Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/pFpQo700Zedm4XmbZZN1xT_EiHc.roa
File: pFpQo700Zedm4XmbZZN1xT_EiHc.roa (raw, json)
Hash identifier: O8DGWu6WqwZxxD0OkNlTw9pme3xQzV7T+Lp7E7yZrtc=
Subject key identifier: A4:5A:50:A3:BD:34:65:E7:66:E1:79:9B:65:93:75:C5:3F:C4:88:77
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B52
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pFpQo700Zedm4XmbZZN1xT_EiHc.roa
Signing time: Thu 12 Jun 2025 12:10:40 +0000
ROA not before: Thu 12 Jun 2025 12:10:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6994 (0x1b52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 12:10:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A45A50A3BD3465E766E1799B659375C53FC48877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:49:c7:23:a9:43:72:57:37:f7:69:e3:69:fc:
19:13:7f:44:a1:79:95:17:0e:32:d4:cc:e3:b0:cb:
c1:36:ab:f2:7c:6f:88:1b:03:18:db:bd:9a:28:d0:
d7:98:0b:90:d6:2d:aa:a9:5b:2e:e1:1e:96:e4:7d:
af:bb:53:66:46:a9:22:8f:f6:57:08:97:ad:08:54:
f4:a8:cb:1f:28:6a:67:4f:ae:9a:15:7f:4c:f8:93:
b5:b1:b4:25:3d:7b:35:ec:42:7f:f0:48:dd:09:93:
ff:28:80:a4:78:87:7d:e9:56:57:75:9d:da:9d:0c:
16:cb:10:01:10:85:c8:ae:2a:4f:1e:94:2c:c4:90:
0e:80:50:26:11:67:f0:1c:ba:ac:d7:2a:90:7a:03:
d3:75:ce:77:f3:ff:14:2c:be:ea:4d:dc:20:95:c8:
2b:0f:80:8c:d0:f9:14:26:7f:13:e4:48:56:70:9d:
cf:b5:c9:c4:39:f9:8e:60:a4:fd:17:62:15:5a:14:
43:cc:5e:e6:22:a3:11:6f:68:ea:16:9c:06:c6:c9:
f1:6c:6a:17:b9:3b:ad:22:33:65:9f:a6:a6:db:f5:
87:1d:69:1f:55:da:f4:b7:1c:86:7f:e8:d4:67:68:
85:2f:0b:9f:76:3f:23:d9:35:30:df:f2:15:af:1c:
71:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:5A:50:A3:BD:34:65:E7:66:E1:79:9B:65:93:75:C5:3F:C4:88:77
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pFpQo700Zedm4XmbZZN1xT_EiHc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:ef:27:92:1e:4a:ad:6c:12:6a:f6:55:a2:31:38:9e:93:9d:
b6:25:66:f9:72:82:cd:5b:23:14:e6:34:1d:4c:1d:45:17:ef:
9d:02:cb:88:64:c5:fc:c1:2a:32:bb:de:b1:87:87:17:3d:ae:
73:29:3b:b3:32:16:59:8e:ed:48:34:b9:3f:67:90:2d:9d:92:
e6:25:1f:b1:37:6d:cf:71:25:69:bc:d6:3b:a4:29:8f:96:58:
ad:8e:0b:ce:26:a7:e7:11:cc:62:f2:e8:50:7b:d3:c3:37:7c:
e0:97:09:f3:4f:33:8b:19:4c:65:47:e6:2d:18:4b:83:70:0b:
56:4d:d1:66:91:ee:d5:18:bd:31:7c:ae:e2:d2:88:e4:70:49:
fc:e3:ac:82:d5:9b:67:bd:eb:d4:f7:86:26:f6:31:f8:6e:ff:
bf:c3:98:c0:81:1f:c5:20:9e:55:f5:18:fd:7d:a7:cc:0b:b1:
22:d7:5d:1d:c7:d9:25:c1:d2:ca:86:6d:66:c3:a8:3b:96:22:
bc:4a:13:27:40:2a:5a:2d:72:f9:90:70:ad:54:c1:c9:84:6e:
ad:74:55:57:db:55:1f:ad:85:a2:d1:3f:68:ad:99:07:e7:75:
58:7e:07:63:60:26:d2:85:7d:84:9c:32:39:ff:17:3c:7c:e2:
02:50:7b:2e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIx
MjEwNDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE0NUE1MEEzQkQzNDY1
RTc2NkUxNzk5QjY1OTM3NUM1M0ZDNDg4NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNSccjqUNyVzf3aeNp/BkTf0SheZUXDjLUzOOwy8E2q/J8b4gb
AxjbvZoo0NeYC5DWLaqpWy7hHpbkfa+7U2ZGqSKP9lcIl60IVPSoyx8oamdPrpoV
f0z4k7WxtCU9ezXsQn/wSN0Jk/8ogKR4h33pVld1ndqdDBbLEAEQhciuKk8elCzE
kA6AUCYRZ/AcuqzXKpB6A9N1znfz/xQsvupN3CCVyCsPgIzQ+RQmfxPkSFZwnc+1
ycQ5+Y5gpP0XYhVaFEPMXuYioxFvaOoWnAbGyfFsahe5O60iM2Wfpqbb9YcdaR9V
2vS3HIZ/6NRnaIUvC592PyPZNTDf8hWvHHFJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpFpQo700Zedm4XmbZZN1xT/EiHcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wRnBRbzcwMFplZG00WG1i
WlpOMXhUX0VpSGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHnvJ5IeSq1sEmr2VaIxOJ6TnbYlZvlygs1b
IxTmNB1MHUUX750Cy4hkxfzBKjK73rGHhxc9rnMpO7MyFlmO7Ug0uT9nkC2dkuYl
H7E3bc9xJWm81jukKY+WWK2OC84mp+cRzGLy6FB708M3fOCXCfNPM4sZTGVH5i0Y
S4NwC1ZN0WaR7tUYvTF8ruLSiORwSfzjrILVm2e969T3hib2Mfhu/7/DmMCBH8Ug
nlX1GP19p8wLsSLXXR3H2SXB0sqGbWbDqDuWIrxKEydAKlotcvmQcK1UwcmEbq10
VVfbVR+thaLRP2itmQfndVh+B2NgJtKFfYScMjn/Fzx84gJQey4=
-----END CERTIFICATE-----
Generated at Fri Jun 20 18:07:49 2025 by rpki-client