Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-UbRCayzxXamssKh-O1fnOjYdqQ.roa
File: -UbRCayzxXamssKh-O1fnOjYdqQ.roa (raw, json)
Hash identifier: bpabpbDt0bIkX5AXT5+aSRnKEFZTdDEKvbZY4unmXbE=
Subject key identifier: F9:46:D1:09:AC:B3:C5:76:A6:B2:C2:A1:F8:ED:5F:9C:E8:D8:76:A4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1402
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-UbRCayzxXamssKh-O1fnOjYdqQ.roa
Signing time: Mon 02 Jun 2025 18:09:25 +0000
ROA not before: Mon 02 Jun 2025 18:09:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5122 (0x1402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 18:09:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F946D109ACB3C576A6B2C2A1F8ED5F9CE8D876A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:d6:62:b6:78:6f:7d:93:07:1e:dc:ff:eb:
83:b9:63:16:a2:f1:ea:02:8e:1c:56:bc:24:a9:4f:
47:69:a1:c5:d0:8d:47:4a:f7:55:85:e7:ae:e4:83:
65:25:e3:b9:53:8c:ce:b9:1a:b2:1e:b5:6d:50:c3:
ec:87:59:65:68:96:a3:38:86:49:46:89:65:ca:b1:
26:eb:60:d4:6e:7c:45:b4:15:f5:6f:af:b6:b5:5f:
da:73:71:f7:bb:07:5b:36:f2:c5:7b:95:71:83:bf:
7b:9f:c7:8f:bc:0b:3f:80:1c:8a:8a:4c:ce:2a:49:
06:af:64:e1:5b:83:ac:5f:f5:19:c0:a0:46:58:97:
83:1e:90:8f:2b:91:30:af:73:a5:d0:81:4d:61:ee:
a1:74:cf:3c:95:f3:83:06:fb:85:b9:b6:19:58:a8:
71:cc:5e:23:77:38:a1:a9:5c:00:ee:d5:95:d3:a1:
8f:6f:18:e0:77:8a:6f:3b:00:a8:2a:2f:97:8c:f0:
0c:37:90:52:f2:8a:d3:f4:3d:65:bc:ff:68:ca:3e:
4a:4e:99:db:3d:7f:ae:04:b6:d9:85:65:ed:0d:c9:
79:b2:28:3b:40:ff:1c:92:c3:c1:f2:f8:97:0f:44:
fd:11:a3:00:5d:d5:82:5a:c3:8b:d5:51:4a:f5:c1:
87:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:46:D1:09:AC:B3:C5:76:A6:B2:C2:A1:F8:ED:5F:9C:E8:D8:76:A4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-UbRCayzxXamssKh-O1fnOjYdqQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:62:d9:55:35:2f:9b:4f:f6:fa:45:3e:58:4a:29:70:88:e7:
65:ae:5e:b5:f6:91:bf:01:96:6f:c0:1e:32:78:c1:5f:18:39:
27:25:82:1d:a6:17:10:e0:f8:ec:40:7e:28:d3:06:7d:8d:8c:
03:f1:78:f3:f8:0e:39:f7:4f:55:9c:b0:ba:25:fa:e9:76:64:
8c:7e:b3:e9:2a:a9:e3:e6:1b:f5:7a:75:2d:af:30:8e:0f:67:
2f:11:59:ab:01:ce:cb:79:42:0b:d4:ad:43:b5:00:66:74:dc:
a9:82:7d:7f:f2:90:4c:c9:d3:67:bd:7e:08:1f:8c:e3:b3:09:
c0:14:be:14:20:6c:58:f4:69:27:79:c4:6e:1a:1d:ae:3c:96:
14:27:3a:b4:6d:23:eb:d0:ca:3d:5b:5f:51:f3:c7:db:36:79:
e4:3e:22:9b:93:0d:df:54:90:2c:29:cf:cf:e2:bd:06:33:54:
c4:6c:32:74:27:eb:4d:2a:a8:1f:a1:c8:79:0f:62:7d:70:32:
ab:e2:a9:97:71:e7:1a:6c:dc:8a:c6:37:b2:d9:ec:26:e8:9c:
2c:80:da:5c:f5:4d:b2:e0:92:20:d0:73:dc:eb:e5:02:17:19:
9f:94:f0:59:88:7d:72:70:49:0c:6d:8c:a4:66:ae:06:26:80:
21:ca:53:45
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
ODA5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5NDZEMTA5QUNCM0M1
NzZBNkIyQzJBMUY4RUQ1RjlDRThEODc2QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvkdZitnhvfZMHHtz/64O5Yxai8eoCjhxWvCSpT0dpocXQjUdK
91WF567kg2Ul47lTjM65GrIetW1Qw+yHWWVolqM4hklGiWXKsSbrYNRufEW0FfVv
r7a1X9pzcfe7B1s28sV7lXGDv3ufx4+8Cz+AHIqKTM4qSQavZOFbg6xf9RnAoEZY
l4MekI8rkTCvc6XQgU1h7qF0zzyV84MG+4W5thlYqHHMXiN3OKGpXADu1ZXToY9v
GOB3im87AKgqL5eM8Aw3kFLyitP0PWW8/2jKPkpOmds9f64EttmFZe0NyXmyKDtA
/xySw8Hy+JcPRP0RowBd1YJaw4vVUUr1wYfzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+UbRCayzxXamssKh+O1fnOjYdqQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tVWJSQ2F5enhYYW1zc0to
LU8xZm5PallkcVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ1i2VU1L5tP9vpFPlhKKXCI52WuXrX2kb8B
lm/AHjJ4wV8YOSclgh2mFxDg+OxAfijTBn2NjAPxePP4Djn3T1WcsLol+ul2ZIx+
s+kqqePmG/V6dS2vMI4PZy8RWasBzst5QgvUrUO1AGZ03KmCfX/ykEzJ02e9fggf
jOOzCcAUvhQgbFj0aSd5xG4aHa48lhQnOrRtI+vQyj1bX1Hzx9s2eeQ+IpuTDd9U
kCwpz8/ivQYzVMRsMnQn600qqB+hyHkPYn1wMqviqZdx5xps3IrGN7LZ7CbonCyA
2lz1TbLgkiDQc9zr5QIXGZ+U8FmIfXJwSQxtjKRmrgYmgCHKU0U=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:24:48 2025 by rpki-client