Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BooBAjA27cAPBhX_iPOCTSsfoFc.roa
File: BooBAjA27cAPBhX_iPOCTSsfoFc.roa (raw, json)
Hash identifier: rjyCzE8SO7S34sDrr92v6DyzDMgNdVTv/Pj5IOqOcMs=
Subject key identifier: 06:8A:01:02:30:36:ED:C0:0F:06:15:FF:88:F3:82:4D:2B:1F:A0:57
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FDA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BooBAjA27cAPBhX_iPOCTSsfoFc.roa
Signing time: Wed 18 Jun 2025 13:25:56 +0000
ROA not before: Wed 18 Jun 2025 13:25:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8154 (0x1fda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 13:25:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=068A01023036EDC00F0615FF88F3824D2B1FA057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:37:c0:6d:11:c3:e8:8b:a4:93:69:8f:83:c1:
58:bb:c8:86:38:34:c2:4b:b3:bd:0c:05:f7:b3:8f:
2b:5e:6c:66:20:1e:30:81:b3:40:6f:cf:d9:33:75:
db:ce:7c:e2:44:fb:1a:2c:54:d6:b3:fb:a2:6b:95:
74:8e:ef:2c:65:27:2e:ba:94:41:2e:e0:c2:46:bc:
7e:ea:37:4e:59:28:df:dd:df:2b:a1:ee:1b:39:bc:
5d:f9:e8:19:56:35:9e:66:e8:b1:74:c8:b0:f8:72:
7c:17:18:ed:61:70:be:96:34:53:3d:86:f6:23:9f:
f2:ac:f2:15:16:8e:8f:f7:25:2c:1e:a6:e9:ba:60:
84:08:bb:b6:a6:4b:40:91:dd:f7:17:db:d2:e4:4f:
07:2f:cd:81:7c:50:22:86:50:75:b6:db:d3:ca:c6:
3f:ea:bd:dc:d7:b1:7d:9a:ab:f2:b7:c4:e6:f2:e2:
cd:0c:4e:b1:d1:0e:81:20:6f:e4:68:ee:c9:a6:4c:
8f:d1:a2:f9:c5:25:86:dd:98:78:d7:d8:d9:38:77:
bd:a2:1f:eb:dd:80:99:0c:dc:56:df:d6:1b:47:cc:
6f:13:20:25:2e:fb:22:84:98:99:7d:e6:88:0b:d1:
03:54:d4:d9:74:0b:51:5c:46:a5:36:3d:86:7b:fb:
e5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8A:01:02:30:36:ED:C0:0F:06:15:FF:88:F3:82:4D:2B:1F:A0:57
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BooBAjA27cAPBhX_iPOCTSsfoFc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:0d:c0:1e:11:30:6d:9c:7b:4d:27:77:54:7d:b7:6d:49:60:
a0:d0:19:e1:49:aa:e3:5e:d3:d8:91:8f:4d:f1:e0:69:07:5e:
1a:a9:86:06:41:e0:76:90:f4:4f:cd:d6:b6:37:bc:95:4f:a7:
cb:ee:25:5f:61:7e:00:d8:f6:5a:c1:eb:4d:ad:7c:bf:0b:87:
e4:0f:73:4c:43:00:f9:90:4a:6e:31:0c:a9:43:6f:be:c2:09:
d6:81:3d:06:d0:52:69:de:cb:0b:6f:7b:14:c8:fc:92:ba:17:
4e:2a:37:ae:05:20:37:6e:05:e3:4f:71:05:31:85:7e:fd:69:
13:b8:f5:1e:0b:ee:2a:88:e0:ee:f8:66:4a:e0:bb:29:c1:3e:
8f:71:6d:d4:8f:c1:25:f0:f5:9a:83:35:ac:c3:ae:56:07:33:
c8:ac:8a:0d:b1:13:6d:7e:00:e3:40:df:ad:20:b2:1e:b4:5c:
f8:cf:73:cd:7a:5c:e4:5e:9d:3a:76:44:8a:d9:4e:78:03:3e:
e3:cd:cb:dd:e6:6f:47:67:bb:e4:ec:94:11:59:c2:ed:9a:96:
a1:93:fb:4f:13:d0:4d:65:0d:39:85:ca:16:4f:12:31:1f:90:
a1:cb:2d:70:00:0a:bd:8b:bc:dd:76:4d:df:4d:ba:a3:f3:bd:
e2:6a:9a:3a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH9owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
MzI1NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2OEEwMTAyMzAzNkVE
QzAwRjA2MTVGRjg4RjM4MjREMkIxRkEwNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCN8BtEcPoi6STaY+DwVi7yIY4NMJLs70MBfezjytebGYgHjCB
s0Bvz9kzddvOfOJE+xosVNaz+6JrlXSO7yxlJy66lEEu4MJGvH7qN05ZKN/d3yuh
7hs5vF356BlWNZ5m6LF0yLD4cnwXGO1hcL6WNFM9hvYjn/Ks8hUWjo/3JSwepum6
YIQIu7amS0CR3fcX29LkTwcvzYF8UCKGUHW229PKxj/qvdzXsX2aq/K3xOby4s0M
TrHRDoEgb+Ro7smmTI/RovnFJYbdmHjX2Nk4d72iH+vdgJkM3Fbf1htHzG8TICUu
+yKEmJl95ogL0QNU1Nl0C1FcRqU2PYZ7++WFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBooBAjA27cAPBhX/iPOCTSsfoFcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Cb29CQWpBMjdjQVBCaFhf
aVBPQ1RTc2ZvRmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEENwB4RMG2ce00nd1R9t21JYKDQGeFJquNe
09iRj03x4GkHXhqphgZB4HaQ9E/N1rY3vJVPp8vuJV9hfgDY9lrB602tfL8Lh+QP
c0xDAPmQSm4xDKlDb77CCdaBPQbQUmneywtvexTI/JK6F04qN64FIDduBeNPcQUx
hX79aRO49R4L7iqI4O74ZkrguynBPo9xbdSPwSXw9ZqDNazDrlYHM8isig2xE21+
AONA360gsh60XPjPc816XORenTp2RIrZTngDPuPNy93mb0dnu+TslBFZwu2alqGT
+08T0E1lDTmFyhZPEjEfkKHLLXAACr2LvN12Td9NuqPzveJqmjo=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:06 2025 by rpki-client