Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gY8SLaI9incAdN6ZISIuPrHzeyQ.roa
File: gY8SLaI9incAdN6ZISIuPrHzeyQ.roa (raw, json)
Hash identifier: SPOXjYW5Pd8RBtG5cKcYFWgqq88CrdRMG6FvozrsW5k=
Subject key identifier: 81:8F:12:2D:A2:3D:8A:77:00:74:DE:99:21:22:2E:3E:B1:F3:7B:24
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C92
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gY8SLaI9incAdN6ZISIuPrHzeyQ.roa
Signing time: Sat 14 Jun 2025 04:09:55 +0000
ROA not before: Sat 14 Jun 2025 04:09:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7314 (0x1c92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 04:09:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=818F122DA23D8A770074DE9921222E3EB1F37B24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a0:bb:0d:1b:7f:0a:9d:38:48:ec:57:80:7f:
f9:f6:c5:5e:69:d8:5a:c4:e4:e1:34:5e:78:e3:ce:
43:2e:66:db:b2:a5:10:cf:b4:11:46:53:0b:18:4d:
62:f4:27:09:fc:53:3a:34:9b:19:8b:57:7f:1f:dd:
ae:8e:13:bf:36:08:9c:d3:af:5b:46:96:fb:5c:60:
dc:33:65:77:86:01:0d:f6:15:32:ae:cb:20:e2:2a:
28:fd:56:ec:33:09:21:f5:50:0d:d9:14:b8:16:6f:
ec:dc:94:e1:a1:d7:b5:06:d2:22:cf:b2:b6:e9:03:
70:27:fe:c4:d9:61:2e:d3:a9:2d:35:8b:d3:57:82:
1a:91:f1:91:c8:27:6e:16:88:5f:1c:0c:97:28:b8:
9c:62:64:90:14:4b:98:f1:25:f7:29:d7:b1:61:8b:
43:f3:cd:c2:97:f0:22:cd:6d:1a:40:44:91:0e:02:
7d:36:5a:4f:83:b7:6c:e5:4a:b2:fc:60:a1:26:30:
47:0c:3c:fb:bb:4e:cf:c3:8e:46:7a:ab:61:c8:c1:
b1:48:c6:68:b7:40:00:fa:cb:c4:33:04:17:56:d5:
3f:1f:50:79:20:db:9b:84:6f:94:8a:4a:9f:08:fe:
fd:9b:88:e8:8f:74:12:1a:83:98:a4:83:5b:9f:a3:
b9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:8F:12:2D:A2:3D:8A:77:00:74:DE:99:21:22:2E:3E:B1:F3:7B:24
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gY8SLaI9incAdN6ZISIuPrHzeyQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:78:27:10:98:98:e2:50:c6:1b:d6:26:28:b5:86:76:09:c8:
af:65:ed:96:28:96:e8:88:0d:3d:71:3d:08:21:ed:be:02:be:
53:3d:e2:57:eb:ac:5c:c3:da:46:c6:c2:19:ee:08:f3:07:9a:
8b:58:8f:00:c0:2d:2e:b3:9e:c4:fa:88:b1:35:79:e7:37:26:
15:99:c9:9e:94:d3:cf:3a:d9:25:da:df:c8:bb:66:07:67:e0:
99:c0:a9:28:c3:0b:31:2c:56:18:dc:ec:d3:7f:08:73:74:57:
4f:c6:86:2e:74:47:b4:fb:b3:bd:5d:00:48:b6:95:15:4e:58:
9f:57:bf:76:2e:77:6e:5e:84:b1:51:57:e6:61:73:01:dc:2e:
d7:3c:d1:f3:8d:bd:bc:9a:8b:9b:00:05:01:62:3d:f4:a8:e5:
d6:cf:5a:39:84:cb:88:63:b5:44:d8:4b:22:c0:ae:d6:e5:a2:
06:ec:86:4d:76:e6:28:d2:d3:5a:0c:ca:14:61:f4:dc:01:41:
6e:94:e9:bf:c4:5a:21:b2:c6:0a:59:c8:17:c9:ac:2b:ad:88:
30:ec:c4:4f:3c:da:60:95:3b:41:e2:b8:98:9e:b8:af:cc:25:
d6:c3:3d:2a:ff:3d:f2:15:8c:b1:94:22:3a:58:4f:e1:f1:20:
89:0d:8a:17
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
NDA5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgxOEYxMjJEQTIzRDhB
NzcwMDc0REU5OTIxMjIyRTNFQjFGMzdCMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBoLsNG38KnThI7FeAf/n2xV5p2FrE5OE0XnjjzkMuZtuypRDP
tBFGUwsYTWL0Jwn8Uzo0mxmLV38f3a6OE782CJzTr1tGlvtcYNwzZXeGAQ32FTKu
yyDiKij9VuwzCSH1UA3ZFLgWb+zclOGh17UG0iLPsrbpA3An/sTZYS7TqS01i9NX
ghqR8ZHIJ24WiF8cDJcouJxiZJAUS5jxJfcp17Fhi0PzzcKX8CLNbRpARJEOAn02
Wk+Dt2zlSrL8YKEmMEcMPPu7Ts/DjkZ6q2HIwbFIxmi3QAD6y8QzBBdW1T8fUHkg
25uEb5SKSp8I/v2biOiPdBIag5ikg1ufo7lfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgY8SLaI9incAdN6ZISIuPrHzeyQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nWThTTGFJOWluY0FkTjZa
SVNJdVBySHpleVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHx4JxCYmOJQxhvWJii1hnYJyK9l7ZYoluiI
DT1xPQgh7b4CvlM94lfrrFzD2kbGwhnuCPMHmotYjwDALS6znsT6iLE1eec3JhWZ
yZ6U08862SXa38i7Zgdn4JnAqSjDCzEsVhjc7NN/CHN0V0/Ghi50R7T7s71dAEi2
lRVOWJ9Xv3Yud25ehLFRV+ZhcwHcLtc80fONvbyai5sABQFiPfSo5dbPWjmEy4hj
tUTYSyLArtblogbshk125ijS01oMyhRh9NwBQW6U6b/EWiGyxgpZyBfJrCutiDDs
xE882mCVO0HiuJieuK/MJdbDPSr/PfIVjLGUIjpYT+HxIIkNihc=
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:37:41 2025 by rpki-client