Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VhQogEgVrYEvCkPvNqeJF2S9Z5Q.roa
File: VhQogEgVrYEvCkPvNqeJF2S9Z5Q.roa (raw, json)
Hash identifier: AEPN1J9a5IfGgrPeqDHw8JH+GEz3QLkwu8NxGKTONfE=
Subject key identifier: 56:14:28:80:48:15:AD:81:2F:0A:43:EF:36:A7:89:17:64:BD:67:94
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B72
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VhQogEgVrYEvCkPvNqeJF2S9Z5Q.roa
Signing time: Thu 12 Jun 2025 16:09:54 +0000
ROA not before: Thu 12 Jun 2025 16:09:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7026 (0x1b72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 16:09:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=561428804815AD812F0A43EF36A7891764BD6794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:08:72:ed:61:c3:65:3c:31:4d:ef:3d:42:1b:
ff:75:08:a8:39:64:95:69:95:cb:e9:ac:52:bd:20:
2d:9e:a1:b9:53:22:b8:d7:09:a9:4d:1d:39:f9:db:
b6:47:08:6f:89:5e:84:63:a1:0a:40:d7:49:99:d5:
8d:99:a2:4e:4d:37:aa:8c:2c:7f:8c:6d:92:0d:8f:
63:c6:61:0f:05:9b:d4:31:31:e5:88:5e:a8:d6:df:
b9:28:ed:d4:e2:19:82:c0:4b:da:b8:15:15:e6:68:
38:59:5b:84:1d:c5:c3:58:2f:ab:1c:12:be:1d:93:
c5:09:21:0d:be:57:ed:79:66:5d:2d:87:1b:d8:54:
5f:bd:e5:a3:a6:4b:d3:1a:f1:1d:b6:d6:a1:c1:73:
26:f2:c5:7e:5b:b1:c5:ac:55:92:21:5e:92:df:a5:
d8:1f:15:61:3d:e5:f9:10:9c:a4:fa:9c:bc:da:b9:
59:77:c6:54:2e:70:b9:d7:bb:8f:df:22:a1:4a:ed:
99:7e:f0:06:55:6e:70:72:1d:09:ae:f3:f3:43:ea:
6b:ad:64:2c:97:c4:1f:8a:4e:7c:46:0b:b2:94:77:
fc:47:26:14:9c:58:d3:b1:47:12:fe:0d:59:b7:d7:
ec:85:4e:c5:80:17:fb:fc:f8:bc:61:ad:43:13:ce:
a3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:14:28:80:48:15:AD:81:2F:0A:43:EF:36:A7:89:17:64:BD:67:94
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VhQogEgVrYEvCkPvNqeJF2S9Z5Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2c:3c:ec:93:e0:2f:67:f6:ea:fb:9c:33:77:3e:6d:9f:c3:b2:
a8:a0:9a:d3:51:6e:05:ee:99:6d:13:6c:ca:17:47:7e:f8:5c:
51:25:cc:c4:de:77:69:41:e2:f7:d1:7b:e5:5e:c4:29:82:fb:
41:1f:2e:42:f6:1e:00:ae:e8:cc:21:3e:c1:c4:d3:01:5a:69:
fc:7e:b8:90:38:1f:5a:41:17:e0:70:85:64:b8:04:a1:07:10:
38:aa:d2:0f:6c:09:2c:af:90:87:49:89:3f:b5:f4:d1:5e:30:
f9:75:8e:f4:66:e8:58:1b:c8:da:c5:8f:ce:0b:f0:58:e6:59:
bc:ac:d6:85:78:44:7b:54:14:15:b4:a3:aa:44:6a:b6:30:4a:
3b:a8:9b:63:8b:e1:98:e7:f7:7b:4d:12:b6:f0:dd:52:b5:93:
1b:9f:42:0a:b1:8e:8a:71:b8:09:b9:bd:a7:d4:9e:11:36:4e:
7d:cb:66:48:e5:29:a6:ff:15:66:62:39:78:90:37:b2:57:b0:
79:bf:bd:68:b1:62:18:ba:ef:fc:14:63:5c:f5:0d:63:5e:9f:
4f:0f:0a:cd:36:bd:db:09:22:aa:22:d0:58:9a:59:fc:e2:8a:
d2:51:21:30:ab:79:84:e1:ab:27:5f:3f:d2:13:0c:2c:0a:cd:
7c:51:9f:5d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIx
NjA5NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU2MTQyODgwNDgxNUFE
ODEyRjBBNDNFRjM2QTc4OTE3NjRCRDY3OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVCHLtYcNlPDFN7z1CG/91CKg5ZJVplcvprFK9IC2eoblTIrjX
CalNHTn527ZHCG+JXoRjoQpA10mZ1Y2Zok5NN6qMLH+MbZINj2PGYQ8Fm9QxMeWI
XqjW37ko7dTiGYLAS9q4FRXmaDhZW4QdxcNYL6scEr4dk8UJIQ2+V+15Zl0thxvY
VF+95aOmS9Ma8R221qHBcybyxX5bscWsVZIhXpLfpdgfFWE95fkQnKT6nLzauVl3
xlQucLnXu4/fIqFK7Zl+8AZVbnByHQmu8/ND6mutZCyXxB+KTnxGC7KUd/xHJhSc
WNOxRxL+DVm31+yFTsWAF/v8+LxhrUMTzqPRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVhQogEgVrYEvCkPvNqeJF2S9Z5QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WaFFvZ0VnVnJZRXZDa1B2
TnFlSkYyUzlaNVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACw87JPgL2f26vucM3c+bZ/DsqigmtNRbgXu
mW0TbMoXR374XFElzMTed2lB4vfRe+VexCmC+0EfLkL2HgCu6MwhPsHE0wFaafx+
uJA4H1pBF+BwhWS4BKEHEDiq0g9sCSyvkIdJiT+19NFeMPl1jvRm6FgbyNrFj84L
8FjmWbys1oV4RHtUFBW0o6pEarYwSjuom2OL4Zjn93tNErbw3VK1kxufQgqxjopx
uAm5vafUnhE2Tn3LZkjlKab/FWZiOXiQN7JXsHm/vWixYhi67/wUY1z1DWNen08P
Cs02vdsJIqoi0FiaWfziitJRITCreYThqydfP9ITDCwKzXxRn10=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:24 2025 by rpki-client