Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wKpNvQFI6zzPMEes-mn1dWHuJBI.roa
File: wKpNvQFI6zzPMEes-mn1dWHuJBI.roa (raw, json)
Hash identifier: Xt7RQgnuH887M1FQWTDOPxjeMygnc7rAydMOx8h70Qw=
Subject key identifier: C0:AA:4D:BD:01:48:EB:3C:CF:30:47:AC:FA:69:F5:75:61:EE:24:12
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 186A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wKpNvQFI6zzPMEes-mn1dWHuJBI.roa
Signing time: Sun 08 Jun 2025 15:09:35 +0000
ROA not before: Sun 08 Jun 2025 15:09:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6250 (0x186a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 15:09:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C0AA4DBD0148EB3CCF3047ACFA69F57561EE2412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:80:f7:e5:b7:26:dc:3d:c3:02:3d:22:03:34:
8c:b2:a8:07:6d:42:18:04:81:bd:7b:09:03:10:84:
ec:56:a7:ed:dc:8e:e9:13:46:22:14:40:48:87:e1:
c8:f4:64:75:0c:4d:08:10:0b:ff:a4:f8:81:ec:b7:
77:91:89:9e:3f:b4:b7:73:00:50:11:83:b7:52:1e:
fe:17:3c:e4:9b:35:b7:89:a6:a9:92:b2:22:9d:12:
9f:a1:f8:27:32:59:9d:42:97:3f:62:1e:4e:a3:5f:
1d:42:a0:d0:de:d2:fc:4e:7a:a4:8e:25:06:cd:d6:
ef:c9:f0:49:67:87:e9:d2:12:95:5b:3a:ce:7f:36:
ef:de:f3:01:98:66:a4:20:f0:a7:97:38:69:0a:42:
d8:dd:b8:0a:dc:5a:bb:4f:a4:1e:7a:fd:8f:55:af:
47:fa:20:36:5b:2a:27:78:64:f7:3d:7a:2c:e9:55:
46:c8:53:a6:08:a9:76:3b:89:bf:bf:83:9f:2e:60:
31:f3:73:84:ec:10:72:8c:c3:49:9a:58:26:77:f9:
32:04:ee:da:1b:ea:8d:23:62:2f:68:6d:1b:3c:1c:
1e:4c:7b:d4:a3:e6:7e:b1:b3:f1:bd:90:87:7b:3f:
38:cc:f3:f0:db:fb:43:8e:e6:bd:d3:27:59:cb:80:
84:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:AA:4D:BD:01:48:EB:3C:CF:30:47:AC:FA:69:F5:75:61:EE:24:12
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wKpNvQFI6zzPMEes-mn1dWHuJBI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:bc:62:9e:b7:bd:5b:a3:c9:68:a1:cb:06:49:0f:ce:91:38:
94:a3:25:12:bc:2c:67:b0:7d:2f:ce:19:90:8a:8d:db:7d:88:
24:65:d4:5e:eb:f0:32:95:78:51:25:e1:63:d1:3b:a1:76:2f:
ae:52:10:e6:94:8c:f8:9b:06:55:0d:3d:0c:3e:13:5d:65:28:
4a:57:e9:d7:3d:73:41:d7:ab:3e:6c:53:5e:6e:37:61:99:ef:
63:7e:e9:fc:ca:0a:ed:6c:48:b2:16:3e:3d:d7:ce:41:7e:3c:
2e:35:03:a1:d4:0c:a0:0b:59:a6:53:c4:1e:57:ce:dc:d8:1d:
62:a1:11:0c:9d:30:63:48:a3:ee:ed:1d:77:b6:37:d7:f8:fd:
0f:dd:d3:16:b6:f7:aa:d5:2a:e0:4f:66:77:12:cc:1f:16:8f:
c6:1d:77:6f:48:2e:e9:d3:24:dd:7b:dc:a6:d7:b5:f8:71:1b:
c2:21:1a:30:ea:ba:51:57:88:b4:53:5a:00:ac:77:1c:10:ff:
13:9d:44:6e:a0:98:c7:68:b2:09:c7:85:52:12:fe:05:a3:53:
fd:09:1a:c6:03:f9:89:2c:93:e2:8e:ef:c9:ec:a4:bc:68:d5:
4a:5a:2d:39:72:54:ad:c5:4c:e6:94:82:a8:f7:cc:83:a9:a6:
30:cf:18:0f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGGowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgx
NTA5MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwQUE0REJEMDE0OEVC
M0NDRjMwNDdBQ0ZBNjlGNTc1NjFFRTI0MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZgPfltybcPcMCPSIDNIyyqAdtQhgEgb17CQMQhOxWp+3cjukT
RiIUQEiH4cj0ZHUMTQgQC/+k+IHst3eRiZ4/tLdzAFARg7dSHv4XPOSbNbeJpqmS
siKdEp+h+CcyWZ1Clz9iHk6jXx1CoNDe0vxOeqSOJQbN1u/J8Elnh+nSEpVbOs5/
Nu/e8wGYZqQg8KeXOGkKQtjduArcWrtPpB56/Y9Vr0f6IDZbKid4ZPc9eizpVUbI
U6YIqXY7ib+/g58uYDHzc4TsEHKMw0maWCZ3+TIE7tob6o0jYi9obRs8HB5Me9Sj
5n6xs/G9kId7PzjM8/Db+0OO5r3TJ1nLgIRxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwKpNvQFI6zzPMEes+mn1dWHuJBIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93S3BOdlFGSTZ6elBNRWVz
LW1uMWRXSHVKQkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACG8Yp63vVujyWihywZJD86ROJSjJRK8LGew
fS/OGZCKjdt9iCRl1F7r8DKVeFEl4WPRO6F2L65SEOaUjPibBlUNPQw+E11lKEpX
6dc9c0HXqz5sU15uN2GZ72N+6fzKCu1sSLIWPj3XzkF+PC41A6HUDKALWaZTxB5X
ztzYHWKhEQydMGNIo+7tHXe2N9f4/Q/d0xa296rVKuBPZncSzB8Wj8Ydd29ILunT
JN173KbXtfhxG8IhGjDqulFXiLRTWgCsdxwQ/xOdRG6gmMdosgnHhVIS/gWjU/0J
GsYD+Yksk+KO78nspLxo1UpaLTlyVK3FTOaUgqj3zIOppjDPGA8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 04:04:55 2025 by rpki-client