Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7k0Iqxsoc9ykQOdP81VhQrysFcY.roa
File: 7k0Iqxsoc9ykQOdP81VhQrysFcY.roa (raw, json)
Hash identifier: 5ZTvG+ofcQMdqwst7yqlAzUJOAv7pt+kh9uX/hhDsio=
Subject key identifier: EE:4D:08:AB:1B:28:73:DC:A4:40:E7:4F:F3:55:61:42:BC:AC:15:C6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 227A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7k0Iqxsoc9ykQOdP81VhQrysFcY.roa
Signing time: Sun 22 Jun 2025 12:41:49 +0000
ROA not before: Sun 22 Jun 2025 12:41:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8826 (0x227a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 12:41:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EE4D08AB1B2873DCA440E74FF3556142BCAC15C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d8:2b:76:ba:12:da:10:ae:f8:2e:25:a3:ee:
df:37:ab:2c:a7:5d:cc:c8:81:28:0c:41:8a:bc:22:
1b:93:fb:a8:da:f7:0f:ab:47:3f:7b:cc:92:47:1f:
05:f7:3e:22:42:07:6d:c5:7e:3e:6a:73:b7:d2:20:
45:29:9d:d5:5f:56:4e:44:d6:60:a7:40:c0:dd:8f:
ed:d5:cf:54:15:e8:28:cb:4d:9a:fe:46:96:f2:d1:
2b:e9:65:d6:bc:38:ce:98:38:8d:8e:8e:9f:29:90:
ab:a0:17:1d:07:15:f2:3b:47:66:e7:7d:6b:9c:88:
19:4f:2b:81:9d:e6:3c:bc:ed:45:5e:1a:05:b6:5e:
76:60:fe:d3:27:a5:7a:e9:a2:21:68:ff:6f:8f:7f:
6d:d7:72:9e:2a:4b:2d:3e:d1:5d:1f:dc:74:39:14:
e2:fb:ac:13:6c:30:0e:81:18:bd:ee:51:52:fb:5d:
40:80:d7:c2:24:21:2a:ff:f9:ea:ce:1a:79:ef:4c:
de:87:96:b6:69:1c:d2:f8:8a:2a:8d:85:c2:c3:be:
09:c1:af:e6:8f:43:1b:84:ef:e2:54:bc:12:5c:24:
c8:ab:57:2b:5f:a6:62:38:78:32:04:52:ea:d4:92:
03:46:cb:01:e5:dc:59:63:3f:2c:81:f0:9b:d5:16:
3d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4D:08:AB:1B:28:73:DC:A4:40:E7:4F:F3:55:61:42:BC:AC:15:C6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7k0Iqxsoc9ykQOdP81VhQrysFcY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:00:64:5d:a2:82:c7:10:df:13:6d:fd:b8:44:e9:50:d6:6c:
f7:29:ba:1b:e0:5e:87:ff:ac:aa:3e:79:7e:c4:0b:63:85:5b:
06:9e:53:0f:6e:46:4d:1d:88:8d:77:cc:a9:73:f3:d6:8a:9a:
a6:7b:20:bb:85:ae:ae:30:ea:a2:64:15:de:71:e8:1b:53:b0:
b0:16:cd:82:2c:b3:26:20:db:64:d8:a9:64:6e:05:e9:82:da:
c4:17:4d:c5:e9:ce:d8:b8:40:44:33:6d:fa:e2:c2:76:d1:7e:
2c:cd:1e:a8:a1:55:aa:72:df:fb:5a:7f:7c:e1:e7:c7:9b:65:
ad:cd:ea:b8:81:54:fa:01:31:5b:93:17:3f:45:da:f6:54:0f:
e3:65:37:3f:06:9d:37:81:8d:9a:f7:9d:c0:83:d4:5a:36:44:
b7:6a:53:1b:7a:6f:b6:9a:7e:8a:5d:4a:fa:93:f9:f5:51:d5:
a1:96:64:3f:f5:6b:90:f2:4b:ec:04:8d:10:fa:a3:be:3d:ae:
fe:ed:76:06:73:3d:41:33:a7:32:ed:27:91:bb:f7:12:7a:ce:
02:19:1b:b5:b9:f8:5f:3e:49:05:5e:04:21:64:de:da:02:3f:
41:02:8a:a5:b5:fd:1e:e6:64:5d:87:a2:17:3a:aa:3b:5a:c5:
c5:25:eb:7a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICInowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
MjQxNDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVFNEQwOEFCMUIyODcz
RENBNDQwRTc0RkYzNTU2MTQyQkNBQzE1QzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq2Ct2uhLaEK74LiWj7t83qyynXczIgSgMQYq8IhuT+6ja9w+r
Rz97zJJHHwX3PiJCB23Ffj5qc7fSIEUpndVfVk5E1mCnQMDdj+3Vz1QV6CjLTZr+
Rpby0SvpZda8OM6YOI2Ojp8pkKugFx0HFfI7R2bnfWuciBlPK4Gd5jy87UVeGgW2
XnZg/tMnpXrpoiFo/2+Pf23Xcp4qSy0+0V0f3HQ5FOL7rBNsMA6BGL3uUVL7XUCA
18IkISr/+erOGnnvTN6HlrZpHNL4iiqNhcLDvgnBr+aPQxuE7+JUvBJcJMirVytf
pmI4eDIEUurUkgNGywHl3FljPyyB8JvVFj3FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7k0Iqxsoc9ykQOdP81VhQrysFcYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83azBJcXhzb2M5eWtRT2RQ
ODFWaFFyeXNGY1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAAAZF2igscQ3xNt/bhE6VDWbPcpuhvgXof/
rKo+eX7EC2OFWwaeUw9uRk0diI13zKlz89aKmqZ7ILuFrq4w6qJkFd5x6BtTsLAW
zYIssyYg22TYqWRuBemC2sQXTcXpzti4QEQzbfriwnbRfizNHqihVapy3/taf3zh
58ebZa3N6riBVPoBMVuTFz9F2vZUD+NlNz8GnTeBjZr3ncCD1Fo2RLdqUxt6b7aa
fopdSvqT+fVR1aGWZD/1a5DyS+wEjRD6o749rv7tdgZzPUEzpzLtJ5G79xJ6zgIZ
G7W5+F8+SQVeBCFk3toCP0ECiqW1/R7mZF2Hohc6qjtaxcUl63o=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:36:35 2025 by rpki-client