ec:5b:56:b1:55:bc:97:4c:a5:a8:d9:f4:4b:22:90:94:33:
db:fe:a8:3e:9b:fb:77:11:6d:7d:7a:40:9a:96:f4:c0:90:6a:
66:0a:24:05
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIw
NDA5NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQwNUJDREQ3RjZGNjBD
QkM3RTU2QTU5NzE5NTRCREY3MTk2MjU3QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNsoW3axbcwDjf43YKS9P6ZmNYbEMN1aZI7i+edb+zxOlOkETm
SAxFufSdM9zyu8APAqm+6VtrfyM+FSLYilR8bMJC2kQ2tsahkpY5utOeZuo3dhGQ
0RkXVyBNglSr/+Eh/CIgjpnGYBKUjphdDfbg3SxrouwxtOt6qrUCt0C4fnPGv2ek
cnbs8S4rkqRt/yq9etsDnocSNuYnTOOnWLI3oDQaWdh4+zSxZAKLYZi2ZI8HMcrb
tWh6j4Hj+0qLFZqr8E51Ls6HHaJKpnYIzSZ9YMAjAefCd6xk6+TXXi5XokugjyMD
mYFP910YCCtl8UPDieIRf6If4ao4a4+wuUopAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQFvN1/b2DLx+VqWXGVS99xliV60wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RRnZOMV9iMkRMeC1WcVdY
R1ZTOTl4bGlWNjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHXg3RG9PjLmcz4VZQjlm6okJfM0cxhQ3veT
cCMcJPiGYv8GiYmiOBR/BCm5SDQyEYJupwUYiygkygthUakiJcDAG17M2s7WjHxc
rtZOs/fxP75bdPa3GJuHyzvQ92Unji9g6/qnkhqNbxzad/BbxRA+ySXBmxoCfwlN
BWZMp9z5oWfBaUpY92ElFrxUEjLEdHPQnOhp3acwkh/ho1XekIt6qK5cJKpb0ws/
qXK3BlNDPB1lWLMsNw7eHIfbHKc9zF3yF3NCxlRmblZOv8Q1Tvf83JwPi80qbiLs
W1axVbyXTKWo2fRLIpCUM9v+qD6b+3cRbX16QJqW9MCQamYKJAU=
-----END CERTIFICATE-----
Generated at Sat Jun 21 21:19:54 2025 by rpki-client