Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fy8PrPNI8RrYomu4xRCzIsLmg1o.roa
File: fy8PrPNI8RrYomu4xRCzIsLmg1o.roa (raw, json)
Hash identifier: pNA9cKWAc8sBtLgJB4WDtukS0hB7vDpc+b1JNzV6N18=
Subject key identifier: 7F:2F:0F:AC:F3:48:F1:1A:D8:A2:6B:B8:C5:10:B3:22:C2:E6:83:5A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1876
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fy8PrPNI8RrYomu4xRCzIsLmg1o.roa
Signing time: Sun 08 Jun 2025 16:39:39 +0000
ROA not before: Sun 08 Jun 2025 16:39:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6262 (0x1876)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 16:39:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7F2F0FACF348F11AD8A26BB8C510B322C2E6835A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:21:af:b1:06:eb:fb:47:3f:a3:be:4a:78:a7:
d5:f8:65:82:a8:df:04:93:e2:b2:fd:9a:9b:4e:4e:
27:f0:6b:22:d8:f0:83:c1:b8:8f:7f:e9:84:aa:40:
2a:37:36:57:ad:b2:c3:84:41:c1:e0:61:c4:97:7d:
d5:94:5b:93:f2:a7:64:e2:6c:19:ca:69:c2:1a:85:
d4:f9:cd:83:e8:4b:12:15:e0:1f:a1:01:11:9c:56:
f9:fc:c9:0e:2e:ed:0b:75:ba:98:a4:a3:4f:b4:c2:
70:a9:62:76:6f:f5:55:24:24:fb:e1:57:60:35:b0:
a2:01:cb:a9:18:04:d6:33:6c:53:de:cb:a1:83:7e:
ed:d2:69:5d:08:f2:7d:68:cb:82:45:68:02:08:83:
37:26:ca:e8:25:dc:de:f2:15:2f:87:0d:08:b5:2d:
4d:d9:89:09:c5:05:9e:cd:d8:0b:de:1c:d7:dd:c3:
5b:28:e0:8b:f0:53:ef:e7:6f:ab:fa:eb:45:c7:a3:
39:65:90:ef:01:2f:22:25:2a:9e:9d:5f:06:cb:1f:
c8:55:26:45:6d:ad:d0:d6:c5:fe:8b:23:17:6b:08:
f8:ae:46:e4:79:fa:50:be:bd:ca:28:17:17:84:cc:
54:d5:4f:ab:8e:7b:95:a0:73:96:da:7a:48:8d:e1:
c1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:2F:0F:AC:F3:48:F1:1A:D8:A2:6B:B8:C5:10:B3:22:C2:E6:83:5A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fy8PrPNI8RrYomu4xRCzIsLmg1o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:e3:bc:12:e0:10:02:fc:24:50:e2:15:c5:f7:72:18:28:86:
d0:81:96:10:d8:a3:9f:f2:2e:46:1b:07:82:4b:32:c4:41:40:
76:65:66:09:a9:f1:99:e0:df:e1:50:6d:a0:58:1e:38:4f:c1:
e4:2d:55:6b:09:64:a6:37:98:8a:4f:75:2f:09:9c:d2:9e:8c:
1f:9b:c7:48:95:cd:fc:24:1f:80:5f:57:09:3c:61:6d:1b:11:
3f:11:9b:c2:a5:af:63:11:a4:ce:1f:6d:dd:ce:06:a0:ec:b5:
d4:56:00:1f:ea:5c:82:32:51:48:44:ef:1f:3c:ac:86:5f:33:
d8:03:00:11:24:84:e4:77:09:46:69:c3:cf:3a:67:75:6f:42:
c4:19:16:e4:f1:9a:53:c0:81:41:62:2a:b4:c7:aa:77:69:b3:
80:83:c5:42:7e:42:a8:03:13:4a:71:af:53:ae:4a:70:f9:cc:
f8:3d:5a:b0:56:b2:a2:f4:07:18:7e:77:af:7e:af:fb:24:2f:
aa:7a:8e:50:f8:e1:fd:a4:46:6d:12:d7:0d:87:f2:ab:96:7f:
5c:6f:f2:86:53:56:ea:d6:6c:bf:de:49:f1:be:8c:08:b2:cf:
ed:a4:29:03:b7:7e:86:20:a2:91:23:cd:18:ea:d2:4a:3e:52:
94:3b:b9:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGHYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgx
NjM5MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdGMkYwRkFDRjM0OEYx
MUFEOEEyNkJCOEM1MTBCMzIyQzJFNjgzNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeIa+xBuv7Rz+jvkp4p9X4ZYKo3wST4rL9mptOTifwayLY8IPB
uI9/6YSqQCo3NletssOEQcHgYcSXfdWUW5Pyp2TibBnKacIahdT5zYPoSxIV4B+h
ARGcVvn8yQ4u7Qt1upiko0+0wnCpYnZv9VUkJPvhV2A1sKIBy6kYBNYzbFPey6GD
fu3SaV0I8n1oy4JFaAIIgzcmyugl3N7yFS+HDQi1LU3ZiQnFBZ7N2AveHNfdw1so
4IvwU+/nb6v660XHozllkO8BLyIlKp6dXwbLH8hVJkVtrdDWxf6LIxdrCPiuRuR5
+lC+vcooFxeEzFTVT6uOe5Wgc5baekiN4cG3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfy8PrPNI8RrYomu4xRCzIsLmg1owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9meThQclBOSThScllvbXU0
eFJDeklzTG1nMW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAjjvBLgEAL8JFDiFcX3chgohtCBlhDYo5/y
LkYbB4JLMsRBQHZlZgmp8Zng3+FQbaBYHjhPweQtVWsJZKY3mIpPdS8JnNKejB+b
x0iVzfwkH4BfVwk8YW0bET8Rm8Klr2MRpM4fbd3OBqDstdRWAB/qXIIyUUhE7x88
rIZfM9gDABEkhOR3CUZpw886Z3VvQsQZFuTxmlPAgUFiKrTHqndps4CDxUJ+QqgD
E0pxr1OuSnD5zPg9WrBWsqL0Bxh+d69+r/skL6p6jlD44f2kRm0S1w2H8quWf1xv
8oZTVurWbL/eSfG+jAiyz+2kKQO3foYgopEjzRjq0ko+UpQ7uQk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 02:20:11 2025 by rpki-client