Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0L6JvhIOqm5TpDkd47DmIP-y8oQ.roa
File: 0L6JvhIOqm5TpDkd47DmIP-y8oQ.roa (raw, json)
Hash identifier: 66SW70vt2RET45+BDAYPt/0GeZUNK0nmDPUH/K2g7Fw=
Subject key identifier: D0:BE:89:BE:12:0E:AA:6E:53:A4:39:1D:E3:B0:E6:20:FF:B2:F2:84
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F46
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0L6JvhIOqm5TpDkd47DmIP-y8oQ.roa
Signing time: Tue 17 Jun 2025 18:41:06 +0000
ROA not before: Tue 17 Jun 2025 18:41:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8006 (0x1f46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 18:41:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D0BE89BE120EAA6E53A4391DE3B0E620FFB2F284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:45:3a:df:f1:88:34:7f:32:eb:ee:92:72:85:
2b:00:26:e6:41:ee:43:8f:01:2b:09:26:11:75:30:
13:90:57:4f:c7:d1:66:75:af:45:e2:8d:99:ae:e3:
cd:57:7e:f8:5e:62:a0:a7:db:ac:cc:7e:fd:82:d5:
38:88:dc:ee:bc:fb:98:bd:de:44:96:e5:a9:57:cd:
da:d5:5e:cf:37:90:a8:01:74:81:1c:f3:01:fd:3f:
5c:bd:be:52:39:3d:58:7b:a2:0a:ff:3d:d4:79:cb:
a0:bf:02:fe:9f:59:87:4e:f9:ff:72:8d:65:62:18:
13:1f:e2:62:99:7a:0a:56:42:4a:cc:b6:23:9d:26:
87:8f:34:71:c6:51:c4:03:35:1d:73:f7:ff:1b:38:
70:5a:ce:52:00:a5:00:7b:a5:2f:d2:52:0d:a9:9b:
b2:ae:8a:de:e5:af:4d:d8:a2:c2:6b:97:bc:0d:be:
09:4a:1d:b3:58:fa:02:6f:b6:7a:ca:99:0f:3a:f7:
59:77:4c:9b:4c:07:d6:dc:e4:ba:e6:ed:d9:2d:ee:
3e:46:9f:80:e0:ca:15:22:13:dd:44:f1:05:06:08:
2f:46:34:10:26:1b:e9:ce:ba:78:68:b0:03:69:71:
31:9c:99:45:3c:4b:4b:66:c8:fd:b4:78:07:25:c1:
0c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:BE:89:BE:12:0E:AA:6E:53:A4:39:1D:E3:B0:E6:20:FF:B2:F2:84
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0L6JvhIOqm5TpDkd47DmIP-y8oQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:4f:61:19:2e:ea:65:2c:ec:20:2d:d4:7c:9c:bf:a4:bd:4c:
d4:f2:2c:0f:a9:b7:89:c3:d8:f7:7f:6c:3e:2d:fa:0d:8b:b6:
33:ed:a7:90:35:08:ba:4a:00:13:55:f5:19:db:e2:33:ac:c2:
f8:5a:8f:fc:ef:be:c6:de:77:ed:bd:1c:be:55:67:42:11:cc:
e5:75:27:c0:18:e7:94:41:c3:ba:36:81:1b:c7:56:d3:31:8b:
ce:21:30:d3:db:9d:74:91:5b:76:0d:a9:89:8c:d2:c0:44:3e:
09:ad:d7:d8:cf:c8:f0:02:d5:38:21:6b:88:a0:4b:1d:55:18:
a4:18:79:ff:a6:be:9b:44:d0:9d:64:4a:36:e3:9a:d8:49:e1:
9e:70:9d:27:f0:2d:6e:1f:bb:25:83:73:e2:88:c9:c3:80:9d:
2b:be:1b:97:80:9a:c6:5f:de:f6:d4:f5:c1:76:4a:d6:1c:1e:
0e:19:f7:22:11:9f:f5:97:e9:17:f2:c0:52:83:fa:77:80:cc:
f9:f0:1f:05:12:2c:2f:a7:78:d7:57:a4:f9:34:11:c0:60:3d:
3f:5c:fc:61:f8:7e:e1:5d:35:96:22:5f:64:ec:73:d3:eb:da:
9b:ae:d1:4a:99:dc:05:a5:32:73:60:04:f3:74:95:cd:45:bf:
e5:4f:71:90
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcx
ODQxMDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQwQkU4OUJFMTIwRUFB
NkU1M0E0MzkxREUzQjBFNjIwRkZCMkYyODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIRTrf8Yg0fzLr7pJyhSsAJuZB7kOPASsJJhF1MBOQV0/H0WZ1
r0XijZmu481XfvheYqCn26zMfv2C1TiI3O68+5i93kSW5alXzdrVXs83kKgBdIEc
8wH9P1y9vlI5PVh7ogr/PdR5y6C/Av6fWYdO+f9yjWViGBMf4mKZegpWQkrMtiOd
JoePNHHGUcQDNR1z9/8bOHBazlIApQB7pS/SUg2pm7Kuit7lr03YosJrl7wNvglK
HbNY+gJvtnrKmQ8691l3TJtMB9bc5Lrm7dkt7j5Gn4DgyhUiE91E8QUGCC9GNBAm
G+nOunhosANpcTGcmUU8S0tmyP20eAclwQzDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0L6JvhIOqm5TpDkd47DmIP+y8oQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wTDZKdmhJT3FtNVRwRGtk
NDdEbUlQLXk4b1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJJPYRku6mUs7CAt1Hycv6S9TNTyLA+pt4nD
2Pd/bD4t+g2LtjPtp5A1CLpKABNV9Rnb4jOswvhaj/zvvsbed+29HL5VZ0IRzOV1
J8AY55RBw7o2gRvHVtMxi84hMNPbnXSRW3YNqYmM0sBEPgmt19jPyPAC1Tgha4ig
Sx1VGKQYef+mvptE0J1kSjbjmthJ4Z5wnSfwLW4fuyWDc+KIycOAnSu+G5eAmsZf
3vbU9cF2StYcHg4Z9yIRn/WX6RfywFKD+neAzPnwHwUSLC+neNdXpPk0EcBgPT9c
/GH4fuFdNZYiX2Tsc9Pr2puu0UqZ3AWlMnNgBPN0lc1Fv+VPcZA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:17:01 2025 by rpki-client