Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gSwu20HRJwWugq4k86auRceJi7s.roa
File: gSwu20HRJwWugq4k86auRceJi7s.roa (raw, json)
Hash identifier: 3kmpBGcXSGadBHEPvpcCiYCGvD/Y+CgnsPUMfjpA3b0=
Subject key identifier: 81:2C:2E:DB:41:D1:27:05:AE:82:AE:24:F3:A6:AE:45:C7:89:8B:BB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A6E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gSwu20HRJwWugq4k86auRceJi7s.roa
Signing time: Wed 11 Jun 2025 07:40:31 +0000
ROA not before: Wed 11 Jun 2025 07:40:31 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6766 (0x1a6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 07:40:31 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=812C2EDB41D12705AE82AE24F3A6AE45C7898BBB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:12:93:40:31:a7:eb:55:2d:00:fa:f1:eb:61:
51:04:f4:b7:ae:51:be:d6:46:cd:a5:07:3c:90:c3:
4e:53:0c:f6:55:59:58:26:8b:2b:1f:62:6a:7c:84:
33:8e:72:73:c6:01:a4:91:cb:66:ea:0c:4b:75:81:
e5:f4:84:43:52:52:b2:6c:d1:d0:ce:ab:bf:0f:cd:
c9:2c:06:d1:96:0f:cc:86:e9:f7:30:99:df:cc:e8:
d1:e7:fe:51:73:ab:55:71:45:43:75:de:fc:71:f2:
20:92:8b:8e:1d:99:c7:c2:42:36:63:00:65:7d:5c:
4d:8b:62:87:ae:bb:2d:e9:c4:29:99:cf:ea:74:d7:
62:77:fa:0d:39:3d:bf:a4:12:3e:fb:bc:9d:25:41:
0d:a0:2c:51:e9:3e:cb:12:9b:be:a7:8b:d2:d9:03:
ee:a2:3e:49:dd:fd:ac:d9:dd:dd:60:ef:42:45:1d:
bf:16:13:75:1d:87:2d:0f:6d:9e:f6:67:46:0d:2f:
84:67:33:e6:7d:12:b0:14:b7:da:09:40:f4:ee:6e:
05:96:8e:3a:4a:bf:39:d7:99:ff:d7:6c:35:c0:b6:
12:3d:6a:5c:71:ee:57:c5:e6:c5:02:4e:8c:8c:c9:
14:7e:f6:3a:ae:76:1f:94:ec:e5:52:3d:77:c6:58:
9b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2C:2E:DB:41:D1:27:05:AE:82:AE:24:F3:A6:AE:45:C7:89:8B:BB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gSwu20HRJwWugq4k86auRceJi7s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:ad:5d:b5:b6:8e:b0:09:1a:0f:58:81:bf:41:02:a5:e6:cd:
51:e3:50:f0:da:d9:6e:17:ed:01:11:19:e3:fb:72:2e:1f:ab:
9e:0a:fd:13:b0:4e:75:a5:33:27:12:af:25:1c:a4:5f:93:5f:
a7:ee:89:28:ef:fe:9b:b3:9c:f2:d0:4d:7b:bd:62:04:22:14:
c8:95:94:1a:a7:7c:08:40:d5:58:3a:53:82:a4:f3:ea:86:df:
48:1d:4a:bd:16:82:c1:14:6b:c1:10:ab:3f:05:7e:fb:1f:e1:
e8:ea:f0:a2:ce:8a:64:9f:49:d9:60:68:3c:75:54:6b:7d:8a:
0c:6e:73:b5:ca:b7:97:02:f9:37:b2:e8:e1:57:88:77:43:92:
46:6e:6e:c4:50:25:a9:10:cc:b8:36:8f:f7:43:87:4c:2f:f7:
8a:e4:d5:54:14:6c:4f:56:3c:f3:fe:38:f3:f5:d9:ad:88:56:
62:2c:96:f9:25:c5:11:28:85:df:fd:d8:83:4d:b8:85:ad:2b:
f3:aa:db:67:97:d2:e6:73:98:42:ef:e1:7c:14:99:95:3d:32:
36:02:b3:92:30:06:a4:28:bf:9f:28:09:af:bf:4e:66:c2:8c:
56:7b:02:29:0b:10:5f:ab:29:3b:3a:bb:99:50:4f:65:b1:41:
f3:10:3b:2f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
NzQwMzFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgxMkMyRURCNDFEMTI3
MDVBRTgyQUUyNEYzQTZBRTQ1Qzc4OThCQkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtEpNAMafrVS0A+vHrYVEE9LeuUb7WRs2lBzyQw05TDPZVWVgm
iysfYmp8hDOOcnPGAaSRy2bqDEt1geX0hENSUrJs0dDOq78PzcksBtGWD8yG6fcw
md/M6NHn/lFzq1VxRUN13vxx8iCSi44dmcfCQjZjAGV9XE2LYoeuuy3pxCmZz+p0
12J3+g05Pb+kEj77vJ0lQQ2gLFHpPssSm76ni9LZA+6iPknd/azZ3d1g70JFHb8W
E3Udhy0PbZ72Z0YNL4RnM+Z9ErAUt9oJQPTubgWWjjpKvznXmf/XbDXAthI9alxx
7lfF5sUCToyMyRR+9jqudh+U7OVSPXfGWJttAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgSwu20HRJwWugq4k86auRceJi7swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nU3d1MjBIUkp3V3VncTRr
ODZhdVJjZUppN3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEatXbW2jrAJGg9Ygb9BAqXmzVHjUPDa2W4X
7QERGeP7ci4fq54K/ROwTnWlMycSryUcpF+TX6fuiSjv/puznPLQTXu9YgQiFMiV
lBqnfAhA1Vg6U4Kk8+qG30gdSr0WgsEUa8EQqz8Ffvsf4ejq8KLOimSfSdlgaDx1
VGt9igxuc7XKt5cC+Tey6OFXiHdDkkZubsRQJakQzLg2j/dDh0wv94rk1VQUbE9W
PPP+OPP12a2IVmIslvklxREohd/92INNuIWtK/Oq22eX0uZzmELv4XwUmZU9MjYC
s5IwBqQov58oCa+/TmbCjFZ7AikLEF+rKTs6u5lQT2WxQfMQOy8=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:06:05 2025 by rpki-client