Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gb0ycPZfzmbzL-kRO3wPK0knEMw.roa
File: gb0ycPZfzmbzL-kRO3wPK0knEMw.roa (raw, json)
Hash identifier: urAzBfXTQFC2KF4viVA6SNHxMYo5rz3qmertM/Bs5S0=
Subject key identifier: 81:BD:32:70:F6:5F:CE:66:F3:2F:E9:11:3B:7C:0F:2B:49:27:10:CC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15F2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gb0ycPZfzmbzL-kRO3wPK0knEMw.roa
Signing time: Thu 05 Jun 2025 08:09:23 +0000
ROA not before: Thu 05 Jun 2025 08:09:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5618 (0x15f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 08:09:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=81BD3270F65FCE66F32FE9113B7C0F2B492710CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:81:3b:df:12:a1:8f:ae:fa:c6:be:21:44:91:
cb:3c:08:3c:c1:ba:51:b4:60:c7:6a:f7:0e:b6:35:
52:f5:50:10:be:ce:72:e9:63:0e:53:21:39:a9:89:
d7:18:04:dc:e6:fb:7c:09:0c:b5:5e:0e:ef:d2:4a:
dd:d5:18:70:4d:6d:bf:e2:70:ac:93:9c:d0:d0:cb:
42:08:12:32:e9:36:84:75:bf:f2:4c:a0:33:66:f1:
97:9f:57:78:ce:15:de:17:40:e0:38:26:e5:43:2b:
d8:a9:1d:cb:76:3e:db:28:14:93:f0:42:df:00:ee:
76:8a:52:88:6f:ca:36:c0:22:44:49:e4:57:be:db:
78:fc:ec:38:19:7b:fb:1b:71:ab:b5:a4:44:44:0b:
0c:cb:30:6e:1a:34:c8:26:23:03:13:c2:13:96:f6:
ca:55:1c:1a:91:a3:5e:42:21:47:9b:d2:a5:07:c9:
85:b7:72:41:e3:d6:88:c3:f3:65:ac:ec:65:31:f7:
00:49:d9:6a:a2:4c:be:99:d0:a7:10:af:2e:3b:8c:
92:11:76:54:19:0f:43:9d:e7:67:1e:fb:a3:2a:76:
24:d6:94:d7:d3:87:79:26:a6:ca:53:e3:61:38:ab:
73:93:1e:26:c2:1b:36:ee:22:40:ef:a5:fa:ea:d8:
56:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BD:32:70:F6:5F:CE:66:F3:2F:E9:11:3B:7C:0F:2B:49:27:10:CC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gb0ycPZfzmbzL-kRO3wPK0knEMw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:43:9f:98:10:f4:f9:2e:3a:8e:7b:64:af:08:c5:19:29:4d:
ea:c1:64:c5:db:c7:79:8d:65:9e:9c:c0:99:f4:c8:76:51:65:
ae:83:8d:cd:1a:a4:51:94:28:e1:8a:27:da:2b:80:ce:12:a1:
e9:89:44:19:a8:74:e1:8a:34:53:6e:4a:ca:35:8b:08:a3:ed:
e7:f9:e3:ee:d3:ee:87:b4:28:56:d7:cc:be:5b:0f:f8:a8:a6:
8f:92:35:74:4b:1d:d1:1f:0e:5b:dc:5a:0a:4e:c7:55:fa:71:
b0:79:12:60:1f:26:40:9a:2e:fc:21:c6:5c:2b:92:c0:13:95:
d6:3a:98:72:cc:20:11:1c:e0:83:76:b0:88:15:f7:a9:eb:2f:
22:13:f9:07:83:e2:57:d5:0e:3c:10:cd:c3:f3:9d:22:42:1c:
25:71:05:09:af:f7:84:ad:56:8e:7a:ee:9b:c4:a3:3f:6c:13:
33:c2:6d:da:3f:9c:6e:da:f1:a6:4a:1e:ee:11:2d:8c:14:be:
8c:be:95:66:27:bb:fd:ed:f3:f7:65:3e:38:78:e1:cb:69:97:
9b:27:6c:e5:f3:b9:ba:9f:ad:2f:d7:6d:fc:9d:08:16:ed:31:
ea:68:13:35:e2:15:a8:04:52:f7:7a:2a:93:4c:9e:6f:59:a5:
f7:e4:a8:89
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFfIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUw
ODA5MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgxQkQzMjcwRjY1RkNF
NjZGMzJGRTkxMTNCN0MwRjJCNDkyNzEwQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIgTvfEqGPrvrGviFEkcs8CDzBulG0YMdq9w62NVL1UBC+znLp
Yw5TITmpidcYBNzm+3wJDLVeDu/SSt3VGHBNbb/icKyTnNDQy0IIEjLpNoR1v/JM
oDNm8ZefV3jOFd4XQOA4JuVDK9ipHct2PtsoFJPwQt8A7naKUohvyjbAIkRJ5Fe+
23j87DgZe/sbcau1pERECwzLMG4aNMgmIwMTwhOW9spVHBqRo15CIUeb0qUHyYW3
ckHj1ojD82Ws7GUx9wBJ2WqiTL6Z0KcQry47jJIRdlQZD0Od52ce+6MqdiTWlNfT
h3kmpspT42E4q3OTHibCGzbuIkDvpfrq2FaxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgb0ycPZfzmbzL+kRO3wPK0knEMwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nYjB5Y1BaZnptYnpMLWtS
TzN3UEswa25FTXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAG1Dn5gQ9PkuOo57ZK8IxRkpTerBZMXbx3mN
ZZ6cwJn0yHZRZa6Djc0apFGUKOGKJ9orgM4SoemJRBmodOGKNFNuSso1iwij7ef5
4+7T7oe0KFbXzL5bD/iopo+SNXRLHdEfDlvcWgpOx1X6cbB5EmAfJkCaLvwhxlwr
ksATldY6mHLMIBEc4IN2sIgV96nrLyIT+QeD4lfVDjwQzcPznSJCHCVxBQmv94St
Vo567pvEoz9sEzPCbdo/nG7a8aZKHu4RLYwUvoy+lWYnu/3t8/dlPjh44ctpl5sn
bOXzubqfrS/XbfydCBbtMepoEzXiFagEUvd6KpNMnm9ZpffkqIk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:56:53 2025 by rpki-client