Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RGmcgAx_9ddzLDW487BZObTdiHk.roa
File: RGmcgAx_9ddzLDW487BZObTdiHk.roa (raw, json)
Hash identifier: csIzoima732xMKHFgsRZIE6wqIQRMSec5dRaYuqL1L8=
Subject key identifier: 44:69:9C:80:0C:7F:F5:D7:73:2C:35:B8:F3:B0:59:39:B4:DD:88:79
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F0E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RGmcgAx_9ddzLDW487BZObTdiHk.roa
Signing time: Tue 27 May 2025 03:38:47 +0000
ROA not before: Tue 27 May 2025 03:38:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3854 (0xf0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 03:38:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=44699C800C7FF5D7732C35B8F3B05939B4DD8879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:55:97:3b:d8:50:6f:8a:6e:e7:c6:4c:98:84:
58:40:88:94:01:73:ec:7a:c2:44:16:db:ee:80:ba:
24:f3:cd:0f:9a:6d:cf:4b:33:85:81:8b:0f:3f:66:
1e:4c:59:fc:46:08:87:99:42:8e:ee:6e:16:55:85:
af:14:09:f5:f8:4f:6b:f1:da:97:13:6d:14:15:5a:
f6:b8:3a:30:b7:91:64:a1:d4:19:53:52:a0:5b:7b:
fa:1f:3b:3a:0e:c3:0a:57:32:86:95:a2:80:b7:4f:
41:da:85:88:b4:a9:36:79:7b:ac:7a:9d:24:e4:76:
db:10:87:45:2a:a7:f2:3a:07:69:d7:e6:45:86:bc:
74:a3:3b:cb:ce:4f:3b:3f:73:18:43:25:7d:4b:80:
20:49:b9:54:c2:e1:fd:0b:1b:59:f8:d0:cf:01:dc:
9c:03:7d:cb:5a:10:96:07:d2:c6:b7:bb:23:cd:3f:
80:92:43:b4:44:66:52:c6:07:b5:8b:c0:29:a9:d8:
5b:09:01:d0:86:28:5c:bc:5a:54:98:b6:9b:c7:2e:
f8:51:5a:bf:1f:d8:ac:7d:f9:29:cf:4f:10:8b:41:
69:d6:44:c1:98:5a:0a:87:2e:17:e5:4d:04:98:e4:
7c:79:8f:3b:4c:58:3e:e3:84:39:ad:84:a7:27:87:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:69:9C:80:0C:7F:F5:D7:73:2C:35:B8:F3:B0:59:39:B4:DD:88:79
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RGmcgAx_9ddzLDW487BZObTdiHk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:c7:fb:ff:29:e0:76:d9:e3:ba:e3:fd:b9:3c:e8:01:23:96:
ad:17:96:93:37:d8:e5:84:b1:db:c5:8b:49:cf:fa:f6:87:b1:
6f:99:f1:a5:f3:9f:1d:92:39:fa:a9:4e:72:53:14:55:7d:96:
a7:21:f9:f8:42:6d:a2:35:ea:b9:9b:5e:2e:13:1d:67:8f:f2:
e6:c0:f1:fa:4b:77:83:bc:86:67:44:20:d5:d6:f0:ac:2d:ec:
87:28:61:b7:4f:16:63:bc:3a:a7:92:44:c0:76:d1:ed:ac:7b:
11:0d:bd:a1:3f:83:f3:31:38:cf:7a:1e:b0:61:38:f3:1f:6d:
97:a9:17:26:bc:2c:29:e8:11:48:32:e4:f7:69:8d:02:ab:25:
62:be:d4:18:b1:8a:13:80:07:f8:88:dc:c7:83:2a:6e:05:17:
a7:0b:b9:56:f9:81:8c:0b:47:87:d8:f3:0c:98:eb:f6:a1:92:
e1:03:49:4b:a4:87:67:1f:6d:c3:b1:ab:0d:ae:18:1b:c1:d6:
5d:3b:09:b0:0e:d2:5f:ce:2a:11:f0:90:65:29:70:7f:6d:db:
46:b2:99:c3:c4:c0:83:be:64:0f:df:aa:11:fd:01:cc:5c:cc:
76:19:03:ca:74:9a:93:60:6b:80:55:61:9e:c5:49:a4:50:c0:
5f:e7:27:f1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDw4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
MzM4NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ0Njk5QzgwMEM3RkY1
RDc3MzJDMzVCOEYzQjA1OTM5QjRERDg4NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHVZc72FBvim7nxkyYhFhAiJQBc+x6wkQW2+6AuiTzzQ+abc9L
M4WBiw8/Zh5MWfxGCIeZQo7ubhZVha8UCfX4T2vx2pcTbRQVWva4OjC3kWSh1BlT
UqBbe/ofOzoOwwpXMoaVooC3T0HahYi0qTZ5e6x6nSTkdtsQh0Uqp/I6B2nX5kWG
vHSjO8vOTzs/cxhDJX1LgCBJuVTC4f0LG1n40M8B3JwDfctaEJYH0sa3uyPNP4CS
Q7REZlLGB7WLwCmp2FsJAdCGKFy8WlSYtpvHLvhRWr8f2Kx9+SnPTxCLQWnWRMGY
WgqHLhflTQSY5Hx5jztMWD7jhDmthKcnh4aXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURGmcgAx/9ddzLDW487BZObTdiHkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SR21jZ0F4XzlkZHpMRFc0
ODdCWk9iVGRpSGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAnH+/8p4HbZ47rj/bk86AEjlq0XlpM32OWE
sdvFi0nP+vaHsW+Z8aXznx2SOfqpTnJTFFV9lqch+fhCbaI16rmbXi4THWeP8ubA
8fpLd4O8hmdEINXW8Kwt7IcoYbdPFmO8OqeSRMB20e2sexENvaE/g/MxOM96HrBh
OPMfbZepFya8LCnoEUgy5PdpjQKrJWK+1BixihOAB/iI3MeDKm4FF6cLuVb5gYwL
R4fY8wyY6/ahkuEDSUukh2cfbcOxqw2uGBvB1l07CbAO0l/OKhHwkGUpcH9t20ay
mcPEwIO+ZA/fqhH9AcxczHYZA8p0mpNga4BVYZ7FSaRQwF/nJ/E=
-----END CERTIFICATE-----
Generated at Sat Jun 21 02:37:37 2025 by rpki-client