Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tjmx_UVpuFYlKV1QRGx5YEpRRM4.roa
File: tjmx_UVpuFYlKV1QRGx5YEpRRM4.roa (raw, json)
Hash identifier: AXvzZ0v2WiRbm/nIIfzYHt7n4k7D+ENncL9HTeD/49c=
Subject key identifier: B6:39:B1:FD:45:69:B8:56:25:29:5D:50:44:6C:79:60:4A:51:44:CE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E36
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tjmx_UVpuFYlKV1QRGx5YEpRRM4.roa
Signing time: Mon 26 May 2025 00:38:36 +0000
ROA not before: Mon 26 May 2025 00:38:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3638 (0xe36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 00:38:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B639B1FD4569B85625295D50446C79604A5144CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3f:f3:91:fb:97:fc:af:97:6e:ef:b9:1a:65:
d1:84:9b:92:19:b8:7c:9e:d4:d3:65:df:d3:31:12:
eb:5a:48:5e:4b:9b:61:fa:cd:a4:0c:2f:d2:95:84:
86:d9:6d:fb:e1:a5:0c:d7:a0:d5:1d:47:5f:a4:42:
a3:b6:1f:83:8a:6d:0b:db:ee:a5:ba:9a:a1:4a:5b:
48:66:b9:b9:0f:b1:2f:98:b1:e7:ac:8f:3e:7f:70:
bf:07:64:96:3d:72:55:81:13:d0:2a:2e:8e:60:12:
32:a2:2c:32:56:7e:78:ca:bd:50:ab:91:73:ab:9e:
57:98:8e:74:ab:ea:a4:db:8d:14:e4:43:66:f9:bc:
ec:19:31:2e:26:32:8f:d7:97:a0:ab:44:3a:6d:9b:
c5:42:ae:1d:77:ff:32:64:13:5f:6a:04:5c:37:a0:
f7:91:49:b0:7f:e7:4e:ff:2c:1a:a9:77:4d:34:10:
ba:09:d2:b2:88:73:07:95:af:d5:c0:ed:48:e8:db:
d9:9b:7a:a3:bb:09:1a:f7:a3:c8:b5:1b:16:0d:79:
bb:6a:01:4e:3a:9a:2b:ea:91:85:53:55:11:4b:03:
8e:86:a5:68:95:41:0c:95:4a:0f:fe:08:96:49:69:
47:a1:11:d3:bd:c0:d8:17:f5:44:20:98:86:d9:f3:
0d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:39:B1:FD:45:69:B8:56:25:29:5D:50:44:6C:79:60:4A:51:44:CE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tjmx_UVpuFYlKV1QRGx5YEpRRM4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:6f:88:43:fe:1d:a3:4d:87:53:8c:fc:7e:80:c9:59:09:46:
8a:d4:50:5d:d8:42:76:4d:17:d4:2e:86:89:b7:d8:58:4f:ef:
b5:f6:77:d2:11:6c:05:ba:ad:dd:32:99:c4:bd:dd:88:d4:8e:
ad:bb:ee:ff:25:9d:01:79:6d:35:90:6a:18:33:c9:dc:3c:e6:
4f:d0:67:5f:13:40:43:4c:75:67:d5:9a:f9:9d:7b:51:52:e9:
34:93:4e:6f:6d:69:bf:9d:f9:3f:68:bd:ef:ad:31:54:42:b8:
76:42:1e:1e:05:b8:28:71:66:fd:1f:16:5b:8b:e9:63:ed:6b:
e0:53:dd:b3:90:d3:10:7b:6c:fb:fd:87:7f:eb:14:1b:9c:18:
7e:ad:53:b6:2d:91:5c:84:f2:f1:9d:6e:69:e9:56:43:2c:79:
c9:31:63:b0:c4:61:b6:e0:63:f4:ac:47:f6:46:94:1b:03:47:
52:52:27:23:ae:ca:64:be:32:82:c9:2d:b8:6d:7e:44:f8:83:
2f:8d:cb:04:0b:79:fe:e3:89:9b:4f:2b:23:a9:d7:c6:17:ed:
4b:43:42:dd:24:99:41:18:0b:a5:71:6f:b5:07:a0:5c:2c:b4:
e6:0f:84:1b:03:86:09:da:03:30:9d:7c:78:f6:3b:17:5f:50:
db:20:ca:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDjYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
MDM4MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI2MzlCMUZENDU2OUI4
NTYyNTI5NUQ1MDQ0NkM3OTYwNEE1MTQ0Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeP/OR+5f8r5du77kaZdGEm5IZuHye1NNl39MxEutaSF5Lm2H6
zaQML9KVhIbZbfvhpQzXoNUdR1+kQqO2H4OKbQvb7qW6mqFKW0hmubkPsS+Ysees
jz5/cL8HZJY9clWBE9AqLo5gEjKiLDJWfnjKvVCrkXOrnleYjnSr6qTbjRTkQ2b5
vOwZMS4mMo/Xl6CrRDptm8VCrh13/zJkE19qBFw3oPeRSbB/507/LBqpd000ELoJ
0rKIcweVr9XA7Ujo29mbeqO7CRr3o8i1GxYNebtqAU46mivqkYVTVRFLA46GpWiV
QQyVSg/+CJZJaUehEdO9wNgX9UQgmIbZ8w2nAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtjmx/UVpuFYlKV1QRGx5YEpRRM4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90am14X1VWcHVGWWxLVjFR
Ukd4NVlFcFJSTTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADxviEP+HaNNh1OM/H6AyVkJRorUUF3YQnZN
F9Quhom32FhP77X2d9IRbAW6rd0ymcS93YjUjq277v8lnQF5bTWQahgzydw85k/Q
Z18TQENMdWfVmvmde1FS6TSTTm9tab+d+T9ove+tMVRCuHZCHh4FuChxZv0fFluL
6WPta+BT3bOQ0xB7bPv9h3/rFBucGH6tU7YtkVyE8vGdbmnpVkMseckxY7DEYbbg
Y/SsR/ZGlBsDR1JSJyOuymS+MoLJLbhtfkT4gy+NywQLef7jiZtPKyOp18YX7UtD
Qt0kmUEYC6Vxb7UHoFwstOYPhBsDhgnaAzCdfHj2OxdfUNsgyo0=
-----END CERTIFICATE-----
Generated at Sat Jun 21 18:45:09 2025 by rpki-client