Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ViD_jbxVAk12kHmw9ZsfBGdiUlM.roa
File: ViD_jbxVAk12kHmw9ZsfBGdiUlM.roa (raw, json)
Hash identifier: YmAjcRWWR02IWztVdkbB/bxm7dYlFOAhPhszwEqjUkk=
Subject key identifier: 56:20:FF:8D:BC:55:02:4D:76:90:79:B0:F5:9B:1F:04:67:62:52:53
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 181A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ViD_jbxVAk12kHmw9ZsfBGdiUlM.roa
Signing time: Sun 08 Jun 2025 05:09:33 +0000
ROA not before: Sun 08 Jun 2025 05:09:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6170 (0x181a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 05:09:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5620FF8DBC55024D769079B0F59B1F0467625253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9a:ba:cc:75:8d:db:d8:3f:66:d3:03:58:4d:
ed:0b:c9:21:01:fa:d5:f0:69:e8:b7:c7:b5:ba:fe:
09:0d:45:93:22:d5:b2:8b:6b:c4:77:af:e5:eb:27:
e0:95:e1:35:3c:01:a2:d7:e7:0f:d0:af:4e:10:a8:
89:3d:ac:21:28:0f:7e:7a:ce:17:e0:1f:da:ec:3c:
21:a3:0e:4d:70:33:fb:55:aa:7e:7d:01:e3:67:aa:
0c:b6:59:68:64:aa:dd:23:15:ed:09:01:bf:1d:83:
60:ea:d6:50:54:fc:1a:53:61:49:95:a8:73:e3:47:
cc:0a:4a:66:a7:85:23:6d:ef:3a:74:89:ef:40:7a:
eb:e3:95:9c:76:7f:5d:69:94:0d:05:e1:98:81:bd:
e7:ec:1c:64:e0:fa:65:94:10:de:29:92:36:70:00:
20:c4:6e:6c:65:4c:5e:26:c8:16:52:b6:84:e7:24:
b4:ed:1a:26:96:f4:af:d6:b3:94:34:62:38:b5:ae:
85:8f:b1:d7:08:da:1e:95:6a:f7:a5:0c:94:bd:e4:
aa:a2:0f:ea:02:86:83:18:43:05:0e:8b:59:ee:6f:
ea:5b:fe:dc:00:c3:ed:b3:af:af:a3:48:86:95:91:
9e:b6:a2:83:12:e0:64:17:58:d6:49:b1:6e:75:25:
dc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:20:FF:8D:BC:55:02:4D:76:90:79:B0:F5:9B:1F:04:67:62:52:53
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ViD_jbxVAk12kHmw9ZsfBGdiUlM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:84:48:52:ab:ef:d0:c1:ab:b2:36:8d:0f:e9:84:0c:67:8f:
d5:7b:cf:df:48:a4:05:ad:a3:17:af:d2:2c:1d:3e:6f:8b:a7:
9a:c4:a4:b7:1b:c5:b9:a0:9f:d4:5b:10:ba:e6:f4:44:e1:73:
2e:fc:d0:11:0a:b1:79:22:0c:84:28:6a:be:2b:88:ac:08:8e:
a7:80:2f:8d:34:c7:f8:30:e0:49:5c:c4:c4:b2:c9:fc:52:16:
5f:5e:30:b7:0c:cf:68:e7:db:f8:e0:32:38:7a:31:68:33:b7:
87:b7:ec:7c:45:8d:72:a2:eb:29:db:f0:06:21:3d:9b:25:17:
4f:16:dc:be:1a:ca:01:31:13:09:ec:08:10:87:b6:a3:18:26:
00:d3:55:05:7a:97:1c:f3:64:68:cd:2d:f3:62:13:91:7a:45:
dc:34:90:0c:03:1a:cf:ce:17:54:2a:2c:5c:06:4a:d3:e4:ba:
30:34:31:d1:99:11:fd:2a:7e:58:0d:50:ad:fa:2f:1b:89:04:
cc:e2:6d:f3:70:ce:ac:8b:94:9a:74:a7:4f:09:05:48:47:a1:
44:79:34:ee:06:42:5c:69:f4:ed:47:85:b9:21:17:52:b1:87:
8a:77:30:f2:40:4d:cf:25:ce:63:fe:e7:8f:e8:c1:82:6f:5b:
4f:c8:33:ce
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgw
NTA5MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU2MjBGRjhEQkM1NTAy
NEQ3NjkwNzlCMEY1OUIxRjA0Njc2MjUyNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMmrrMdY3b2D9m0wNYTe0LySEB+tXwaei3x7W6/gkNRZMi1bKL
a8R3r+XrJ+CV4TU8AaLX5w/Qr04QqIk9rCEoD356zhfgH9rsPCGjDk1wM/tVqn59
AeNnqgy2WWhkqt0jFe0JAb8dg2Dq1lBU/BpTYUmVqHPjR8wKSmanhSNt7zp0ie9A
euvjlZx2f11plA0F4ZiBvefsHGTg+mWUEN4pkjZwACDEbmxlTF4myBZStoTnJLTt
GiaW9K/Ws5Q0Yji1roWPsdcI2h6VavelDJS95KqiD+oChoMYQwUOi1nub+pb/twA
w+2zr6+jSIaVkZ62ooMS4GQXWNZJsW51JdxfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUViD/jbxVAk12kHmw9ZsfBGdiUlMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WaURfamJ4VkFrMTJrSG13
OVpzZkJHZGlVbE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKCESFKr79DBq7I2jQ/phAxnj9V7z99IpAWt
oxev0iwdPm+Lp5rEpLcbxbmgn9RbELrm9EThcy780BEKsXkiDIQoar4riKwIjqeA
L400x/gw4ElcxMSyyfxSFl9eMLcMz2jn2/jgMjh6MWgzt4e37HxFjXKi6ynb8AYh
PZslF08W3L4aygExEwnsCBCHtqMYJgDTVQV6lxzzZGjNLfNiE5F6Rdw0kAwDGs/O
F1QqLFwGStPkujA0MdGZEf0qflgNUK36LxuJBMzibfNwzqyLlJp0p08JBUhHoUR5
NO4GQlxp9O1HhbkhF1Kxh4p3MPJATc8lzmP+54/owYJvW0/IM84=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:45:50 2025 by rpki-client