Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zNRVfoKyu4bUa41AYB9YfUHfKgk.roa
File: zNRVfoKyu4bUa41AYB9YfUHfKgk.roa (raw, json)
Hash identifier: PMeQaqqpWJGYdjgw6amqpkyMBnNFNt8tYNXWOOrim5g=
Subject key identifier: CC:D4:55:7E:82:B2:BB:86:D4:6B:8D:40:60:1F:58:7D:41:DF:2A:09
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C06
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zNRVfoKyu4bUa41AYB9YfUHfKgk.roa
Signing time: Fri 23 May 2025 02:38:24 +0000
ROA not before: Fri 23 May 2025 02:38:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3078 (0xc06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 02:38:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CCD4557E82B2BB86D46B8D40601F587D41DF2A09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f7:3d:f2:06:07:a7:6a:73:f5:a5:05:73:78:
9d:7e:b1:e2:59:3d:d2:3a:cc:85:b4:fa:bf:4e:ed:
f0:3d:cc:2f:57:24:45:51:e3:46:ad:1a:87:31:2a:
5f:4f:b7:d0:52:4e:a0:09:21:dc:41:2d:63:bf:65:
0b:53:20:01:42:4d:78:a0:c2:35:af:fb:bc:46:b1:
51:7d:80:34:30:ea:69:ef:7e:6c:38:75:ca:42:98:
c5:26:b0:84:20:17:fb:db:ea:d8:c1:74:68:80:34:
07:34:95:64:81:8e:b5:cd:59:e9:45:1b:a1:6a:a0:
a4:3d:89:be:86:e0:43:4c:b2:fc:0b:d1:1e:c5:b5:
a9:93:20:34:2c:32:91:9b:bc:89:0b:62:21:84:07:
4b:b2:86:90:a0:fa:16:28:77:c9:33:5a:28:45:af:
25:00:a9:4a:ef:f7:37:ae:d8:58:fc:65:e0:80:4a:
e7:19:63:89:d3:15:3d:ab:73:88:ad:a8:31:4d:a9:
cc:5c:e4:42:2a:6d:3c:23:6a:9f:ac:af:e0:70:b8:
fc:98:10:95:aa:9e:80:94:6b:aa:85:02:c5:bc:bb:
34:e9:f1:db:7c:ed:4f:10:5c:07:e7:56:04:51:63:
cc:1b:31:63:f6:d1:9d:1a:eb:47:a2:ea:86:26:15:
4d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D4:55:7E:82:B2:BB:86:D4:6B:8D:40:60:1F:58:7D:41:DF:2A:09
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zNRVfoKyu4bUa41AYB9YfUHfKgk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:15:2e:41:02:d3:27:98:e4:b8:ca:49:f0:0e:ac:dd:1d:fd:
3d:1c:44:82:54:6c:fb:ce:0d:2f:8c:ab:96:e0:cc:50:49:44:
7b:1e:f9:1f:c9:d9:d9:e5:40:5b:b5:d5:9e:e3:bb:c4:2f:f8:
b7:df:42:a6:17:3c:06:b0:ee:ab:b7:b1:cd:a7:e7:7e:36:a6:
e8:e5:28:bd:4d:77:27:33:b8:9a:18:4f:b2:d7:b8:57:4f:79:
69:a9:02:4a:91:cf:a7:01:ad:cb:00:1b:c7:f8:c5:66:8e:15:
59:ab:60:3d:80:5e:b1:1a:70:f0:b0:40:ce:cb:4a:5a:26:d0:
fa:52:4e:ce:5f:e3:72:4d:7b:fe:f9:d3:b3:a9:e2:51:0b:c5:
cc:79:fe:78:74:d4:d2:6b:e7:ed:5b:58:40:e3:7b:3d:8e:e8:
20:46:1f:b3:1c:b3:4a:e2:80:f7:cc:6e:73:e0:6b:dc:11:63:
33:96:4b:de:79:99:40:e3:8b:c0:40:f4:10:ab:c8:16:7d:c1:
13:e5:a0:55:bb:eb:39:37:c0:28:86:e5:04:af:69:21:22:6d:
10:2e:34:d6:32:d5:87:06:62:72:d3:7d:c7:4c:2a:1e:02:ba:
ae:0f:62:c3:7b:85:55:f1:7b:83:23:a7:df:f4:6d:ae:81:d1:
15:6c:c1:56
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
MjM4MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENDRDQ1NTdFODJCMkJC
ODZENDZCOEQ0MDYwMUY1ODdENDFERjJBMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCT9z3yBgenanP1pQVzeJ1+seJZPdI6zIW0+r9O7fA9zC9XJEVR
40atGocxKl9Pt9BSTqAJIdxBLWO/ZQtTIAFCTXigwjWv+7xGsVF9gDQw6mnvfmw4
dcpCmMUmsIQgF/vb6tjBdGiANAc0lWSBjrXNWelFG6FqoKQ9ib6G4ENMsvwL0R7F
tamTIDQsMpGbvIkLYiGEB0uyhpCg+hYod8kzWihFryUAqUrv9zeu2Fj8ZeCASucZ
Y4nTFT2rc4itqDFNqcxc5EIqbTwjap+sr+BwuPyYEJWqnoCUa6qFAsW8uzTp8dt8
7U8QXAfnVgRRY8wbMWP20Z0a60ei6oYmFU3HAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzNRVfoKyu4bUa41AYB9YfUHfKgkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96TlJWZm9LeXU0YlVhNDFB
WUI5WWZVSGZLZ2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBALAVLkEC0yeY5LjKSfAOrN0d/T0cRIJUbPvO
DS+Mq5bgzFBJRHse+R/J2dnlQFu11Z7ju8Qv+LffQqYXPAaw7qu3sc2n5342pujl
KL1NdyczuJoYT7LXuFdPeWmpAkqRz6cBrcsAG8f4xWaOFVmrYD2AXrEacPCwQM7L
Slom0PpSTs5f43JNe/7507Op4lELxcx5/nh01NJr5+1bWEDjez2O6CBGH7Mcs0ri
gPfMbnPga9wRYzOWS955mUDji8BA9BCryBZ9wRPloFW76zk3wCiG5QSvaSEibRAu
NNYy1YcGYnLTfcdMKh4Cuq4PYsN7hVXxe4Mjp9/0ba6B0RVswVY=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:42:00 2025 by rpki-client