Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bIdcrprsd2LtwIFxgHIxQ3p3AOQ.roa
File: bIdcrprsd2LtwIFxgHIxQ3p3AOQ.roa (raw, json)
Hash identifier: oigndB2464ZymbH/lxgEOoWlGuLpTyAWjK9SPHNc6ks=
Subject key identifier: 6C:87:5C:AE:9A:EC:77:62:ED:C0:81:71:80:72:31:43:7A:77:00:E4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B1E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bIdcrprsd2LtwIFxgHIxQ3p3AOQ.roa
Signing time: Thu 12 Jun 2025 05:40:00 +0000
ROA not before: Thu 12 Jun 2025 05:40:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6942 (0x1b1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 05:40:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6C875CAE9AEC7762EDC08171807231437A7700E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c1:07:bd:57:c2:86:9f:ca:bd:a5:7f:f9:f6:
81:24:9a:6c:32:c3:23:37:97:72:f3:55:89:a2:e6:
6e:f0:9f:94:2d:4b:e8:e7:ad:b5:76:0b:c8:91:84:
92:9d:81:a6:36:b1:a7:be:bc:d9:9d:1a:24:4c:48:
56:bf:80:72:f1:54:1a:f7:e8:80:88:66:72:0b:2e:
7d:88:0d:77:d4:6c:79:7f:cc:27:9d:96:92:9e:ad:
6e:43:1d:8d:cf:07:f9:d5:35:11:18:05:9a:bc:30:
bf:f1:20:33:c4:17:a0:73:5c:83:46:3c:93:a8:9a:
b5:8c:c7:38:d5:81:8e:b2:f3:fc:f5:40:dc:0a:c7:
d3:2e:b3:97:d9:6b:69:28:4d:26:aa:fa:fb:df:63:
8c:42:82:b0:f4:be:f4:6a:3f:ba:d0:96:bf:e8:78:
0e:7a:8b:97:48:fd:49:50:b9:9e:1d:35:19:f4:e4:
e3:b0:6b:ad:4c:84:b5:93:38:63:bc:62:ea:e2:43:
91:9e:8d:e0:54:2a:0c:2f:5e:c4:22:05:2d:5f:ae:
ba:30:55:50:00:ff:46:c8:29:fb:c2:8c:18:5b:c0:
4a:76:1f:4e:63:db:f4:d7:f0:77:2f:44:b7:fd:51:
75:69:db:e7:d7:f1:c2:0a:bf:48:61:d0:29:7a:d9:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:87:5C:AE:9A:EC:77:62:ED:C0:81:71:80:72:31:43:7A:77:00:E4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bIdcrprsd2LtwIFxgHIxQ3p3AOQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:04:b5:f7:71:db:ff:1a:79:67:d2:f5:fc:52:36:ae:94:ae:
80:1f:ca:99:f1:1a:73:0a:0a:3f:45:d0:c2:c1:b1:f6:0f:87:
5f:94:48:99:c3:bc:c0:7d:77:0a:e9:a2:4d:5e:47:27:76:ab:
58:a7:cf:c4:e8:d1:23:b0:18:cb:72:e4:7a:40:de:27:b0:90:
b2:94:6f:c4:b4:da:48:ea:7b:4e:01:4d:fc:6e:77:c3:cf:aa:
bc:ee:ca:0c:6c:a3:2c:1b:6e:d8:40:03:79:df:06:6d:2b:58:
94:39:dd:77:1c:a8:dc:05:ca:e2:93:36:e4:54:4f:10:1f:9a:
34:7a:60:3b:02:61:06:cf:99:52:b0:3c:8e:c6:a1:1a:5f:04:
88:bd:21:2f:fc:82:c7:f3:36:60:0a:24:2c:62:2f:dd:01:c8:
bb:d6:b6:9f:63:e5:ae:20:2e:fc:84:ba:86:57:ae:e4:07:03:
29:5f:f6:8f:ca:97:8e:ec:95:bf:91:6d:47:c5:b6:af:db:43:
da:2f:2d:cd:d9:1d:a2:76:7d:47:07:bb:2f:2b:8b:73:82:23:
d0:d4:fb:4e:ee:7b:4a:6c:4c:af:66:c1:c1:9b:1f:6c:d7:bd:
e7:f5:d6:03:b5:69:59:60:ad:1d:69:5b:41:d0:31:03:8f:38:
c6:ff:41:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIw
NTQwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZDODc1Q0FFOUFFQzc3
NjJFREMwODE3MTgwNzIzMTQzN0E3NzAwRTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgwQe9V8KGn8q9pX/59oEkmmwywyM3l3LzVYmi5m7wn5QtS+jn
rbV2C8iRhJKdgaY2sae+vNmdGiRMSFa/gHLxVBr36ICIZnILLn2IDXfUbHl/zCed
lpKerW5DHY3PB/nVNREYBZq8ML/xIDPEF6BzXINGPJOomrWMxzjVgY6y8/z1QNwK
x9Mus5fZa2koTSaq+vvfY4xCgrD0vvRqP7rQlr/oeA56i5dI/UlQuZ4dNRn05OOw
a61MhLWTOGO8YuriQ5GejeBUKgwvXsQiBS1frrowVVAA/0bIKfvCjBhbwEp2H05j
2/TX8HcvRLf9UXVp2+fX8cIKv0hh0Cl62dFJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbIdcrprsd2LtwIFxgHIxQ3p3AOQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iSWRjcnByc2QyTHR3SUZ4
Z0hJeFEzcDNBT1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGYEtfdx2/8aeWfS9fxSNq6UroAfypnxGnMK
Cj9F0MLBsfYPh1+USJnDvMB9dwrpok1eRyd2q1inz8To0SOwGMty5HpA3iewkLKU
b8S02kjqe04BTfxud8PPqrzuygxsoywbbthAA3nfBm0rWJQ53XccqNwFyuKTNuRU
TxAfmjR6YDsCYQbPmVKwPI7GoRpfBIi9IS/8gsfzNmAKJCxiL90ByLvWtp9j5a4g
LvyEuoZXruQHAylf9o/Kl47slb+RbUfFtq/bQ9ovLc3ZHaJ2fUcHuy8ri3OCI9DU
+07ue0psTK9mwcGbH2zXvef11gO1aVlgrR1pW0HQMQOPOMb/QVU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:54:20 2025 by rpki-client