Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4A_2HgPKtSAavgbNpIr4wIaLlA4.roa
File: 4A_2HgPKtSAavgbNpIr4wIaLlA4.roa (raw, json)
Hash identifier: WpkhtKTm0CiXe2ILTSin9G5KQI6aY0vX8N9EI987WI8=
Subject key identifier: E0:0F:F6:1E:03:CA:B5:20:1A:BE:06:CD:A4:8A:F8:C0:86:8B:94:0E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E56
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4A_2HgPKtSAavgbNpIr4wIaLlA4.roa
Signing time: Mon 16 Jun 2025 12:40:00 +0000
ROA not before: Mon 16 Jun 2025 12:40:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7766 (0x1e56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 12:40:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E00FF61E03CAB5201ABE06CDA48AF8C0868B940E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c9:32:fc:b6:dd:a8:31:31:76:1c:f0:cb:11:
51:46:01:5c:ba:c2:5d:50:77:a3:43:a4:c2:c7:7a:
60:98:4d:20:07:e2:df:75:08:66:a4:ae:e2:b9:09:
60:3b:fa:59:9a:1c:17:85:28:37:ca:de:5c:e6:13:
1c:4f:70:49:71:45:8a:9a:44:1f:f8:50:8f:85:78:
4a:43:af:ce:e0:10:88:ee:a5:ea:63:59:9f:e8:cc:
b4:26:89:e0:61:9b:69:bb:e5:c2:3c:21:62:73:c6:
57:da:bd:54:c7:fa:6a:a0:6a:38:86:26:a9:65:98:
78:52:fe:09:af:17:7e:2a:72:c5:a5:78:eb:fa:1f:
e8:d8:1f:46:78:c2:7c:5b:38:05:75:1b:ac:f5:b0:
4a:c4:ef:2a:ec:14:44:d2:be:cf:8a:3d:aa:f2:c8:
b5:64:79:2f:61:9f:bf:15:35:70:9c:e2:ad:82:10:
42:cf:9b:0a:38:30:95:94:fd:77:ef:dc:f9:49:0a:
a1:67:c6:7e:eb:42:01:a8:bd:93:92:d9:ac:10:ff:
3e:15:eb:42:8e:1d:8d:cc:8e:a9:87:27:30:62:7a:
f2:9a:5c:8a:fd:e5:86:47:3c:b9:53:c7:c3:53:4e:
c3:46:c9:46:b0:e9:ae:52:56:e8:a8:8b:9a:9f:a8:
fd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0F:F6:1E:03:CA:B5:20:1A:BE:06:CD:A4:8A:F8:C0:86:8B:94:0E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4A_2HgPKtSAavgbNpIr4wIaLlA4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:fa:2b:6b:d7:ab:9e:32:65:62:05:1c:40:4c:da:6e:e5:7a:
f4:63:78:42:8b:4e:c8:79:71:85:ce:7a:a1:da:4b:d2:49:74:
19:56:b9:54:cd:d4:d6:bc:9d:ce:cf:75:32:f7:70:ec:d8:60:
a6:82:03:30:79:a1:7c:7c:bd:d9:9b:54:47:d3:a6:70:1d:a6:
c0:67:44:d9:45:ac:89:78:2d:b7:c0:73:64:27:25:b0:7f:fb:
3c:37:2f:26:20:26:79:fa:a9:9f:e3:04:b1:21:f3:30:90:9b:
5f:3f:69:d9:d7:d3:74:aa:9c:0f:38:5a:d0:0e:52:40:ce:e5:
68:8a:1d:34:18:a0:43:1f:3f:aa:09:fd:90:c9:a9:79:a9:7f:
41:a7:fa:5a:58:4b:30:11:03:92:72:e0:db:4b:4c:86:f4:c2:
d0:da:e7:51:6c:92:54:04:c2:f4:30:02:a6:30:4f:bb:96:a1:
c2:a8:50:e7:4a:04:2e:49:45:71:84:10:15:26:a7:ea:ad:9d:
b2:e0:82:41:eb:7d:3c:ba:c5:23:35:6e:55:b6:42:dc:d8:56:
84:c2:05:df:59:33:77:d7:fe:ad:34:6f:8c:4f:bf:5f:81:41:
89:2e:5b:3f:a0:b3:d5:92:78:d7:dc:ff:6e:5b:cd:72:c3:10:
61:c9:0f:dd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHlYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
MjQwMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUwMEZGNjFFMDNDQUI1
MjAxQUJFMDZDREE0OEFGOEMwODY4Qjk0MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkyTL8tt2oMTF2HPDLEVFGAVy6wl1Qd6NDpMLHemCYTSAH4t91
CGakruK5CWA7+lmaHBeFKDfK3lzmExxPcElxRYqaRB/4UI+FeEpDr87gEIjupepj
WZ/ozLQmieBhm2m75cI8IWJzxlfavVTH+mqgajiGJqllmHhS/gmvF34qcsWleOv6
H+jYH0Z4wnxbOAV1G6z1sErE7yrsFETSvs+KParyyLVkeS9hn78VNXCc4q2CEELP
mwo4MJWU/Xfv3PlJCqFnxn7rQgGovZOS2awQ/z4V60KOHY3MjqmHJzBievKaXIr9
5YZHPLlTx8NTTsNGyUaw6a5SVuioi5qfqP0pAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4A/2HgPKtSAavgbNpIr4wIaLlA4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80QV8ySGdQS3RTQWF2Z2JO
cElyNHdJYUxsQTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGX6K2vXq54yZWIFHEBM2m7levRjeEKLTsh5
cYXOeqHaS9JJdBlWuVTN1Na8nc7PdTL3cOzYYKaCAzB5oXx8vdmbVEfTpnAdpsBn
RNlFrIl4LbfAc2QnJbB/+zw3LyYgJnn6qZ/jBLEh8zCQm18/adnX03SqnA84WtAO
UkDO5WiKHTQYoEMfP6oJ/ZDJqXmpf0Gn+lpYSzARA5Jy4NtLTIb0wtDa51FsklQE
wvQwAqYwT7uWocKoUOdKBC5JRXGEEBUmp+qtnbLggkHrfTy6xSM1blW2QtzYVoTC
Bd9ZM3fX/q00b4xPv1+BQYkuWz+gs9WSeNfc/25bzXLDEGHJD90=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:03:31 2025 by rpki-client