Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/u4-hCdQsfGGWUVGeYHv2HPxGazI.roa
File: u4-hCdQsfGGWUVGeYHv2HPxGazI.roa (raw, json)
Hash identifier: OGo1JTK73pHr+a5Utp1UTwPrfwoGUy38vIPyEXOU2AE=
Subject key identifier: BB:8F:A1:09:D4:2C:7C:61:96:51:51:9E:60:7B:F6:1C:FC:46:6B:32
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CE2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u4-hCdQsfGGWUVGeYHv2HPxGazI.roa
Signing time: Sat 14 Jun 2025 14:20:08 +0000
ROA not before: Sat 14 Jun 2025 14:20:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7394 (0x1ce2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 14:20:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BB8FA109D42C7C619651519E607BF61CFC466B32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:27:e6:6d:eb:ca:bb:d3:20:0c:d7:af:77:29:
d8:69:97:fe:45:39:7b:17:3b:56:a3:5f:f0:88:ef:
c0:04:54:f6:c3:f6:f2:70:e0:ad:0a:e7:58:dd:c8:
5c:39:46:19:20:06:27:bc:1d:51:ca:01:bc:e1:ce:
83:ce:9b:e6:fb:a5:ea:c0:91:a4:26:b1:52:e6:f2:
96:66:b2:1f:7c:07:c0:24:07:c0:f2:e0:38:5b:63:
0f:df:3e:e5:55:3e:48:a1:8f:ea:e9:87:ec:b5:2b:
d3:b9:d5:45:9d:79:a4:8d:7e:31:5f:db:21:35:c4:
59:34:9d:d2:f8:bb:66:c9:33:20:af:67:b2:fd:5f:
88:94:ae:05:21:f8:ac:d1:62:4f:02:39:f9:81:47:
8d:7d:96:94:a5:1d:22:fd:ed:b4:6b:f7:0d:49:83:
8d:d0:25:da:3a:ff:83:ff:87:3f:d7:9b:d8:ea:e1:
f1:fd:15:44:25:a7:bf:d4:ea:23:c1:a5:e2:01:71:
4f:2b:2a:41:e1:d8:51:ee:e8:e8:00:4d:29:91:4c:
7d:36:e0:aa:f1:65:66:50:a5:4e:4a:bd:7d:c1:bc:
f3:df:1f:6f:f3:61:6c:06:d7:b4:d8:77:c9:3a:b0:
c3:cf:b7:67:ac:33:7a:45:02:3c:28:61:47:82:48:
d6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8F:A1:09:D4:2C:7C:61:96:51:51:9E:60:7B:F6:1C:FC:46:6B:32
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u4-hCdQsfGGWUVGeYHv2HPxGazI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:78:5c:d4:4b:10:cf:ac:d3:d4:61:0f:f6:49:54:1b:bc:da:
0a:88:7c:0b:9e:fd:31:d6:f6:3c:71:04:1a:82:53:43:75:69:
7d:fa:33:8e:d9:4c:c6:f6:19:96:3a:b8:28:23:ce:00:b1:1d:
24:03:ac:37:ed:8a:8d:4e:03:d2:a1:9a:2e:14:9d:9e:fc:bf:
85:fa:1a:62:ff:ae:47:e1:f1:a2:19:8a:e8:62:be:93:2c:7b:
d5:0b:31:4a:03:b1:c5:3e:b7:5b:a2:34:6d:87:c6:0b:f5:0d:
4f:3b:21:f8:d3:88:5b:de:79:78:a7:8e:fa:61:ee:64:f5:f1:
36:87:f1:78:3c:b8:f0:67:37:1e:fc:37:e2:1e:87:57:8a:99:
d6:1b:6d:62:8e:37:80:59:ee:47:2a:c0:6f:1a:dd:da:69:b1:
97:5a:6a:79:00:2b:7e:c1:0b:84:21:52:74:4f:d3:23:d2:17:
94:d4:e5:45:2f:27:5f:16:37:c9:6c:8c:e8:58:ad:c8:88:a4:
08:ff:42:ec:8b:44:62:8a:49:8d:4e:01:5d:4a:c3:d0:e1:d0:
af:2a:cb:33:56:60:78:85:27:3b:a1:ed:c9:5a:fe:47:32:4f:
19:5b:56:1d:59:25:d3:2a:2f:20:7c:ec:c0:c2:c1:72:59:0b:
4b:bf:da:20
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQx
NDIwMDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCOEZBMTA5RDQyQzdD
NjE5NjUxNTE5RTYwN0JGNjFDRkM0NjZCMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvJ+Zt68q70yAM1693Kdhpl/5FOXsXO1ajX/CI78AEVPbD9vJw
4K0K51jdyFw5RhkgBie8HVHKAbzhzoPOm+b7perAkaQmsVLm8pZmsh98B8AkB8Dy
4DhbYw/fPuVVPkihj+rph+y1K9O51UWdeaSNfjFf2yE1xFk0ndL4u2bJMyCvZ7L9
X4iUrgUh+KzRYk8COfmBR419lpSlHSL97bRr9w1Jg43QJdo6/4P/hz/Xm9jq4fH9
FUQlp7/U6iPBpeIBcU8rKkHh2FHu6OgATSmRTH024KrxZWZQpU5KvX3BvPPfH2/z
YWwG17TYd8k6sMPPt2esM3pFAjwoYUeCSNbpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu4+hCdQsfGGWUVGeYHv2HPxGazIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91NC1oQ2RRc2ZHR1dVVkdl
WUh2MkhQeEdhekkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEJ4XNRLEM+s09RhD/ZJVBu82gqIfAue/THW
9jxxBBqCU0N1aX36M47ZTMb2GZY6uCgjzgCxHSQDrDftio1OA9Khmi4UnZ78v4X6
GmL/rkfh8aIZiuhivpMse9ULMUoDscU+t1uiNG2Hxgv1DU87IfjTiFveeXinjvph
7mT18TaH8Xg8uPBnNx78N+Ieh1eKmdYbbWKON4BZ7kcqwG8a3dppsZdaankAK37B
C4QhUnRP0yPSF5TU5UUvJ18WN8lsjOhYrciIpAj/QuyLRGKKSY1OAV1Kw9Dh0K8q
yzNWYHiFJzuh7cla/kcyTxlbVh1ZJdMqLyB87MDCwXJZC0u/2iA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 13:51:58 2025 by rpki-client