Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BBxmk1UkummUqR2ZaZPn3U9lmKk.roa
File: BBxmk1UkummUqR2ZaZPn3U9lmKk.roa (raw, json)
Hash identifier: ED4ChV8at01WkssRIugXK8EjY26erEvm1srbSJYEfIs=
Subject key identifier: 04:1C:66:93:55:24:BA:69:94:A9:1D:99:69:93:E7:DD:4F:65:98:A9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2272
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BBxmk1UkummUqR2ZaZPn3U9lmKk.roa
Signing time: Sun 22 Jun 2025 11:41:52 +0000
ROA not before: Sun 22 Jun 2025 11:41:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8818 (0x2272)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 11:41:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=041C66935524BA6994A91D996993E7DD4F6598A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:77:fc:d6:e9:c4:75:a5:78:bc:be:fe:3e:4d:
c5:0c:08:d5:f7:fc:ff:ab:09:36:c1:b2:96:27:42:
ff:e2:68:e6:fa:08:04:af:37:bd:ee:a6:aa:8b:fe:
e5:33:72:fa:f2:80:36:13:26:51:79:0d:fb:6a:f9:
e0:e1:5e:e2:84:88:65:8f:3d:e5:34:a7:5e:81:f0:
56:f3:bb:49:65:6e:40:ea:4e:b7:40:73:23:62:d4:
a5:ea:ba:b8:2d:92:cb:0b:65:37:b2:36:7b:0c:65:
ab:32:a0:09:05:9e:0c:b0:b9:ea:06:03:31:e0:71:
56:c4:ae:af:24:72:ea:dd:0d:ff:9f:e1:93:df:46:
a5:9c:7d:82:0a:ff:32:78:66:c5:d8:59:21:e6:82:
00:95:46:74:8a:c7:2e:d3:aa:7b:65:6e:e4:0b:e2:
5d:b6:69:db:e5:c1:9f:83:08:ef:32:91:74:cd:ff:
8e:52:8d:7f:f4:b5:ff:1e:73:e3:37:1a:5b:90:12:
d4:bf:de:fe:41:05:29:05:ab:0f:f5:96:53:a3:a9:
a3:b7:32:4f:d5:0a:00:eb:a2:30:46:fc:32:fa:f2:
f3:e7:9c:a2:5d:f1:e3:ae:a8:82:20:23:3e:99:7f:
21:ee:2f:f3:7a:61:4a:56:a7:a4:ee:c6:38:d5:66:
4e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1C:66:93:55:24:BA:69:94:A9:1D:99:69:93:E7:DD:4F:65:98:A9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BBxmk1UkummUqR2ZaZPn3U9lmKk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:69:4a:c7:63:41:94:f3:d6:13:bd:ba:d9:58:69:cf:37:52:
94:6b:8d:ca:c7:b8:b0:62:0b:02:29:ff:7d:02:d8:77:d8:12:
7b:7a:ef:e5:21:39:66:68:2b:9a:f0:0c:8b:c0:24:cd:64:de:
24:50:61:de:bd:69:1d:4f:c4:35:39:84:b1:1d:8b:1a:78:8e:
22:d5:5c:ed:ac:75:ac:2d:27:58:6d:fc:8d:80:81:28:6a:43:
28:14:dd:ed:a1:00:b3:d3:bf:e6:3e:2d:10:06:1a:fe:14:84:
7e:31:1c:ea:fa:21:c2:3f:10:18:bd:7f:f7:e7:fe:6e:fc:83:
b8:07:b1:05:26:63:ab:6a:0b:39:9c:c8:c5:ae:9d:21:6a:b2:
d3:05:99:33:37:1b:18:ca:06:90:74:ab:cd:3a:92:2e:a2:a6:
9b:eb:a5:50:f1:0f:6d:e5:d6:73:e7:85:30:84:9b:9c:3b:cb:
96:f1:ee:ec:63:6a:91:34:04:c0:b1:3d:a6:30:2f:42:e8:27:
24:f7:d4:02:f8:28:08:08:12:00:0f:f3:1b:f4:84:83:d2:fe:
05:03:6d:8c:2e:df:30:ba:b3:c7:b8:42:f0:6e:8f:12:18:67:
73:55:0a:56:55:7b:89:66:32:4f:fc:75:9f:7e:5d:4d:5e:3c:
0c:b4:d9:89
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICInIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
MTQxNTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA0MUM2NjkzNTUyNEJB
Njk5NEE5MUQ5OTY5OTNFN0RENEY2NTk4QTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvd/zW6cR1pXi8vv4+TcUMCNX3/P+rCTbBspYnQv/iaOb6CASv
N73upqqL/uUzcvrygDYTJlF5Dftq+eDhXuKEiGWPPeU0p16B8Fbzu0llbkDqTrdA
cyNi1KXqurgtkssLZTeyNnsMZasyoAkFngywueoGAzHgcVbErq8kcurdDf+f4ZPf
RqWcfYIK/zJ4ZsXYWSHmggCVRnSKxy7TqntlbuQL4l22advlwZ+DCO8ykXTN/45S
jX/0tf8ec+M3GluQEtS/3v5BBSkFqw/1llOjqaO3Mk/VCgDrojBG/DL68vPnnKJd
8eOuqIIgIz6ZfyHuL/N6YUpWp6TuxjjVZk4zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBBxmk1UkummUqR2ZaZPn3U9lmKkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CQnhtazFVa3VtbVVxUjJa
YVpQbjNVOWxtS2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAB1pSsdjQZTz1hO9utlYac83UpRrjcrHuLBi
CwIp/30C2HfYEnt67+UhOWZoK5rwDIvAJM1k3iRQYd69aR1PxDU5hLEdixp4jiLV
XO2sdawtJ1ht/I2AgShqQygU3e2hALPTv+Y+LRAGGv4UhH4xHOr6IcI/EBi9f/fn
/m78g7gHsQUmY6tqCzmcyMWunSFqstMFmTM3GxjKBpB0q806ki6ippvrpVDxD23l
1nPnhTCEm5w7y5bx7uxjapE0BMCxPaYwL0LoJyT31AL4KAgIEgAP8xv0hIPS/gUD
bYwu3zC6s8e4QvBujxIYZ3NVClZVe4lmMk/8dZ9+XU1ePAy02Yk=
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:09:59 2025 by rpki-client