Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BgLlKHHCa1mPgsioOwAW63-MLzY.roa
File: BgLlKHHCa1mPgsioOwAW63-MLzY.roa (raw, json)
Hash identifier: LcYCTsy8mLAczffWpiQIF6+j89H3x2d1d3oWDKv7Gcc=
Subject key identifier: 06:02:E5:28:71:C2:6B:59:8F:82:C8:A8:3B:00:16:EB:7F:8C:2F:36
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E3E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BgLlKHHCa1mPgsioOwAW63-MLzY.roa
Signing time: Mon 16 Jun 2025 09:40:01 +0000
ROA not before: Mon 16 Jun 2025 09:40:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7742 (0x1e3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 09:40:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0602E52871C26B598F82C8A83B0016EB7F8C2F36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:11:4f:a8:fa:af:ec:36:d9:d0:31:c5:bb:68:
86:56:f5:72:d0:73:a3:40:8c:c3:f6:c9:c2:ab:6c:
38:30:8d:cd:ba:48:0c:af:0e:9c:86:a8:35:13:49:
3a:5d:10:70:f5:c9:8d:bd:f5:de:ae:1c:95:5d:ba:
a5:68:aa:e4:81:86:6d:09:56:af:89:a6:47:b4:dd:
34:96:8f:7b:98:14:5f:09:56:d3:27:aa:ab:d1:8c:
25:30:41:a9:aa:b3:57:b1:53:29:2b:64:b5:c1:1c:
f1:b5:4a:63:5e:f3:4c:a8:14:dc:c1:ca:85:49:1e:
af:1f:41:5e:0e:f9:57:98:0b:05:cd:01:05:60:b3:
f6:9b:d2:ae:27:54:c4:7d:e0:4f:a9:5e:37:c5:97:
ee:64:5d:f0:8e:ea:75:be:e4:8d:73:eb:3f:55:74:
7a:84:20:fd:36:ef:8f:21:f9:2c:06:e6:1f:d6:5d:
7d:eb:04:97:d2:91:af:16:ec:ee:0b:b6:b4:3d:ee:
cf:9c:3e:95:ca:4f:7e:a3:43:01:4e:69:59:c1:34:
86:2a:62:05:0f:ff:72:de:36:54:ce:e8:66:cb:05:
68:a6:3f:70:3f:6c:05:aa:93:84:d8:02:33:24:fe:
20:92:96:3f:e4:05:f3:08:da:e7:43:71:a6:1d:70:
dd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:02:E5:28:71:C2:6B:59:8F:82:C8:A8:3B:00:16:EB:7F:8C:2F:36
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BgLlKHHCa1mPgsioOwAW63-MLzY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:1a:ff:3f:1f:8b:45:c6:f6:f0:cc:9d:ba:d9:9b:d4:c9:3a:
81:b8:18:64:e1:62:23:93:91:ec:6f:e4:95:96:b9:56:33:08:
22:3a:5e:27:d9:5e:be:1a:79:cc:72:fb:33:90:29:a8:7a:e6:
95:8b:d2:a2:59:51:7a:47:c2:46:e8:d1:e4:bf:5d:b3:c3:b3:
da:d1:c3:cd:69:59:ad:e8:85:bf:b2:40:c3:4d:c1:26:06:b4:
5d:2e:93:ff:e1:2c:3b:25:20:d0:76:b8:e9:89:ba:78:2a:07:
b4:6e:1a:0d:bd:72:26:48:7a:f0:c4:88:3a:2a:21:04:e0:dc:
fb:5b:dc:bd:63:d0:e2:39:19:12:91:0f:f3:08:57:a0:44:bf:
66:ba:0f:cb:ab:95:c2:53:26:da:70:eb:65:de:f7:f7:fe:bb:
3b:bb:54:c8:9a:fa:0c:13:8f:6d:55:1f:72:89:40:d2:02:0e:
58:33:1d:fd:54:1d:ce:55:05:a8:8a:6f:99:01:12:22:64:77:
b3:86:4b:b7:a6:22:22:66:f3:fb:78:c3:4f:16:aa:bc:29:b5:
7e:ec:c2:f2:cf:fa:c2:c1:74:da:e4:ac:df:2b:91:4b:c1:2a:
4e:3a:bf:26:4e:9a:e0:7d:89:79:0a:7e:86:d2:fe:2b:25:cc:
18:cb:de:cb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
OTQwMDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2MDJFNTI4NzFDMjZC
NTk4RjgyQzhBODNCMDAxNkVCN0Y4QzJGMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAEU+o+q/sNtnQMcW7aIZW9XLQc6NAjMP2ycKrbDgwjc26SAyv
DpyGqDUTSTpdEHD1yY299d6uHJVduqVoquSBhm0JVq+Jpke03TSWj3uYFF8JVtMn
qqvRjCUwQamqs1exUykrZLXBHPG1SmNe80yoFNzByoVJHq8fQV4O+VeYCwXNAQVg
s/ab0q4nVMR94E+pXjfFl+5kXfCO6nW+5I1z6z9VdHqEIP02748h+SwG5h/WXX3r
BJfSka8W7O4LtrQ97s+cPpXKT36jQwFOaVnBNIYqYgUP/3LeNlTO6GbLBWimP3A/
bAWqk4TYAjMk/iCSlj/kBfMI2udDcaYdcN3hAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBgLlKHHCa1mPgsioOwAW63+MLzYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CZ0xsS0hIQ2ExbVBnc2lv
T3dBVzYzLU1Melkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABsa/z8fi0XG9vDMnbrZm9TJOoG4GGThYiOT
kexv5JWWuVYzCCI6XifZXr4aecxy+zOQKah65pWL0qJZUXpHwkbo0eS/XbPDs9rR
w81pWa3ohb+yQMNNwSYGtF0uk//hLDslINB2uOmJungqB7RuGg29ciZIevDEiDoq
IQTg3Ptb3L1j0OI5GRKRD/MIV6BEv2a6D8urlcJTJtpw62Xe9/f+uzu7VMia+gwT
j21VH3KJQNICDlgzHf1UHc5VBaiKb5kBEiJkd7OGS7emIiJm8/t4w08WqrwptX7s
wvLP+sLBdNrkrN8rkUvBKk46vyZOmuB9iXkKfobS/islzBjL3ss=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:04 2025 by rpki-client