Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kJx6G7Ok4skkAfsXs16vpaAn1Tg.roa
File: kJx6G7Ok4skkAfsXs16vpaAn1Tg.roa (raw, json)
Hash identifier: oEXXWLu5A1bWslqgMR+K/O1MHIOx1g/voPJbll2h/ZU=
Subject key identifier: 90:9C:7A:1B:B3:A4:E2:C9:24:01:FB:17:B3:5E:AF:A5:A0:27:D5:38
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06BE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kJx6G7Ok4skkAfsXs16vpaAn1Tg.roa
Signing time: Fri 16 May 2025 01:38:10 +0000
ROA not before: Fri 16 May 2025 01:38:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1726 (0x6be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 01:38:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=909C7A1BB3A4E2C92401FB17B35EAFA5A027D538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e4:77:62:fb:dc:44:bb:c0:37:af:ce:cb:69:
f7:82:7a:ef:8e:b7:db:08:fb:2d:51:d1:3f:6a:43:
c3:af:91:5f:5b:af:62:91:53:ef:8b:bc:72:0d:fa:
8c:78:c6:16:f2:cf:cd:f2:4a:91:4e:2b:b3:de:4d:
d0:76:95:91:30:98:55:ec:e5:54:9e:3d:20:82:04:
58:fb:33:32:f1:e8:5e:39:d7:06:1a:ac:c5:a7:02:
ac:65:01:19:ff:68:da:0a:b1:3c:51:ce:f6:39:80:
ac:c2:de:3c:af:7b:65:1e:9f:b7:5c:de:a7:14:0c:
1a:2a:7a:b7:9b:85:36:53:5a:0b:63:d4:58:1a:b0:
6d:99:b6:23:e3:10:9e:1c:4f:8a:c7:cf:b5:dd:78:
68:27:e0:a8:b1:8c:7c:f3:72:5c:c1:77:cb:ea:aa:
84:31:22:9e:24:21:8a:79:a2:d2:cb:34:35:bf:44:
5c:50:81:ed:54:57:7e:bc:97:cf:37:a1:df:9f:b8:
df:f2:76:77:f6:14:28:ab:ca:51:ba:52:3e:9a:dc:
1c:c6:a6:1f:ba:8d:f3:ad:a5:3b:76:ec:bd:5c:fe:
c4:9b:c6:a6:3b:d3:41:fe:a7:64:2c:2c:8e:d7:a4:
05:19:fa:82:44:6e:75:16:8d:72:22:10:78:a3:42:
10:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:9C:7A:1B:B3:A4:E2:C9:24:01:FB:17:B3:5E:AF:A5:A0:27:D5:38
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kJx6G7Ok4skkAfsXs16vpaAn1Tg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:29:5b:c2:c3:67:12:5b:48:50:18:ef:71:a6:8f:3f:26:d0:
51:92:a5:55:16:d8:79:9f:f9:22:7f:66:25:30:49:96:53:91:
87:51:33:2c:99:1b:0d:cb:cb:27:25:df:ed:93:2c:b8:41:70:
f9:cf:59:55:33:45:78:9a:5b:f8:94:ab:48:45:7e:c2:4d:f2:
42:45:21:f7:09:ae:20:ee:ab:45:b1:ca:d0:6c:b2:f0:06:db:
b0:88:6e:5a:d2:f9:9e:bb:db:96:ca:e2:2b:01:0e:cc:ac:cf:
a1:9c:55:e2:d8:81:2c:34:be:71:7b:a3:86:75:00:e6:bf:0c:
fa:35:a6:07:bc:56:8b:16:e9:11:3a:3e:e5:f4:65:ae:52:1a:
27:65:94:3a:43:0c:ab:f5:ae:ef:a3:1a:a7:cb:9e:d5:58:c7:
b3:cc:6a:a5:6b:93:25:a5:1f:4b:a4:c3:5f:a9:07:80:85:c2:
38:6d:ee:e0:99:91:bd:6f:5d:68:82:a4:03:71:52:f6:da:a3:
9b:8b:e3:c2:0c:c2:52:b6:49:c3:af:35:5b:8d:05:72:6a:4e:
24:0e:8b:35:df:68:1b:fa:df:a8:1f:b5:0e:f4:3b:f5:7b:09:
44:cd:ea:31:75:0d:5f:81:df:c7:a7:07:3d:d1:e9:3a:94:6f:
24:01:5a:d8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
MTM4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkwOUM3QTFCQjNBNEUy
QzkyNDAxRkIxN0IzNUVBRkE1QTAyN0Q1MzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc5Hdi+9xEu8A3r87LafeCeu+Ot9sI+y1R0T9qQ8OvkV9br2KR
U++LvHIN+ox4xhbyz83ySpFOK7PeTdB2lZEwmFXs5VSePSCCBFj7MzLx6F451wYa
rMWnAqxlARn/aNoKsTxRzvY5gKzC3jyve2Uen7dc3qcUDBoqerebhTZTWgtj1Fga
sG2ZtiPjEJ4cT4rHz7XdeGgn4KixjHzzclzBd8vqqoQxIp4kIYp5otLLNDW/RFxQ
ge1UV368l883od+fuN/ydnf2FCirylG6Uj6a3BzGph+6jfOtpTt27L1c/sSbxqY7
00H+p2QsLI7XpAUZ+oJEbnUWjXIiEHijQhBdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkJx6G7Ok4skkAfsXs16vpaAn1TgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rSng2RzdPazRza2tBZnNY
czE2dnBhQW4xVGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAApW8LDZxJbSFAY73Gmjz8m0FGSpVUW2Hmf
+SJ/ZiUwSZZTkYdRMyyZGw3Lyycl3+2TLLhBcPnPWVUzRXiaW/iUq0hFfsJN8kJF
IfcJriDuq0WxytBssvAG27CIblrS+Z6725bK4isBDsysz6GcVeLYgSw0vnF7o4Z1
AOa/DPo1pge8VosW6RE6PuX0Za5SGidllDpDDKv1ru+jGqfLntVYx7PMaqVrkyWl
H0ukw1+pB4CFwjht7uCZkb1vXWiCpANxUvbao5uL48IMwlK2ScOvNVuNBXJqTiQO
izXfaBv636gftQ70O/V7CUTN6jF1DV+B38enBz3R6TqUbyQBWtg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:40:38 2025 by rpki-client