Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sPb6yMPHrsgVE-hIwmOdDfE6ESk.roa
File: sPb6yMPHrsgVE-hIwmOdDfE6ESk.roa (raw, json)
Hash identifier: xDQKxrRrgejfbF+JWqrFIH5Wrsf8Rr/zbAI+x76tD9A=
Subject key identifier: B0:F6:FA:C8:C3:C7:AE:C8:15:13:E8:48:C2:63:9D:0D:F1:3A:11:29
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CD6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sPb6yMPHrsgVE-hIwmOdDfE6ESk.roa
Signing time: Sat 14 Jun 2025 12:39:55 +0000
ROA not before: Sat 14 Jun 2025 12:39:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7382 (0x1cd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 12:39:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B0F6FAC8C3C7AEC81513E848C2639D0DF13A1129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4e:d8:ce:ab:48:e3:93:60:9f:7e:d9:1b:78:
1c:10:72:0f:be:af:87:32:86:fc:6c:ce:3d:24:f7:
6e:e9:df:e3:a6:b0:b2:e6:6c:b1:17:60:25:8f:3a:
a2:ca:e2:d4:20:44:bc:af:68:49:45:44:89:02:1d:
13:5c:05:19:b6:58:37:07:3a:64:95:cf:ac:9b:6e:
18:f8:57:e4:e3:11:cd:90:86:47:9f:53:72:6d:dd:
3d:3a:09:39:55:6c:cd:03:1f:5f:84:08:94:fb:04:
85:f2:82:c8:f3:fd:d8:78:4f:9c:04:aa:2c:97:86:
9a:9a:2b:42:17:24:86:7a:a1:a9:c9:73:27:ea:04:
03:93:65:c8:28:90:4f:57:5a:0c:5e:9e:7c:aa:95:
0c:0d:19:4b:51:1a:68:29:53:6f:44:99:02:07:20:
ad:96:89:25:d9:54:b3:e6:47:c1:e4:dd:88:33:d6:
34:5b:bd:ef:c6:a6:75:ef:5d:55:5e:16:e4:22:96:
83:fd:47:4d:f4:07:af:ef:2c:0c:f2:00:a8:f8:5c:
3d:d0:b8:2b:2b:16:45:04:84:06:db:3f:38:16:cc:
0a:0b:11:f5:a7:5c:3f:e0:ed:0b:da:3b:5d:45:38:
0d:9a:bc:f4:16:bd:4e:27:4f:24:d9:06:19:e2:48:
a6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F6:FA:C8:C3:C7:AE:C8:15:13:E8:48:C2:63:9D:0D:F1:3A:11:29
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sPb6yMPHrsgVE-hIwmOdDfE6ESk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:63:65:37:8e:19:40:03:01:28:17:2c:c6:30:4a:ad:0d:84:
16:f5:8f:07:27:7e:94:59:43:d5:d9:cc:e1:f7:90:4c:cf:18:
d9:4c:39:aa:fa:8e:6c:13:b7:67:62:48:fe:97:e5:86:78:18:
b3:c7:94:3d:8b:de:c0:88:c9:03:c2:71:0d:54:f1:a5:9f:b8:
aa:33:b0:38:66:73:bb:4c:b6:b6:33:b9:d2:d5:4d:97:2b:3a:
e0:7e:44:5e:bb:17:58:45:db:01:97:42:69:20:4f:65:ee:7d:
2c:b6:b0:6d:90:60:47:c0:1a:6c:37:b5:8c:de:e2:59:73:5d:
e8:25:a5:54:16:b8:73:d0:2b:b9:f8:65:11:5d:db:ce:27:0f:
d0:22:36:15:4f:2e:14:32:4b:e8:cb:02:93:1b:66:e2:04:3d:
6c:e2:36:ff:6b:6a:c8:cc:6d:06:d0:6e:a8:a8:88:55:bd:14:
fe:a4:b9:82:2d:a6:b7:15:d1:90:ad:31:33:d9:1d:3b:09:8f:
85:72:1f:89:20:25:05:66:cf:22:57:ee:25:ed:ed:6e:30:a5:
53:13:82:49:b4:79:a1:ca:c8:b1:b5:6d:00:b9:8d:4a:d9:f6:
a2:ba:ac:14:d9:d6:a8:02:91:d5:69:e0:50:02:e0:77:98:f3:
1c:e7:01:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHNYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQx
MjM5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIwRjZGQUM4QzNDN0FF
QzgxNTEzRTg0OEMyNjM5RDBERjEzQTExMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3TtjOq0jjk2CfftkbeBwQcg++r4cyhvxszj0k927p3+OmsLLm
bLEXYCWPOqLK4tQgRLyvaElFRIkCHRNcBRm2WDcHOmSVz6ybbhj4V+TjEc2Qhkef
U3Jt3T06CTlVbM0DH1+ECJT7BIXygsjz/dh4T5wEqiyXhpqaK0IXJIZ6oanJcyfq
BAOTZcgokE9XWgxennyqlQwNGUtRGmgpU29EmQIHIK2WiSXZVLPmR8Hk3Ygz1jRb
ve/GpnXvXVVeFuQiloP9R030B6/vLAzyAKj4XD3QuCsrFkUEhAbbPzgWzAoLEfWn
XD/g7QvaO11FOA2avPQWvU4nTyTZBhniSKbTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsPb6yMPHrsgVE+hIwmOdDfE6ESkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zUGI2eU1QSHJzZ1ZFLWhJ
d21PZERmRTZFU2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADpjZTeOGUADASgXLMYwSq0NhBb1jwcnfpRZ
Q9XZzOH3kEzPGNlMOar6jmwTt2diSP6X5YZ4GLPHlD2L3sCIyQPCcQ1U8aWfuKoz
sDhmc7tMtrYzudLVTZcrOuB+RF67F1hF2wGXQmkgT2XufSy2sG2QYEfAGmw3tYze
4llzXeglpVQWuHPQK7n4ZRFd284nD9AiNhVPLhQyS+jLApMbZuIEPWziNv9rasjM
bQbQbqioiFW9FP6kuYItprcV0ZCtMTPZHTsJj4VyH4kgJQVmzyJX7iXt7W4wpVMT
gkm0eaHKyLG1bQC5jUrZ9qK6rBTZ1qgCkdVp4FAC4HeY8xznAfo=
-----END CERTIFICATE-----
Generated at Fri Jun 20 21:28:03 2025 by rpki-client