Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5P1_xJaNdI5EPESopUEvU5iSyiA.roa
File: 5P1_xJaNdI5EPESopUEvU5iSyiA.roa (raw, json)
Hash identifier: hQ0n0kdDv8LLBuAtQIWsMPKRBVL8BEmeDFu0mYsv164=
Subject key identifier: E4:FD:7F:C4:96:8D:74:8E:44:3C:44:A8:A5:41:2F:53:98:92:CA:20
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A7A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5P1_xJaNdI5EPESopUEvU5iSyiA.roa
Signing time: Wed 11 Jun 2025 09:09:46 +0000
ROA not before: Wed 11 Jun 2025 09:09:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6778 (0x1a7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 09:09:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E4FD7FC4968D748E443C44A8A5412F539892CA20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:37:a6:3e:b7:5e:4c:13:eb:9b:5d:2e:cf:
95:8b:87:0a:5c:71:32:d0:db:bd:21:fc:e0:b9:cf:
ad:8d:f6:a7:9b:9d:95:3b:16:a1:e7:a0:d6:aa:9c:
e9:29:bf:1b:79:45:4d:7a:d3:e4:81:fd:68:ed:f7:
d1:47:50:54:c1:83:8a:ee:94:94:36:95:b9:d4:33:
3c:aa:a9:99:ea:30:30:b8:f4:b6:15:22:fa:16:74:
b1:e5:43:0d:80:33:bd:00:65:69:b1:b4:4a:d7:14:
9f:0e:d1:d4:8c:e0:db:cc:b2:63:b2:34:13:79:f4:
f3:4a:70:12:96:9f:4b:81:30:8b:d9:ca:7d:47:ff:
45:87:e3:ad:63:d5:55:0b:49:0d:4d:b8:c9:8c:8a:
54:05:1b:c3:03:85:ab:21:9e:87:0a:1f:e3:82:d3:
53:24:17:9e:07:de:10:7e:b0:ac:3b:a7:1f:d9:c6:
a8:7e:a9:90:de:ea:a6:44:03:2e:4e:0f:16:86:8b:
58:2c:f0:f3:85:0e:4f:73:51:b3:71:aa:ff:c8:83:
36:d2:d4:04:b1:e2:89:8b:62:ac:0a:65:1d:4b:96:
6c:8c:5e:40:24:de:47:74:3c:24:cc:7a:91:40:49:
4b:b8:cf:74:7c:91:ff:f8:5e:26:2e:ee:3c:70:c2:
09:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FD:7F:C4:96:8D:74:8E:44:3C:44:A8:A5:41:2F:53:98:92:CA:20
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5P1_xJaNdI5EPESopUEvU5iSyiA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:eb:48:75:f4:e6:05:77:aa:47:f4:91:96:ea:99:c0:7c:de:
06:d5:b6:19:c7:30:0e:e7:fb:00:d5:88:e5:c9:ba:e0:f3:61:
32:bd:fc:53:76:83:41:65:02:e3:4f:96:14:b3:09:12:1b:e7:
b3:73:31:c2:2f:f8:a6:73:f9:8f:02:85:10:ba:31:f3:18:b9:
f9:66:81:d6:a0:f5:6c:e1:0f:c1:35:57:11:ed:9b:8f:a3:31:
ff:6b:63:6c:4e:40:27:59:4d:fa:67:c0:73:b0:89:ed:a1:0d:
1f:e5:1d:78:e5:35:c0:7e:83:fe:be:0f:aa:9a:3d:6c:27:3b:
ab:32:23:53:b9:d7:32:02:91:ea:e0:ef:57:a2:8c:9a:45:91:
b5:ec:7e:f1:84:f7:c1:31:58:48:a0:2e:de:06:1f:21:3d:95:
b0:bd:53:06:51:77:1f:02:35:25:e1:e6:76:87:ba:37:30:95:
e9:52:73:e1:1c:0a:0a:33:25:15:ed:23:95:04:37:45:67:67:
1f:6a:63:6d:9e:4e:66:3e:2f:47:4c:80:d6:11:ce:e6:e8:f5:
fc:89:1b:6f:31:1a:36:a8:33:e6:ce:b5:09:4e:dd:2c:f2:af:
41:c1:24:b6:51:db:5b:f6:08:d4:29:a2:0e:8c:87:6d:4d:12:
9a:cd:1e:78
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
OTA5NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU0RkQ3RkM0OTY4RDc0
OEU0NDNDNDRBOEE1NDEyRjUzOTg5MkNBMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr5zemPrdeTBPrm10uz5WLhwpccTLQ270h/OC5z62N9qebnZU7
FqHnoNaqnOkpvxt5RU160+SB/Wjt99FHUFTBg4rulJQ2lbnUMzyqqZnqMDC49LYV
IvoWdLHlQw2AM70AZWmxtErXFJ8O0dSM4NvMsmOyNBN59PNKcBKWn0uBMIvZyn1H
/0WH461j1VULSQ1NuMmMilQFG8MDhashnocKH+OC01MkF54H3hB+sKw7px/Zxqh+
qZDe6qZEAy5ODxaGi1gs8POFDk9zUbNxqv/IgzbS1ASx4omLYqwKZR1LlmyMXkAk
3kd0PCTMepFASUu4z3R8kf/4XiYu7jxwwglXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5P1/xJaNdI5EPESopUEvU5iSyiAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81UDFfeEphTmRJNUVQRVNv
cFVFdlU1aVN5aUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAHrSHX05gV3qkf0kZbqmcB83gbVthnHMA7n
+wDViOXJuuDzYTK9/FN2g0FlAuNPlhSzCRIb57NzMcIv+KZz+Y8ChRC6MfMYuflm
gdag9WzhD8E1VxHtm4+jMf9rY2xOQCdZTfpnwHOwie2hDR/lHXjlNcB+g/6+D6qa
PWwnO6syI1O51zICkerg71eijJpFkbXsfvGE98ExWEigLt4GHyE9lbC9UwZRdx8C
NSXh5naHujcwlelSc+EcCgozJRXtI5UEN0VnZx9qY22eTmY+L0dMgNYRzubo9fyJ
G28xGjaoM+bOtQlO3Szyr0HBJLZR21v2CNQpog6Mh21NEprNHng=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:08:07 2025 by rpki-client