Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/1RKAkfDUuciHfDFJv56midlKiOw.roa
File: 1RKAkfDUuciHfDFJv56midlKiOw.roa (raw, json)
Hash identifier: paF28MzSX5sgAIytfGTC9Vtd+CrvtzkuVaMYRSR5uHo=
Subject key identifier: D5:12:80:91:F0:D4:B9:C8:87:7C:31:49:BF:9E:A6:89:D9:4A:88:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2196
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1RKAkfDUuciHfDFJv56midlKiOw.roa
Signing time: Sat 21 Jun 2025 08:11:45 +0000
ROA not before: Sat 21 Jun 2025 08:11:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8598 (0x2196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 08:11:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D5128091F0D4B9C8877C3149BF9EA689D94A88EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:25:25:3d:07:df:15:54:6b:9e:56:e0:f7:23:
15:b9:b2:86:99:5d:a9:e0:03:62:a6:ac:77:06:ab:
65:0b:ba:23:ff:d6:92:d2:8d:14:f9:b5:9c:c0:6a:
9c:87:8d:9d:d0:cb:3d:cb:74:96:03:52:3f:08:ec:
78:8c:02:a2:c6:e9:51:8d:17:bf:6e:c1:48:11:4f:
01:67:dc:8a:a7:94:bd:62:c3:58:1c:5d:47:84:d8:
bd:3b:5d:39:60:7f:cb:b6:9b:b8:01:51:82:ef:f0:
27:0e:6a:96:41:23:76:ee:85:c2:0f:4d:fd:17:82:
9c:ea:36:df:91:71:02:81:90:b0:23:4e:e2:5c:af:
11:b3:0e:23:38:83:2d:a7:1d:f5:d2:cb:4f:88:34:
a1:90:79:5d:4f:99:ed:11:bf:78:ec:74:b5:59:00:
e4:a9:b7:4f:f3:af:ef:ed:5f:67:f9:13:4e:28:fd:
7e:ae:35:d3:ca:5b:44:1d:55:78:4b:0e:92:30:20:
93:c1:9a:c0:5b:cc:60:fc:f1:dc:92:d8:39:2b:7e:
f5:8d:51:ba:52:36:88:80:6f:4f:4f:e8:c8:d8:1a:
56:eb:4a:60:fc:2b:9a:38:31:17:3a:5c:ac:5f:de:
5e:a7:68:e4:d6:08:22:c6:79:8c:81:e7:7e:02:df:
52:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:12:80:91:F0:D4:B9:C8:87:7C:31:49:BF:9E:A6:89:D9:4A:88:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1RKAkfDUuciHfDFJv56midlKiOw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:00:8c:82:f0:09:e4:f6:10:ca:27:b9:a5:a0:87:8a:c3:3b:
39:55:a0:d8:ce:82:1c:85:ba:71:8e:a0:fc:1d:86:24:8a:28:
0c:8b:d2:5c:7f:55:bc:f7:9e:5a:67:63:1f:b6:c3:89:09:00:
6b:ac:3d:75:c2:e2:f4:64:42:4a:cb:05:0c:32:b2:74:74:b6:
e5:5a:88:96:6e:bb:7b:ae:89:48:46:36:39:e7:ee:52:05:32:
97:85:26:76:c0:c8:52:bd:12:2e:5e:4e:c9:ae:3b:a1:a4:b7:
f1:bf:ae:14:54:4b:5e:40:6d:0e:6d:7c:50:24:a7:3d:f2:4e:
63:0f:8c:f4:cc:26:d6:89:9e:ef:e5:7f:82:6d:ff:05:23:c2:
a6:8c:fb:e5:6f:8e:6a:87:6a:6a:f4:f2:19:97:18:39:4d:a9:
df:ce:04:99:37:ab:33:71:aa:a0:8f:23:fe:b5:cc:6e:e6:0c:
75:17:68:4a:b9:d6:35:7b:f2:ba:ec:b6:8e:e7:36:4b:38:72:
e1:2f:fa:5f:c9:d3:0f:ed:86:ef:25:8f:90:3d:80:41:56:59:
64:07:1c:d4:dc:b0:ed:29:fd:5a:e0:29:86:fb:d1:19:f2:9e:
24:25:0d:23:1f:c5:06:03:cd:04:d8:f0:b1:0f:24:ab:36:e1:
a5:6b:78:1c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEw
ODExNDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ1MTI4MDkxRjBENEI5
Qzg4NzdDMzE0OUJGOUVBNjg5RDk0QTg4RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIJSU9B98VVGueVuD3IxW5soaZXangA2KmrHcGq2ULuiP/1pLS
jRT5tZzAapyHjZ3Qyz3LdJYDUj8I7HiMAqLG6VGNF79uwUgRTwFn3IqnlL1iw1gc
XUeE2L07XTlgf8u2m7gBUYLv8CcOapZBI3buhcIPTf0XgpzqNt+RcQKBkLAjTuJc
rxGzDiM4gy2nHfXSy0+INKGQeV1Pme0Rv3jsdLVZAOSpt0/zr+/tX2f5E04o/X6u
NdPKW0QdVXhLDpIwIJPBmsBbzGD88dyS2DkrfvWNUbpSNoiAb09P6MjYGlbrSmD8
K5o4MRc6XKxf3l6naOTWCCLGeYyB534C31ItAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU1RKAkfDUuciHfDFJv56midlKiOwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xUktBa2ZEVXVjaUhmREZK
djU2bWlkbEtpT3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABsAjILwCeT2EMonuaWgh4rDOzlVoNjOghyF
unGOoPwdhiSKKAyL0lx/Vbz3nlpnYx+2w4kJAGusPXXC4vRkQkrLBQwysnR0tuVa
iJZuu3uuiUhGNjnn7lIFMpeFJnbAyFK9Ei5eTsmuO6Gkt/G/rhRUS15AbQ5tfFAk
pz3yTmMPjPTMJtaJnu/lf4Jt/wUjwqaM++VvjmqHamr08hmXGDlNqd/OBJk3qzNx
qqCPI/61zG7mDHUXaEq51jV78rrsto7nNks4cuEv+l/J0w/thu8lj5A9gEFWWWQH
HNTcsO0p/VrgKYb70RnyniQlDSMfxQYDzQTY8LEPJKs24aVreBw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:11:52 2025 by rpki-client