Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/g9jA61uJvTM3nftB2prclQwNskA.roa
File: g9jA61uJvTM3nftB2prclQwNskA.roa (raw, json)
Hash identifier: 777PtVPhsvrhqgT5JQ/s6wPtxt5Qig315AvZHpJfeHA=
Subject key identifier: 83:D8:C0:EB:5B:89:BD:33:37:9D:FB:41:DA:9A:DC:95:0C:0D:B2:40
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0616
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g9jA61uJvTM3nftB2prclQwNskA.roa
Signing time: Thu 15 May 2025 04:38:06 +0000
ROA not before: Thu 15 May 2025 04:38:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1558 (0x616)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 04:38:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=83D8C0EB5B89BD33379DFB41DA9ADC950C0DB240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c2:11:4b:10:4c:20:8a:fe:76:8c:bf:ff:54:
d1:87:64:fd:59:dc:84:b8:67:c9:64:54:7d:05:62:
20:38:71:a3:2a:8e:09:13:a2:ac:6d:fc:1c:a4:d8:
4b:46:91:26:e7:35:bc:4c:58:44:68:bc:68:b1:04:
d1:cb:c2:7b:e2:b2:80:93:56:aa:a7:f2:ba:35:6a:
d5:15:37:e3:9a:f4:7f:53:e0:bb:e1:3e:68:e1:b6:
2f:08:54:2b:1c:f8:83:7f:0f:cf:b4:57:71:7d:ca:
cf:f5:8e:a2:9c:18:8c:4c:fd:05:db:2c:b5:ed:0b:
8c:56:43:16:84:da:03:e8:ea:32:13:98:d9:f7:4b:
9e:5f:7c:f2:6b:57:e0:c9:58:44:3b:58:c6:81:87:
d5:3d:42:89:04:38:28:3b:11:41:be:0f:05:5a:8f:
e4:8d:8e:d6:82:18:78:bb:b5:28:17:37:6d:d0:6c:
6c:89:61:dd:91:a7:b7:4a:a7:03:35:19:8c:33:65:
f9:21:4b:1b:1e:6e:c2:84:86:68:72:e5:98:e7:6c:
80:9d:82:47:e6:41:da:d0:2f:ae:f9:ad:6c:84:10:
09:c3:de:5a:dc:2f:97:58:d0:63:bd:6b:91:3a:0a:
ea:08:42:3e:5c:e0:8f:6c:b7:dc:76:73:a7:66:ab:
e1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:D8:C0:EB:5B:89:BD:33:37:9D:FB:41:DA:9A:DC:95:0C:0D:B2:40
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g9jA61uJvTM3nftB2prclQwNskA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:79:e3:ed:ec:bc:31:f2:d6:3c:1a:a6:64:59:b6:dc:1b:85:
c9:ec:80:d3:04:da:a9:6c:60:26:1b:5e:6c:f8:30:23:58:30:
aa:84:61:e3:00:88:2a:dd:a7:b2:99:56:f4:95:a3:cb:e9:28:
80:40:78:3a:b1:60:69:15:57:dd:c2:50:00:83:cd:47:fa:5d:
de:3f:a0:b2:be:8f:9d:22:c5:8d:fc:35:e9:dd:f5:9e:f4:81:
fc:e1:d8:07:78:99:3e:dd:82:00:f8:dc:9b:42:89:81:43:ef:
d5:aa:0f:13:38:2b:bd:9c:9c:ea:d8:f8:a2:28:82:e6:ac:95:
63:8f:bf:ee:87:77:62:ab:e4:3b:6d:58:67:4e:61:3c:02:dc:
58:e7:04:3e:42:c2:3a:ae:54:0f:b5:63:1a:d0:6d:ce:70:0a:
54:4f:b4:6e:76:87:2d:be:0d:d2:3f:6a:c3:f9:e8:f5:8a:73:
51:bc:23:dc:98:76:a0:e9:fc:90:7d:c9:d1:b1:9e:ff:b5:4c:
fd:1d:e9:6a:b4:ae:19:a8:b1:37:84:15:3f:a0:87:7f:d0:17:
ca:be:c3:1a:f0:70:13:5e:94:a6:36:f6:09:ff:84:77:5e:94:
cb:29:41:92:76:e6:71:cf:dd:f1:1f:62:a5:fe:36:86:b0:4c:
32:36:58:81
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NDM4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgzRDhDMEVCNUI4OUJE
MzMzNzlERkI0MURBOUFEQzk1MEMwREIyNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIwhFLEEwgiv52jL//VNGHZP1Z3IS4Z8lkVH0FYiA4caMqjgkT
oqxt/Byk2EtGkSbnNbxMWERovGixBNHLwnvisoCTVqqn8ro1atUVN+Oa9H9T4Lvh
Pmjhti8IVCsc+IN/D8+0V3F9ys/1jqKcGIxM/QXbLLXtC4xWQxaE2gPo6jITmNn3
S55ffPJrV+DJWEQ7WMaBh9U9QokEOCg7EUG+DwVaj+SNjtaCGHi7tSgXN23QbGyJ
Yd2Rp7dKpwM1GYwzZfkhSxsebsKEhmhy5ZjnbICdgkfmQdrQL675rWyEEAnD3lrc
L5dY0GO9a5E6CuoIQj5c4I9st9x2c6dmq+GXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUg9jA61uJvTM3nftB2prclQwNskAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nOWpBNjF1SnZUTTNuZnRC
MnByY2xRd05za0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADp54+3svDHy1jwapmRZttwbhcnsgNME2qls
YCYbXmz4MCNYMKqEYeMAiCrdp7KZVvSVo8vpKIBAeDqxYGkVV93CUACDzUf6Xd4/
oLK+j50ixY38Nend9Z70gfzh2Ad4mT7dggD43JtCiYFD79WqDxM4K72cnOrY+KIo
guaslWOPv+6Hd2Kr5DttWGdOYTwC3FjnBD5CwjquVA+1YxrQbc5wClRPtG52hy2+
DdI/asP56PWKc1G8I9yYdqDp/JB9ydGxnv+1TP0d6Wq0rhmosTeEFT+gh3/QF8q+
wxrwcBNelKY29gn/hHdelMspQZJ25nHP3fEfYqX+NoawTDI2WIE=
-----END CERTIFICATE-----
Generated at Fri Jun 20 19:12:35 2025 by rpki-client