Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-WKJab10VxlgPaeXaPEwenzhinE.roa
File: -WKJab10VxlgPaeXaPEwenzhinE.roa (raw, json)
Hash identifier: rzfDRXPqPCFP8Mm5mSkZGpkWjILHRGuWGzIvRBkzsgg=
Subject key identifier: F9:62:89:69:BD:74:57:19:60:3D:A7:97:68:F1:30:7A:7C:E1:8A:71
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2246
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-WKJab10VxlgPaeXaPEwenzhinE.roa
Signing time: Sun 22 Jun 2025 06:12:40 +0000
ROA not before: Sun 22 Jun 2025 06:12:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8774 (0x2246)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 06:12:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F9628969BD745719603DA79768F1307A7CE18A71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:4a:52:ee:48:81:e0:2d:26:36:27:78:f6:
c1:6d:6f:af:86:9a:33:d7:01:38:ce:bd:aa:ac:76:
d0:ed:85:16:98:95:45:fc:49:a9:e3:25:c1:7c:f2:
32:c2:8a:97:8b:97:e5:bb:ab:69:72:58:b6:f9:7f:
cc:9c:09:0b:a5:a6:90:04:cc:c7:98:1a:83:46:75:
f8:6f:ec:4d:39:80:cc:56:e1:ac:9f:da:4a:bb:8a:
b6:98:d5:45:db:81:aa:f0:8a:20:1f:e7:54:34:5b:
6d:02:98:91:df:a5:31:5a:e7:72:22:d8:bf:2f:eb:
f7:dd:00:a0:6c:94:4c:f9:ab:f0:f7:09:0d:76:13:
13:32:3d:ce:b2:1e:65:2c:54:80:fd:75:15:98:37:
44:d3:a1:73:f5:8b:b2:41:95:a6:12:88:ac:b6:05:
ff:5a:e7:75:25:cc:c1:a5:82:88:2c:67:47:48:f4:
0d:cf:a4:d4:13:cd:de:f4:c8:fc:9c:7f:2f:44:31:
da:b0:6a:b0:70:c7:0d:65:c2:aa:f5:af:58:fe:34:
8a:9d:d9:94:6b:ab:99:b9:b3:69:84:e1:62:78:23:
cc:4c:45:15:78:52:50:09:99:72:88:bb:8d:52:69:
16:28:9a:70:73:00:bb:ab:ac:db:67:4f:77:c4:1f:
e5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:62:89:69:BD:74:57:19:60:3D:A7:97:68:F1:30:7A:7C:E1:8A:71
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-WKJab10VxlgPaeXaPEwenzhinE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:5e:8d:4c:6c:60:05:ca:cf:a3:fb:fa:c3:f3:85:60:13:b1:
d3:d4:fb:2d:a0:87:b9:75:f8:62:80:be:0b:2d:89:34:cd:fa:
d8:63:67:8f:e7:31:04:e7:f4:ff:66:c8:af:5e:a7:6d:15:ea:
18:73:95:cb:bc:c1:d7:e4:ef:59:35:16:09:28:4a:3a:c1:52:
b4:9c:c0:20:01:29:cd:15:9d:57:0d:44:64:61:8b:75:9c:69:
c3:e0:81:eb:9f:92:84:8f:bb:30:57:de:93:89:99:5e:39:29:
11:bd:53:2b:e3:78:f4:a0:8b:ba:1b:24:d3:8d:38:c0:08:42:
a5:90:79:10:8d:62:8e:8d:8c:5f:4e:17:7c:a6:7f:58:52:75:
72:02:81:55:4b:d8:e7:79:6b:2a:f6:ac:33:7a:4d:5d:b3:d6:
77:8e:94:87:e2:1e:f9:ea:f4:ec:10:bb:26:cc:3b:7a:a6:53:
50:a1:25:9d:ad:20:d2:08:9f:bc:2b:0d:c0:c4:07:4d:c7:ae:
e0:01:a6:e7:90:ea:f9:03:2f:6b:e9:a5:91:a0:f3:46:66:9d:
97:30:24:51:45:39:f9:6a:2c:68:a7:5a:de:ea:c4:b3:68:81:
35:2b:d9:86:8a:00:6d:03:d7:73:a8:31:45:c1:47:17:90:81:
e4:28:8e:b5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIkYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
NjEyNDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5NjI4OTY5QkQ3NDU3
MTk2MDNEQTc5NzY4RjEzMDdBN0NFMThBNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNmUpS7kiB4C0mNid49sFtb6+GmjPXATjOvaqsdtDthRaYlUX8
SanjJcF88jLCipeLl+W7q2lyWLb5f8ycCQulppAEzMeYGoNGdfhv7E05gMxW4ayf
2kq7iraY1UXbgarwiiAf51Q0W20CmJHfpTFa53Ii2L8v6/fdAKBslEz5q/D3CQ12
ExMyPc6yHmUsVID9dRWYN0TToXP1i7JBlaYSiKy2Bf9a53UlzMGlgogsZ0dI9A3P
pNQTzd70yPycfy9EMdqwarBwxw1lwqr1r1j+NIqd2ZRrq5m5s2mE4WJ4I8xMRRV4
UlAJmXKIu41SaRYomnBzALurrNtnT3fEH+WDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+WKJab10VxlgPaeXaPEwenzhinEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tV0tKYWIxMFZ4bGdQYWVY
YVBFd2VuemhpbkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ1ejUxsYAXKz6P7+sPzhWATsdPU+y2gh7l1
+GKAvgstiTTN+thjZ4/nMQTn9P9myK9ep20V6hhzlcu8wdfk71k1FgkoSjrBUrSc
wCABKc0VnVcNRGRhi3WcacPggeufkoSPuzBX3pOJmV45KRG9UyvjePSgi7obJNON
OMAIQqWQeRCNYo6NjF9OF3ymf1hSdXICgVVL2Od5ayr2rDN6TV2z1neOlIfiHvnq
9OwQuybMO3qmU1ChJZ2tINIIn7wrDcDEB03HruABpueQ6vkDL2vppZGg80ZmnZcw
JFFFOflqLGinWt7qxLNogTUr2YaKAG0D13OoMUXBRxeQgeQojrU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:35:01 2025 by rpki-client