Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/B8djf36PfV1kaapkan5zssiuV7Y.roa
File: B8djf36PfV1kaapkan5zssiuV7Y.roa (raw, json)
Hash identifier: YuVgTpROEnvmtQkL/AM5Bbkv+rDCqlFsy8WL7ZQVLDs=
Subject key identifier: 07:C7:63:7F:7E:8F:7D:5D:64:69:AA:64:6A:7E:73:B2:C8:AE:57:B6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F52
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B8djf36PfV1kaapkan5zssiuV7Y.roa
Signing time: Tue 17 Jun 2025 20:18:51 +0000
ROA not before: Tue 17 Jun 2025 20:18:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8018 (0x1f52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 20:18:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=07C7637F7E8F7D5D6469AA646A7E73B2C8AE57B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:15:f1:15:f5:12:44:22:46:06:13:63:98:30:
b7:b8:a2:9f:ee:ba:c4:d7:d8:76:d9:ff:fd:16:79:
4f:75:a2:db:34:2b:23:56:63:95:94:d7:0c:a6:23:
83:5f:44:73:42:65:a7:c7:4a:ac:3d:a3:fa:29:56:
3c:32:f2:09:1d:51:77:28:a4:fd:97:05:7b:6b:ad:
ab:0e:5f:6f:b7:27:b6:a5:08:40:c5:8a:1b:7f:88:
11:19:41:2a:11:f6:4e:78:e2:7d:67:c9:5b:44:fc:
e3:5a:fe:b1:50:c3:b7:f7:5e:57:d7:09:61:01:ba:
f5:11:f8:99:33:f7:cd:94:92:72:31:c1:c8:f7:8d:
0c:c8:41:1d:18:12:df:fd:e1:b7:bf:23:8a:5f:d8:
48:29:5a:8f:34:e6:7d:51:c4:8c:55:47:c8:4f:05:
7a:7d:a8:56:42:6e:ee:33:9b:eb:36:94:03:73:3a:
03:38:58:83:84:0a:00:62:f7:c8:f6:d1:b2:ab:82:
b9:95:44:71:07:77:77:3a:90:49:91:0c:58:1a:af:
3e:9e:fc:5a:b6:93:56:e9:21:2d:5a:88:40:62:46:
d4:5c:03:23:95:5a:e7:a7:57:a0:e3:a4:ee:db:04:
3c:20:2e:d7:71:14:96:1b:ea:b0:92:eb:9e:58:d7:
be:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C7:63:7F:7E:8F:7D:5D:64:69:AA:64:6A:7E:73:B2:C8:AE:57:B6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B8djf36PfV1kaapkan5zssiuV7Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:e1:2c:be:e2:1c:23:ea:79:56:b0:3b:84:06:6c:73:f8:e5:
4c:e0:1e:7b:25:88:d8:63:ff:d6:82:5b:b6:6e:d1:e8:ba:c7:
63:5b:26:af:2c:f6:06:1b:b0:af:f5:8e:81:95:3d:f0:f4:4f:
51:2d:ae:62:65:1b:b9:6a:8c:aa:63:8e:03:95:78:97:55:36:
0f:86:2a:72:a2:ab:1e:87:30:6b:43:00:70:fb:64:17:1c:9d:
9e:86:20:b1:45:19:8d:55:9b:74:b2:cb:f1:7f:7e:19:62:99:
88:45:42:22:5f:d7:6b:f1:13:b1:41:c8:a2:27:c4:34:cf:6e:
f3:c4:2a:5d:02:67:02:8a:2c:20:4d:77:15:d4:fd:1c:66:6b:
ed:c4:62:75:d4:d3:5b:49:ea:16:07:e5:b8:72:73:9f:13:4b:
cf:32:95:f6:f4:4d:c9:f3:10:7a:f3:70:b8:6f:75:ee:f2:23:
98:5b:97:16:1d:c2:d9:67:1f:df:e3:0f:6e:9b:a9:5d:e7:23:
60:f5:79:1b:e1:76:18:69:da:11:06:24:db:ca:ff:6c:6a:56:
37:de:99:30:0a:76:df:ca:64:e6:01:af:91:99:6e:45:2a:70:
b2:5c:7c:e2:b7:d3:68:dd:d7:6e:22:c2:1d:18:90:bc:09:05:
9a:d5:b1:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcy
MDE4NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA3Qzc2MzdGN0U4RjdE
NUQ2NDY5QUE2NDZBN0U3M0IyQzhBRTU3QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNFfEV9RJEIkYGE2OYMLe4op/uusTX2HbZ//0WeU91ots0KyNW
Y5WU1wymI4NfRHNCZafHSqw9o/opVjwy8gkdUXcopP2XBXtrrasOX2+3J7alCEDF
iht/iBEZQSoR9k544n1nyVtE/ONa/rFQw7f3XlfXCWEBuvUR+Jkz982UknIxwcj3
jQzIQR0YEt/94be/I4pf2EgpWo805n1RxIxVR8hPBXp9qFZCbu4zm+s2lANzOgM4
WIOECgBi98j20bKrgrmVRHEHd3c6kEmRDFgarz6e/Fq2k1bpIS1aiEBiRtRcAyOV
WuenV6DjpO7bBDwgLtdxFJYb6rCS655Y175RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUB8djf36PfV1kaapkan5zssiuV7YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9COGRqZjM2UGZWMWthYXBr
YW41enNzaXVWN1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGXhLL7iHCPqeVawO4QGbHP45UzgHnsliNhj
/9aCW7Zu0ei6x2NbJq8s9gYbsK/1joGVPfD0T1EtrmJlG7lqjKpjjgOVeJdVNg+G
KnKiqx6HMGtDAHD7ZBccnZ6GILFFGY1Vm3Syy/F/fhlimYhFQiJf12vxE7FByKIn
xDTPbvPEKl0CZwKKLCBNdxXU/Rxma+3EYnXU01tJ6hYH5bhyc58TS88ylfb0Tcnz
EHrzcLhvde7yI5hblxYdwtlnH9/jD26bqV3nI2D1eRvhdhhp2hEGJNvK/2xqVjfe
mTAKdt/KZOYBr5GZbkUqcLJcfOK302jd124iwh0YkLwJBZrVsYs=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:00 2025 by rpki-client