Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/U5CdIeQ07aZ8kyI7_SEzlLeW3QI.roa
File: U5CdIeQ07aZ8kyI7_SEzlLeW3QI.roa (raw, json)
Hash identifier: 9NOekKg+Q8EzEutP0tq6nwn2qzvchGpcW80Mldrrfe8=
Subject key identifier: 53:90:9D:21:E4:34:ED:A6:7C:93:22:3B:FD:21:33:94:B7:96:DD:02
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1566
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/U5CdIeQ07aZ8kyI7_SEzlLeW3QI.roa
Signing time: Wed 04 Jun 2025 14:39:22 +0000
ROA not before: Wed 04 Jun 2025 14:39:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5478 (0x1566)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 14:39:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=53909D21E434EDA67C93223BFD213394B796DD02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d7:95:ac:c2:a4:da:85:d2:3c:e0:ee:4e:c8:
ca:30:8f:cb:a6:c0:da:9a:e6:47:80:41:62:ee:07:
06:82:42:3e:b4:78:07:18:25:c8:80:4c:b3:2b:00:
2e:f2:59:6c:e2:cf:11:62:88:d8:4a:cc:ec:81:cd:
a9:d9:a0:75:0b:ab:f5:cd:99:9d:73:b2:59:c7:d3:
b8:cc:fd:ef:1e:dd:92:b1:cb:6a:b5:22:1a:73:6d:
fa:39:67:e0:ba:7a:15:b4:0d:98:b4:48:a3:d4:8e:
f8:b7:3f:4f:7f:b0:6b:22:bb:3e:6b:94:8d:ac:5e:
ea:89:f6:a8:f6:72:71:d6:24:0f:7a:36:97:b5:22:
69:9c:ea:36:d3:6d:b7:89:54:f5:66:a9:97:52:ba:
d0:ec:61:1c:36:4c:8b:28:6f:f7:40:a5:1f:e7:35:
dc:86:dc:6c:0d:f4:94:16:23:eb:68:71:0b:6e:5d:
c0:1e:9a:b6:2d:3f:c5:ce:4b:70:55:eb:2f:8f:b4:
f2:a7:66:c5:93:2c:a2:66:ab:a1:f1:38:07:6e:19:
7a:23:83:d6:04:e1:32:fa:ed:66:c3:66:b4:b8:9e:
5e:d5:b3:fd:c3:f0:fc:fe:45:3f:81:46:bd:81:c0:
5c:69:55:11:67:3a:ac:7d:18:c9:33:a3:c1:66:5e:
58:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:90:9D:21:E4:34:ED:A6:7C:93:22:3B:FD:21:33:94:B7:96:DD:02
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/U5CdIeQ07aZ8kyI7_SEzlLeW3QI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:09:4b:26:ad:46:7f:1c:0c:52:ab:0e:6e:a8:f6:b2:e9:13:
7d:7c:60:1a:da:6d:4f:18:7d:fd:a8:8c:4b:19:90:b7:1b:3e:
1a:3d:37:a3:da:63:ef:51:1b:a6:73:79:f6:2d:0e:0d:0a:d4:
de:64:ad:08:dc:32:6d:29:b2:d1:f0:3f:2c:b9:0b:78:3e:68:
87:07:b4:9d:db:24:ec:80:63:bf:03:7d:f8:07:d7:67:4a:27:
dc:43:a4:d3:5f:fe:36:04:c4:c1:f4:0f:6d:d5:00:1b:03:66:
9e:34:cc:dc:0c:e1:eb:ca:4e:eb:95:64:66:df:96:9f:27:0a:
5d:11:04:4d:56:0b:17:1c:4d:45:4f:6e:05:6f:8f:f1:30:e9:
d9:79:69:8a:fd:0c:95:81:20:99:89:ef:03:98:c1:a9:d8:78:
87:5a:aa:eb:91:67:cb:5e:bf:17:10:30:26:32:69:cf:4c:6d:
3a:5a:78:1f:29:84:8e:c1:ca:e5:0f:55:fd:78:89:e3:1f:ab:
58:0a:c9:13:97:d9:37:3d:95:51:dd:08:66:12:b4:fe:c0:ba:
68:60:35:c5:6f:21:0a:f0:f4:e7:37:84:40:a4:4a:f5:74:0e:
8e:06:05:a7:78:ab:86:2e:1d:87:45:81:e9:dd:87:85:6a:bd:
f1:57:dd:5c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQx
NDM5MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUzOTA5RDIxRTQzNEVE
QTY3QzkzMjIzQkZEMjEzMzk0Qjc5NkREMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/15WswqTahdI84O5OyMowj8umwNqa5keAQWLuBwaCQj60eAcY
JciATLMrAC7yWWzizxFiiNhKzOyBzanZoHULq/XNmZ1zslnH07jM/e8e3ZKxy2q1
Ihpzbfo5Z+C6ehW0DZi0SKPUjvi3P09/sGsiuz5rlI2sXuqJ9qj2cnHWJA96Npe1
Immc6jbTbbeJVPVmqZdSutDsYRw2TIsob/dApR/nNdyG3GwN9JQWI+tocQtuXcAe
mrYtP8XOS3BV6y+PtPKnZsWTLKJmq6HxOAduGXojg9YE4TL67WbDZrS4nl7Vs/3D
8Pz+RT+BRr2BwFxpVRFnOqx9GMkzo8FmXlhrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUU5CdIeQ07aZ8kyI7/SEzlLeW3QIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VNUNkSWVRMDdhWjhreUk3
X1NFemxMZVczUUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADUJSyatRn8cDFKrDm6o9rLpE318YBrabU8Y
ff2ojEsZkLcbPho9N6PaY+9RG6ZzefYtDg0K1N5krQjcMm0pstHwPyy5C3g+aIcH
tJ3bJOyAY78DffgH12dKJ9xDpNNf/jYExMH0D23VABsDZp40zNwM4evKTuuVZGbf
lp8nCl0RBE1WCxccTUVPbgVvj/Ew6dl5aYr9DJWBIJmJ7wOYwanYeIdaquuRZ8te
vxcQMCYyac9MbTpaeB8phI7ByuUPVf14ieMfq1gKyROX2Tc9lVHdCGYStP7Aumhg
NcVvIQrw9Oc3hECkSvV0Do4GBad4q4YuHYdFgendh4VqvfFX3Vw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:48:21 2025 by rpki-client