Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/poj7bSRMEvKG_bMsMAnpnHus9_I.roa
File: poj7bSRMEvKG_bMsMAnpnHus9_I.roa (raw, json)
Hash identifier: 2O8HuOMgWIHtWfeCDuoqmPE7bs362Hq1mAFvgkQAFPM=
Subject key identifier: A6:88:FB:6D:24:4C:12:F2:86:FD:B3:2C:30:09:E9:9C:7B:AC:F7:F2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07EA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/poj7bSRMEvKG_bMsMAnpnHus9_I.roa
Signing time: Sat 17 May 2025 15:08:18 +0000
ROA not before: Sat 17 May 2025 15:08:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2026 (0x7ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 15:08:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A688FB6D244C12F286FDB32C3009E99C7BACF7F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3f:5e:ad:2a:d8:a5:00:cc:3d:63:d3:7f:4e:
06:78:e9:91:03:c2:61:ea:e4:50:f9:8d:32:f4:12:
b0:64:cb:ed:8f:6e:60:cc:31:90:da:ae:0a:4d:75:
68:87:51:ba:62:a3:dc:98:35:6c:02:d5:07:1b:77:
d4:45:88:91:48:5c:15:81:5d:2c:d7:fa:78:44:f1:
9d:7e:c5:b2:37:2d:1b:7e:e9:d1:51:a5:9d:ee:12:
ce:bb:e5:24:4d:2b:4a:96:95:89:62:75:dc:3f:ed:
af:e2:91:4f:3d:32:18:20:15:55:0b:82:b5:3d:70:
9b:db:fb:42:a7:4e:23:6c:11:f9:a8:b2:12:f0:24:
88:af:d8:a8:15:5f:7a:f6:60:39:b2:f5:f3:fe:9e:
01:72:1a:9f:ac:f2:2d:65:9c:a7:2c:1a:db:ab:03:
c9:f8:ed:3f:c6:f8:12:9c:d0:ac:db:48:2d:1c:28:
69:88:aa:0f:03:33:7f:ec:fc:5e:c2:04:cd:1d:04:
7e:b8:51:66:d2:0f:35:9b:11:9c:e1:c4:f5:59:98:
f1:d0:60:5a:d5:a9:96:50:e6:aa:e5:54:44:44:e2:
e6:d7:1e:66:81:aa:91:17:3d:55:09:2d:80:85:b9:
e6:ff:6c:46:e5:9a:33:95:aa:e1:ba:25:8e:72:d5:
b5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:88:FB:6D:24:4C:12:F2:86:FD:B3:2C:30:09:E9:9C:7B:AC:F7:F2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/poj7bSRMEvKG_bMsMAnpnHus9_I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:58:94:4c:e8:00:71:c9:89:7f:48:4a:92:5c:19:45:10:23:
f2:2c:72:7a:e0:a7:d3:8e:b6:99:72:fe:33:14:94:26:4e:a9:
33:77:ff:21:2f:56:25:c2:a5:37:de:f4:2e:5c:ba:a0:26:76:
e6:7f:75:15:1c:3b:31:0d:25:e3:10:0a:b5:33:0f:d6:cd:b6:
31:69:31:8a:78:40:40:6d:63:34:92:f0:d4:bb:f2:d1:ed:21:
11:00:ba:88:d3:58:fb:ce:b8:46:14:bf:bc:e9:68:56:9e:bf:
ff:a9:e4:90:a9:d6:08:d8:fd:98:1b:34:1f:31:26:59:b9:b6:
a6:16:1a:9b:80:ef:43:0a:35:c9:eb:b6:44:a1:93:cf:a2:98:
71:ac:73:f1:d4:bd:6a:aa:03:5c:c9:94:83:7d:89:cf:ad:6a:
75:79:02:3e:b0:0c:6f:9b:e2:14:fd:b5:52:0f:6f:d6:07:d7:
a5:cd:fe:e0:b0:62:2f:c5:22:7a:95:fc:50:2c:ce:2c:a0:b6:
2d:3b:8c:d0:42:c4:a4:60:d0:b4:8a:59:27:4d:fe:3e:2c:f1:
53:e4:63:43:ed:8e:1e:c1:0f:78:ce:0d:e3:e2:ca:9c:8a:b2:
30:ef:83:c9:7c:0a:3f:79:42:22:b3:df:07:27:65:a2:79:fd:
b3:49:a8:4f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB+owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
NTA4MThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE2ODhGQjZEMjQ0QzEy
RjI4NkZEQjMyQzMwMDlFOTlDN0JBQ0Y3RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfP16tKtilAMw9Y9N/TgZ46ZEDwmHq5FD5jTL0ErBky+2PbmDM
MZDargpNdWiHUbpio9yYNWwC1Qcbd9RFiJFIXBWBXSzX+nhE8Z1+xbI3LRt+6dFR
pZ3uEs675SRNK0qWlYliddw/7a/ikU89MhggFVULgrU9cJvb+0KnTiNsEfmoshLw
JIiv2KgVX3r2YDmy9fP+ngFyGp+s8i1lnKcsGturA8n47T/G+BKc0KzbSC0cKGmI
qg8DM3/s/F7CBM0dBH64UWbSDzWbEZzhxPVZmPHQYFrVqZZQ5qrlVERE4ubXHmaB
qpEXPVUJLYCFueb/bEblmjOVquG6JY5y1bWjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpoj7bSRMEvKG/bMsMAnpnHus9/IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wb2o3YlNSTUV2S0dfYk1z
TUFucG5IdXM5X0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHJYlEzoAHHJiX9ISpJcGUUQI/Iscnrgp9OO
tply/jMUlCZOqTN3/yEvViXCpTfe9C5cuqAmduZ/dRUcOzENJeMQCrUzD9bNtjFp
MYp4QEBtYzSS8NS78tHtIREAuojTWPvOuEYUv7zpaFaev/+p5JCp1gjY/ZgbNB8x
Jlm5tqYWGpuA70MKNcnrtkShk8+imHGsc/HUvWqqA1zJlIN9ic+tanV5Aj6wDG+b
4hT9tVIPb9YH16XN/uCwYi/FInqV/FAsziygti07jNBCxKRg0LSKWSdN/j4s8VPk
Y0Ptjh7BD3jODePiypyKsjDvg8l8Cj95QiKz3wcnZaJ5/bNJqE8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:26:03 2025 by rpki-client