Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_43pHvc_KXbEp1QGdpnbFuCmJr8.roa
File: _43pHvc_KXbEp1QGdpnbFuCmJr8.roa (raw, json)
Hash identifier: wtzoZdMYOb0Wk6Gc7BaWXINL0YMYZxF35WPfcV3Kzow=
Subject key identifier: FF:8D:E9:1E:F7:3F:29:76:C4:A7:54:06:76:99:DB:16:E0:A6:26:BF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 198A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_43pHvc_KXbEp1QGdpnbFuCmJr8.roa
Signing time: Tue 10 Jun 2025 03:09:40 +0000
ROA not before: Tue 10 Jun 2025 03:09:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6538 (0x198a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 03:09:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FF8DE91EF73F2976C4A754067699DB16E0A626BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:c4:14:6b:2f:c4:98:a4:aa:92:e7:07:ce:
9e:bc:85:00:eb:a9:dd:ac:2a:ad:f4:4e:92:e5:1d:
66:b5:cd:87:d6:a2:30:5b:9b:09:2d:4a:c0:c6:6c:
a0:87:f1:68:73:17:76:5d:2f:12:c8:a2:5b:a2:57:
3c:bc:56:22:81:bc:53:f6:ff:69:6b:c1:54:67:42:
53:86:9c:5c:78:57:0c:34:af:43:a4:23:b9:90:69:
48:d4:1e:0a:21:f4:3a:d4:24:03:a7:d8:0e:c8:21:
60:15:f3:a6:54:ef:dd:c2:d7:91:d3:e4:4f:28:ca:
f4:68:01:f1:16:79:8e:13:78:ec:da:2f:3b:5e:15:
20:46:68:a2:1d:f9:0c:7f:9f:75:bd:b4:d8:7c:1f:
17:46:34:b9:a2:90:d5:85:5d:a6:45:69:8c:fd:4c:
f8:f2:75:4e:76:2e:4c:d0:41:b0:02:c2:32:aa:33:
80:5a:5e:14:8e:b9:3e:d1:4c:30:36:99:65:20:d4:
9b:9a:19:ea:9c:ef:1a:97:d9:de:4c:e7:b5:9a:3b:
2f:7f:6b:ab:61:7f:d8:99:33:7c:e9:c4:6e:0c:98:
c0:a7:e4:da:16:6f:8c:f8:85:66:bd:4e:fe:65:7f:
1b:f1:b3:8f:aa:15:56:75:92:8a:1a:c8:3a:a1:6e:
d9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:8D:E9:1E:F7:3F:29:76:C4:A7:54:06:76:99:DB:16:E0:A6:26:BF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_43pHvc_KXbEp1QGdpnbFuCmJr8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:d8:3b:8d:0d:24:f3:d0:77:80:eb:e3:27:90:19:74:b9:50:
d7:c0:ab:a5:d2:ab:fa:5e:c7:82:6e:5d:26:f6:99:8f:e4:65:
4d:2a:f2:39:2a:24:50:70:38:99:55:c7:c2:93:7a:e0:b0:02:
b0:71:fd:d0:91:19:09:14:70:dd:0d:d5:68:b7:9e:4f:13:31:
c0:a5:92:cc:6a:1c:03:74:68:ff:96:85:55:b3:16:e5:83:d1:
57:30:62:c2:5e:b3:f5:96:b2:71:b6:75:4f:d4:4e:ad:36:5d:
97:55:be:24:51:c6:0a:98:1a:c3:8a:f4:a1:ac:f0:41:2f:08:
1a:70:c0:2d:6a:70:62:0b:fe:84:6e:0a:20:f7:f9:f9:ad:e6:
7f:0d:c2:83:a5:05:f3:6a:ba:7f:73:2c:d4:78:80:1a:53:f6:
8a:58:8d:1f:fb:c2:6d:1f:e6:e8:f4:fb:11:e9:64:f3:74:5d:
f0:ff:77:60:3b:f9:6f:bf:40:85:d2:b0:b6:b1:b3:11:0d:fd:
7b:a8:c3:38:a5:c0:20:4e:83:0f:29:dc:a6:7a:ce:7a:c1:05:
3f:e5:13:7e:1d:cf:a3:b0:61:66:c9:9b:bb:27:33:e4:93:ff:
2a:af:0d:36:cc:c7:6b:59:97:72:67:f7:24:43:c2:5d:5b:4c:
bc:b0:1e:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAw
MzA5NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZGOERFOTFFRjczRjI5
NzZDNEE3NTQwNjc2OTlEQjE2RTBBNjI2QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4ksQUay/EmKSqkucHzp68hQDrqd2sKq30TpLlHWa1zYfWojBb
mwktSsDGbKCH8WhzF3ZdLxLIoluiVzy8ViKBvFP2/2lrwVRnQlOGnFx4Vww0r0Ok
I7mQaUjUHgoh9DrUJAOn2A7IIWAV86ZU793C15HT5E8oyvRoAfEWeY4TeOzaLzte
FSBGaKId+Qx/n3W9tNh8HxdGNLmikNWFXaZFaYz9TPjydU52LkzQQbACwjKqM4Ba
XhSOuT7RTDA2mWUg1JuaGeqc7xqX2d5M57WaOy9/a6thf9iZM3zpxG4MmMCn5NoW
b4z4hWa9Tv5lfxvxs4+qFVZ1kooayDqhbtm1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/43pHvc/KXbEp1QGdpnbFuCmJr8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fNDNwSHZjX0tYYkVwMVFH
ZHBuYkZ1Q21Kcjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHXYO40NJPPQd4Dr4yeQGXS5UNfAq6XSq/pe
x4JuXSb2mY/kZU0q8jkqJFBwOJlVx8KTeuCwArBx/dCRGQkUcN0N1Wi3nk8TMcCl
ksxqHAN0aP+WhVWzFuWD0VcwYsJes/WWsnG2dU/UTq02XZdVviRRxgqYGsOK9KGs
8EEvCBpwwC1qcGIL/oRuCiD3+fmt5n8NwoOlBfNqun9zLNR4gBpT9opYjR/7wm0f
5uj0+xHpZPN0XfD/d2A7+W+/QIXSsLaxsxEN/XuowzilwCBOgw8p3KZ6znrBBT/l
E34dz6OwYWbJm7snM+ST/yqvDTbMx2tZl3Jn9yRDwl1bTLywHo0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:42:42 2025 by rpki-client