Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_c6Y0giPTqx2et0hgnV1NEm1spU.roa
File: _c6Y0giPTqx2et0hgnV1NEm1spU.roa (raw, json)
Hash identifier: jomoQpoTO8dh6ECXi7Jv37lz9LFHvRyCJJWxfGRABv0=
Subject key identifier: FD:CE:98:D2:08:8F:4E:AC:76:7A:DD:21:82:75:75:34:49:B5:B2:95
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1466
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_c6Y0giPTqx2et0hgnV1NEm1spU.roa
Signing time: Tue 03 Jun 2025 06:39:24 +0000
ROA not before: Tue 03 Jun 2025 06:39:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5222 (0x1466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 06:39:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FDCE98D2088F4EAC767ADD218275753449B5B295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:54:5c:73:d2:bf:28:31:cd:c6:93:4b:6d:46:
4b:f5:3b:98:44:07:27:c5:dc:42:b4:a5:bb:58:a8:
07:e5:7b:dc:f9:47:0a:3c:79:b8:27:20:af:30:5d:
29:18:06:3c:14:e1:64:78:82:bc:8b:bd:09:e9:07:
71:ba:92:02:0c:2d:6f:ba:df:99:d9:5b:15:b6:58:
8c:5c:fd:d2:1b:99:25:ac:3e:c4:8c:c4:dc:f6:ce:
5b:52:9f:87:aa:50:f9:b3:13:16:11:c3:6a:5d:3a:
3f:b3:05:20:72:c4:c6:4a:95:4b:8d:7c:65:78:ab:
44:c4:f0:98:e4:df:6a:3c:a2:d8:b8:b6:fc:38:5b:
2d:d9:37:ab:b8:6f:6b:0f:6e:38:fb:3e:d3:06:aa:
df:dc:94:fb:07:40:75:a6:2c:9c:98:df:7d:28:3b:
7c:6e:f6:c2:ab:d5:ef:7e:7e:04:92:50:35:95:d7:
14:bb:e1:9b:b1:d1:61:e5:21:5f:db:de:42:58:e4:
cd:42:40:05:f6:7a:8b:4a:9d:b7:84:81:73:1f:72:
c4:37:85:9e:6a:2e:c2:61:30:64:b6:30:64:96:2b:
ae:45:1f:ca:1c:49:ee:2a:01:bf:07:07:79:1b:52:
91:ae:16:ea:ad:e9:2c:a3:5c:69:de:67:71:e6:24:
f8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:CE:98:D2:08:8F:4E:AC:76:7A:DD:21:82:75:75:34:49:B5:B2:95
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_c6Y0giPTqx2et0hgnV1NEm1spU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4d:97:f3:52:cb:a7:87:fc:16:9b:03:06:4c:38:81:60:3a:b1:
1e:e2:38:85:d3:2b:34:d9:f9:55:83:6e:fb:62:fc:33:53:f9:
2b:89:67:b0:b2:3f:f0:a5:0c:11:b2:55:46:92:20:0a:07:52:
ea:7b:a0:54:40:91:6a:61:73:b7:1b:a4:c3:1c:b1:da:22:ac:
a7:2e:73:0a:d9:bc:99:2f:2b:7c:da:e6:2b:df:38:5a:e5:8c:
83:a3:ba:ee:14:ec:a8:f3:c8:2c:bb:39:16:d4:c3:28:36:6d:
6c:ee:57:1d:29:ca:5a:f8:4e:af:a9:07:25:8b:38:6a:69:6a:
aa:33:33:f9:43:cd:0b:56:72:01:3c:f9:7b:89:1b:21:fe:52:
33:5c:e0:50:83:85:17:54:9a:f8:81:62:fb:49:cc:9e:7b:df:
c4:fd:34:bd:0a:c4:96:9d:90:c0:ce:54:ae:2a:ed:53:af:52:
54:a6:71:40:d9:98:7c:c0:ac:06:ac:af:98:e9:36:c3:cd:5e:
45:a1:8c:7f:2e:ca:cb:80:14:e4:ab:fe:26:4b:fb:11:be:1e:
89:e7:6f:11:86:8a:09:06:76:64:94:e5:74:7d:43:9f:14:f9:
7a:59:02:ac:b5:d9:59:c1:bf:87:68:83:ce:b0:fc:c5:66:6d:
d6:1a:d8:38
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMw
NjM5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZEQ0U5OEQyMDg4RjRF
QUM3NjdBREQyMTgyNzU3NTM0NDlCNUIyOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzVFxz0r8oMc3Gk0ttRkv1O5hEByfF3EK0pbtYqAfle9z5Rwo8
ebgnIK8wXSkYBjwU4WR4gryLvQnpB3G6kgIMLW+635nZWxW2WIxc/dIbmSWsPsSM
xNz2zltSn4eqUPmzExYRw2pdOj+zBSByxMZKlUuNfGV4q0TE8Jjk32o8oti4tvw4
Wy3ZN6u4b2sPbjj7PtMGqt/clPsHQHWmLJyY330oO3xu9sKr1e9+fgSSUDWV1xS7
4Zux0WHlIV/b3kJY5M1CQAX2eotKnbeEgXMfcsQ3hZ5qLsJhMGS2MGSWK65FH8oc
Se4qAb8HB3kbUpGuFuqt6SyjXGneZ3HmJPipAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/c6Y0giPTqx2et0hgnV1NEm1spUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fYzZZMGdpUFRxeDJldDBo
Z25WMU5FbTFzcFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE2X81LLp4f8FpsDBkw4gWA6sR7iOIXTKzTZ
+VWDbvti/DNT+SuJZ7CyP/ClDBGyVUaSIAoHUup7oFRAkWphc7cbpMMcsdoirKcu
cwrZvJkvK3za5ivfOFrljIOjuu4U7KjzyCy7ORbUwyg2bWzuVx0pylr4Tq+pByWL
OGppaqozM/lDzQtWcgE8+XuJGyH+UjNc4FCDhRdUmviBYvtJzJ5738T9NL0KxJad
kMDOVK4q7VOvUlSmcUDZmHzArAasr5jpNsPNXkWhjH8uysuAFOSr/iZL+xG+Honn
bxGGigkGdmSU5XR9Q58U+XpZAqy12VnBv4dog86w/MVmbdYa2Dg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:31:34 2025 by rpki-client