Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/46dUQ4XbKe6AEyrG6X4bgF_-O5k.roa
File: 46dUQ4XbKe6AEyrG6X4bgF_-O5k.roa (raw, json)
Hash identifier: IVayYF1A1fiTERO1gs86K93zqJIw9ERj7WQUl1u0v94=
Subject key identifier: E3:A7:54:43:85:DB:29:EE:80:13:2A:C6:E9:7E:1B:80:5F:FE:3B:99
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2066
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/46dUQ4XbKe6AEyrG6X4bgF_-O5k.roa
Signing time: Thu 19 Jun 2025 13:01:18 +0000
ROA not before: Thu 19 Jun 2025 13:01:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8294 (0x2066)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 13:01:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E3A7544385DB29EE80132AC6E97E1B805FFE3B99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e3:31:3a:f3:e8:a2:bf:64:58:92:46:5b:a6:
f5:a8:cf:f0:0f:f3:8a:b3:85:78:8c:eb:7e:ee:8e:
0a:6f:cd:aa:c8:f7:21:38:fd:a0:66:5f:3e:8b:da:
f0:d8:70:49:6c:ce:ca:63:b9:ea:9d:9d:83:9c:43:
eb:cd:da:5b:5f:45:09:9f:ec:c6:1e:e2:e2:b9:a6:
9c:df:17:5d:a9:dd:42:1d:6a:3a:29:2d:37:44:ef:
de:00:3e:fa:50:d4:a2:98:b7:5e:4a:ef:8e:1e:1d:
8a:2d:07:b7:08:2b:60:ce:91:4d:50:a3:aa:63:57:
fd:a1:ab:e5:75:bd:8b:af:55:6e:eb:40:5f:9d:ed:
68:0e:6a:0a:4d:03:bb:07:a5:54:89:c7:50:30:e8:
2a:8a:1f:40:26:20:26:14:50:e1:b4:aa:bc:1c:11:
40:17:07:5e:e8:0c:3d:d9:7b:00:47:0f:78:bf:58:
e7:a1:eb:cb:00:7e:6f:63:9d:ef:52:f1:67:b6:ee:
49:04:d0:58:ae:67:80:6e:3e:cb:9d:9b:6b:9e:dc:
6a:be:61:8d:e9:f8:62:2e:3d:12:53:c8:9b:17:14:
8d:95:c0:e0:0d:fd:a8:e2:1e:f8:63:e5:23:2e:fb:
70:c7:6f:00:08:82:4e:71:e7:c8:3b:ec:7d:a9:ea:
30:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A7:54:43:85:DB:29:EE:80:13:2A:C6:E9:7E:1B:80:5F:FE:3B:99
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/46dUQ4XbKe6AEyrG6X4bgF_-O5k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:55:a7:ee:df:3d:55:a5:25:28:21:1e:f2:75:e4:d8:9b:1d:
72:da:ad:fe:de:0a:41:92:6f:b4:7b:09:6a:2f:c0:06:fb:80:
62:27:2a:f4:4b:54:7e:19:fd:7c:ea:8a:fb:6c:da:f0:75:fb:
09:35:94:17:c0:fe:ce:e9:f6:c4:c9:13:ff:d3:34:98:af:03:
ad:46:37:15:68:bf:51:dd:f3:f6:1b:33:64:9c:24:b1:86:8c:
c2:6b:61:a7:a0:31:17:4b:cf:ed:a6:1c:6c:54:cb:5d:52:96:
d4:35:8e:2c:8c:13:72:16:e0:e1:dd:e1:24:a1:4a:0c:3a:68:
67:97:db:2a:6d:5f:46:53:9b:9b:26:73:8b:4d:8a:bf:76:cd:
cd:cf:fb:b2:76:97:b4:bf:94:2a:d4:11:18:6f:f9:d7:a8:d3:
54:5c:de:bd:b1:3c:89:33:16:be:a2:0a:b0:12:8e:9b:9b:be:
fb:d5:11:b0:35:b0:bd:a5:de:db:b6:9f:dd:8d:2c:19:80:32:
e0:24:a5:9d:55:f0:81:9d:ab:15:45:c1:42:71:f5:be:5a:66:
c2:3d:8e:d4:1c:f6:dc:e4:1c:dd:d6:d9:f0:19:c9:d5:87:89:
c1:be:5f:eb:2c:c9:2b:a7:d9:ec:56:70:3f:73:23:ac:03:dc:
05:74:39:c0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
MzAxMThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUzQTc1NDQzODVEQjI5
RUU4MDEzMkFDNkU5N0UxQjgwNUZGRTNCOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDk4zE68+iiv2RYkkZbpvWoz/AP84qzhXiM637ujgpvzarI9yE4
/aBmXz6L2vDYcElszspjueqdnYOcQ+vN2ltfRQmf7MYe4uK5ppzfF12p3UIdajop
LTdE794APvpQ1KKYt15K744eHYotB7cIK2DOkU1Qo6pjV/2hq+V1vYuvVW7rQF+d
7WgOagpNA7sHpVSJx1Aw6CqKH0AmICYUUOG0qrwcEUAXB17oDD3ZewBHD3i/WOeh
68sAfm9jne9S8We27kkE0FiuZ4BuPsudm2ue3Gq+YY3p+GIuPRJTyJsXFI2VwOAN
/ajiHvhj5SMu+3DHbwAIgk5x58g77H2p6jB1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU46dUQ4XbKe6AEyrG6X4bgF/+O5kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80NmRVUTRYYktlNkFFeXJH
Nlg0YmdGXy1PNWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHFVp+7fPVWlJSghHvJ15NibHXLarf7eCkGS
b7R7CWovwAb7gGInKvRLVH4Z/Xzqivts2vB1+wk1lBfA/s7p9sTJE//TNJivA61G
NxVov1Hd8/YbM2ScJLGGjMJrYaegMRdLz+2mHGxUy11SltQ1jiyME3IW4OHd4SSh
Sgw6aGeX2yptX0ZTm5smc4tNir92zc3P+7J2l7S/lCrUERhv+deo01Rc3r2xPIkz
Fr6iCrASjpubvvvVEbA1sL2l3tu2n92NLBmAMuAkpZ1V8IGdqxVFwUJx9b5aZsI9
jtQc9tzkHN3W2fAZydWHicG+X+ssySun2exWcD9zI6wD3AV0OcA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:08:59 2025 by rpki-client