Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wE73HuGE5zH1DZxweCewJcGljvI.roa
File: wE73HuGE5zH1DZxweCewJcGljvI.roa (raw, json)
Hash identifier: XtJNB0TzX+IngAZbP4ipfjgUiBJ7i1hklgA+MJ2WAYQ=
Subject key identifier: C0:4E:F7:1E:E1:84:E7:31:F5:0D:9C:70:78:27:B0:25:C1:A5:8E:F2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1682
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wE73HuGE5zH1DZxweCewJcGljvI.roa
Signing time: Fri 06 Jun 2025 02:09:27 +0000
ROA not before: Fri 06 Jun 2025 02:09:27 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5762 (0x1682)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 02:09:27 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C04EF71EE184E731F50D9C707827B025C1A58EF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:36:e2:b7:9f:7a:f0:ed:e5:df:a3:c1:c7:eb:
fd:5c:f9:ce:9d:12:fb:9b:f0:14:01:be:25:6a:f8:
b2:e5:e6:d5:34:78:e7:9b:5c:e8:f8:43:13:42:fe:
45:ad:39:58:5e:2b:7d:86:89:b5:d4:2c:62:e1:a4:
e0:c4:4c:d8:87:a4:cb:7c:e3:e8:75:69:dd:e3:2f:
9a:d2:18:a3:4a:22:ae:66:9e:12:35:26:c3:b9:ab:
78:60:9c:49:cc:73:21:8a:c1:bf:ea:50:8f:99:eb:
f7:51:6c:a1:fb:f2:20:2b:0c:03:15:59:12:1c:81:
b3:07:21:40:55:70:b2:02:de:01:05:04:e6:65:53:
af:a2:83:d9:85:8e:a4:74:a9:de:14:83:4f:03:8b:
db:af:8e:02:fd:56:62:1a:43:91:f9:af:a1:14:69:
bf:51:5c:17:44:10:63:39:ac:5a:f5:53:93:78:7b:
a6:61:56:41:4c:b6:e2:89:76:c5:9b:10:b5:c4:5d:
fc:d0:3d:fc:a7:fc:9f:23:9b:3d:e6:a7:9c:13:09:
06:e7:e5:cd:26:dc:bb:55:d5:71:d6:6d:ba:ff:dd:
bf:90:42:2e:df:13:36:f4:be:5f:94:17:dd:02:cb:
f2:84:3e:89:fb:6d:54:28:6b:27:03:76:6b:d2:63:
d1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4E:F7:1E:E1:84:E7:31:F5:0D:9C:70:78:27:B0:25:C1:A5:8E:F2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wE73HuGE5zH1DZxweCewJcGljvI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:e9:24:71:a2:61:be:3b:82:fd:41:79:55:23:c3:08:25:3e:
14:88:57:fc:60:fe:2b:2c:dd:a7:18:c8:fb:52:7d:76:da:ee:
39:a1:4a:74:9d:fa:49:1b:73:22:f7:a7:4f:64:f5:4a:bc:e4:
33:8f:6c:bd:12:5a:34:04:8b:b8:78:29:78:44:32:b7:77:3c:
39:81:16:13:78:de:8a:d8:b4:d8:0a:27:35:0b:e6:ad:b3:94:
02:63:d9:08:12:8b:91:29:a1:43:42:78:06:35:9c:29:16:eb:
d3:4d:a7:41:dc:66:d1:42:d1:0d:e2:cb:c3:cb:9f:23:a9:7e:
8c:0f:c3:a0:66:51:2b:73:bd:8a:15:aa:72:2e:60:81:81:81:
e4:c4:6d:1d:ce:53:a5:0d:2e:ec:a3:db:6f:8f:f2:b8:ce:71:
f2:11:12:ca:2f:91:70:9f:49:c2:54:a7:27:cb:24:a0:24:e2:
d0:5d:5c:b6:ea:0e:ea:cc:02:ed:ed:09:b1:89:9b:71:01:1f:
9c:c9:e5:8c:9a:31:e9:36:78:57:66:51:f5:b9:5b:e4:69:a8:
52:57:f0:e9:4b:32:5f:3d:1a:61:ba:bc:21:bf:1a:6a:00:b1:
bc:1c:e4:37:65:b0:56:41:cf:ba:81:1e:e9:97:23:7b:0d:8e:
46:84:3d:a6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFoIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
MjA5MjdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwNEVGNzFFRTE4NEU3
MzFGNTBEOUM3MDc4MjdCMDI1QzFBNThFRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDENuK3n3rw7eXfo8HH6/1c+c6dEvub8BQBviVq+LLl5tU0eOeb
XOj4QxNC/kWtOVheK32GibXULGLhpODETNiHpMt84+h1ad3jL5rSGKNKIq5mnhI1
JsO5q3hgnEnMcyGKwb/qUI+Z6/dRbKH78iArDAMVWRIcgbMHIUBVcLIC3gEFBOZl
U6+ig9mFjqR0qd4Ug08Di9uvjgL9VmIaQ5H5r6EUab9RXBdEEGM5rFr1U5N4e6Zh
VkFMtuKJdsWbELXEXfzQPfyn/J8jmz3mp5wTCQbn5c0m3LtV1XHWbbr/3b+QQi7f
Ezb0vl+UF90Cy/KEPon7bVQoaycDdmvSY9FXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwE73HuGE5zH1DZxweCewJcGljvIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93RTczSHVHRTV6SDFEWnh3
ZUNld0pjR2xqdkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJPpJHGiYb47gv1BeVUjwwglPhSIV/xg/iss
3acYyPtSfXba7jmhSnSd+kkbcyL3p09k9Uq85DOPbL0SWjQEi7h4KXhEMrd3PDmB
FhN43orYtNgKJzUL5q2zlAJj2QgSi5EpoUNCeAY1nCkW69NNp0HcZtFC0Q3iy8PL
nyOpfowPw6BmUStzvYoVqnIuYIGBgeTEbR3OU6UNLuyj22+P8rjOcfIREsovkXCf
ScJUpyfLJKAk4tBdXLbqDurMAu3tCbGJm3EBH5zJ5YyaMek2eFdmUfW5W+RpqFJX
8OlLMl89GmG6vCG/GmoAsbwc5DdlsFZBz7qBHumXI3sNjkaEPaY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:35 2025 by rpki-client