Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6ZAXs1L50r8Z-RjS2yCJtLwQYKs.roa
File: 6ZAXs1L50r8Z-RjS2yCJtLwQYKs.roa (raw, json)
Hash identifier: IAps0vN7zklLDlVg/X5ib7aSiAdOaDWfq5vhJ9yK9e0=
Subject key identifier: E9:90:17:B3:52:F9:D2:BF:19:F9:18:D2:DB:20:89:B4:BC:10:60:AB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12BE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6ZAXs1L50r8Z-RjS2yCJtLwQYKs.roa
Signing time: Sun 01 Jun 2025 01:39:08 +0000
ROA not before: Sun 01 Jun 2025 01:39:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4798 (0x12be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 01:39:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E99017B352F9D2BF19F918D2DB2089B4BC1060AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8f:2d:2c:75:88:56:e1:62:33:d2:f7:ec:ac:
01:20:e9:c8:a8:80:9e:d6:c1:fb:57:87:ff:05:c3:
4c:36:1a:3f:a7:02:d0:8a:4c:28:a5:76:bf:9f:e6:
aa:cf:36:5d:84:4d:70:0e:0a:38:3e:a4:45:e8:d1:
46:0d:c7:6a:45:fa:7e:8c:d6:c3:63:e8:16:aa:4d:
93:78:f5:2e:3d:37:53:64:6c:98:95:f8:44:1b:7c:
87:a7:fa:35:8c:02:97:48:6f:a1:9b:8e:de:b2:a5:
2c:e6:27:35:d9:92:98:b1:1f:9d:02:e1:20:b9:7e:
c9:15:e1:9f:aa:80:7c:97:2b:4a:71:a5:5c:0c:4a:
5e:a2:ed:0b:e7:a3:b2:f7:08:f5:af:69:c2:69:bb:
13:47:33:de:aa:fe:81:11:53:b2:01:77:c4:c9:ff:
0d:6e:a8:b6:16:71:8c:2d:40:c7:90:41:7f:2f:6e:
25:60:b9:fe:b8:17:f3:8b:ac:17:94:74:47:00:12:
50:52:45:75:4c:8e:63:41:29:81:2f:02:31:19:d5:
ee:48:14:0d:46:40:11:14:9a:6c:59:d2:d8:a5:a7:
6e:9e:ee:fb:1d:f1:02:38:78:28:97:44:40:bc:8c:
54:04:b5:ca:73:89:fc:bd:1f:23:88:54:f8:79:97:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:90:17:B3:52:F9:D2:BF:19:F9:18:D2:DB:20:89:B4:BC:10:60:AB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6ZAXs1L50r8Z-RjS2yCJtLwQYKs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:c6:90:8c:93:b9:3b:02:a7:2d:fe:11:ff:17:9b:0d:1a:47:
69:fa:2d:00:f1:24:3f:bf:c6:8d:20:a4:cd:34:c1:bf:df:99:
00:5f:b7:94:7a:09:b3:49:17:cd:ae:9f:87:94:a3:e6:54:19:
f1:8d:ce:57:e4:d1:9e:86:d3:4c:b1:d0:2e:69:69:ef:f9:1a:
10:cf:44:3d:a9:4a:5d:08:c7:f2:b7:34:18:54:66:b6:00:45:
eb:ed:61:84:d5:1f:c2:a0:63:f6:04:a4:79:c6:1d:05:b1:b1:
b9:23:4b:46:58:1d:f4:a1:69:3e:40:7c:d5:ef:c7:2f:a0:0b:
20:b2:d2:92:d6:c3:99:81:58:a5:58:ee:60:20:dc:9e:14:f0:
4e:9c:2e:eb:ae:89:ee:5a:b1:26:f8:0b:e7:73:59:73:a7:dc:
2a:df:56:0c:8e:55:96:db:f0:3f:cd:3c:5a:93:0b:0f:bd:7b:
4c:2a:f5:7b:69:15:68:b4:92:d4:44:7c:83:a2:fc:0b:e1:58:
01:2b:48:70:09:83:be:3b:96:29:7b:49:b3:2e:be:f6:89:c2:
2f:83:8a:ab:54:a8:fd:58:5d:ac:ee:18:20:f1:20:75:82:5f:
eb:21:e7:d2:96:d1:29:41:87:37:17:4d:75:24:36:7a:a5:04:
6b:7d:9c:80
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEw
MTM5MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU5OTAxN0IzNTJGOUQy
QkYxOUY5MThEMkRCMjA4OUI0QkMxMDYwQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCujy0sdYhW4WIz0vfsrAEg6ciogJ7WwftXh/8Fw0w2Gj+nAtCK
TCildr+f5qrPNl2ETXAOCjg+pEXo0UYNx2pF+n6M1sNj6BaqTZN49S49N1NkbJiV
+EQbfIen+jWMApdIb6Gbjt6ypSzmJzXZkpixH50C4SC5fskV4Z+qgHyXK0pxpVwM
Sl6i7Qvno7L3CPWvacJpuxNHM96q/oERU7IBd8TJ/w1uqLYWcYwtQMeQQX8vbiVg
uf64F/OLrBeUdEcAElBSRXVMjmNBKYEvAjEZ1e5IFA1GQBEUmmxZ0tilp26e7vsd
8QI4eCiXREC8jFQEtcpzify9HyOIVPh5l6KXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6ZAXs1L50r8Z+RjS2yCJtLwQYKswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82WkFYczFMNTByOFotUmpT
MnlDSnRMd1FZS3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHTGkIyTuTsCpy3+Ef8Xmw0aR2n6LQDxJD+/
xo0gpM00wb/fmQBft5R6CbNJF82un4eUo+ZUGfGNzlfk0Z6G00yx0C5pae/5GhDP
RD2pSl0Ix/K3NBhUZrYARevtYYTVH8KgY/YEpHnGHQWxsbkjS0ZYHfShaT5AfNXv
xy+gCyCy0pLWw5mBWKVY7mAg3J4U8E6cLuuuie5asSb4C+dzWXOn3CrfVgyOVZbb
8D/NPFqTCw+9e0wq9XtpFWi0ktREfIOi/AvhWAErSHAJg747lil7SbMuvvaJwi+D
iqtUqP1YXazuGCDxIHWCX+sh59KW0SlBhzcXTXUkNnqlBGt9nIA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:06:03 2025 by rpki-client