Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DbJ5Iqro2JtH1NdB0kV6CK0AH6o.roa
File: DbJ5Iqro2JtH1NdB0kV6CK0AH6o.roa (raw, json)
Hash identifier: AmOjOTB3/7Lk8jnSMmK8JLGKoM8mqJ7D1aJRGO4Oy0Q=
Subject key identifier: 0D:B2:79:22:AA:E8:D8:9B:47:D4:D7:41:D2:45:7A:08:AD:00:1F:AA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FE2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DbJ5Iqro2JtH1NdB0kV6CK0AH6o.roa
Signing time: Wed 18 Jun 2025 14:32:10 +0000
ROA not before: Wed 18 Jun 2025 14:32:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8162 (0x1fe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 14:32:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0DB27922AAE8D89B47D4D741D2457A08AD001FAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c3:5c:dd:c6:a5:ae:96:ab:c9:99:73:e5:69:
5f:de:88:a5:05:a5:da:35:fb:f3:bc:c0:ef:86:53:
4a:d8:87:2a:b8:b4:c9:2a:f4:62:6e:b9:97:91:27:
7a:28:d7:3a:b2:66:84:1b:f2:81:b5:ca:59:04:56:
af:21:79:6f:9b:ab:24:94:cd:f5:8f:81:ba:a5:ac:
a7:a0:ef:72:40:e3:99:36:30:01:93:24:da:28:33:
9e:70:98:59:68:35:cd:0e:35:f2:df:c3:8a:b6:3e:
d5:b9:c5:1e:75:8f:4b:0c:54:09:11:c7:d0:93:58:
68:91:64:0d:62:5b:ff:b5:60:8c:1e:d5:14:e6:e6:
28:a5:0b:ef:ca:51:b3:2a:42:5a:d3:8e:aa:17:fe:
4c:df:64:75:e9:98:05:80:ec:90:ce:d5:62:f0:53:
1a:fd:16:bc:73:18:91:f6:bd:74:e4:f1:28:c6:3a:
3e:b5:8f:fa:04:7f:58:15:50:e4:44:69:a7:f3:d6:
57:83:1a:22:b1:cd:00:66:f4:9d:db:61:04:87:15:
cf:03:5a:2b:49:8e:e5:bd:5c:87:52:69:d9:ef:96:
d4:70:3b:0b:0e:28:7d:3b:05:4f:05:ee:24:fb:57:
de:1c:6f:da:91:1a:19:5d:a1:eb:57:af:37:a1:8f:
93:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B2:79:22:AA:E8:D8:9B:47:D4:D7:41:D2:45:7A:08:AD:00:1F:AA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DbJ5Iqro2JtH1NdB0kV6CK0AH6o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:79:8a:ad:d0:d8:fd:c1:27:4e:67:b7:d2:7d:95:59:0b:0d:
c3:90:82:36:27:e3:14:01:5d:c6:87:da:10:e4:fb:9d:c8:4f:
a7:2e:5b:e7:ed:37:7b:47:e0:4b:8c:90:b9:0c:e2:7d:5f:86:
ad:00:58:d1:a1:d2:4a:0b:f2:05:4e:24:70:b6:ac:98:ba:6e:
50:47:25:74:8b:54:9f:18:57:89:d6:b4:a9:f0:dd:9b:ee:d7:
d5:64:9d:b4:7e:71:12:43:f3:d3:65:81:62:72:72:e3:2f:c4:
41:d4:77:ee:10:35:7d:cd:ed:98:64:fa:44:df:19:c0:12:f0:
26:79:00:d3:06:8e:4b:8f:86:ae:75:78:6d:52:c3:df:6c:05:
c4:18:1b:f6:75:a0:bc:4f:fb:fe:76:05:c0:4b:3c:b4:f1:24:
7f:b7:65:2d:f1:7e:5c:11:e5:a2:44:d2:dd:81:39:92:2d:2a:
da:62:31:d4:cb:88:e6:95:a5:78:e9:18:31:8e:67:cf:a7:cc:
76:7c:30:4b:37:09:fc:72:df:2a:2e:0f:29:ee:c5:d1:03:5c:
4d:e6:ed:ee:f8:ea:a6:9b:57:b8:e9:48:c6:38:68:72:90:bf:
c9:94:a6:d3:06:6f:95:00:16:5f:a8:44:62:bb:dd:e1:58:20:
79:0f:21:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH+IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
NDMyMTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBEQjI3OTIyQUFFOEQ4
OUI0N0Q0RDc0MUQyNDU3QTA4QUQwMDFGQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUw1zdxqWulqvJmXPlaV/eiKUFpdo1+/O8wO+GU0rYhyq4tMkq
9GJuuZeRJ3oo1zqyZoQb8oG1ylkEVq8heW+bqySUzfWPgbqlrKeg73JA45k2MAGT
JNooM55wmFloNc0ONfLfw4q2PtW5xR51j0sMVAkRx9CTWGiRZA1iW/+1YIwe1RTm
5iilC+/KUbMqQlrTjqoX/kzfZHXpmAWA7JDO1WLwUxr9FrxzGJH2vXTk8SjGOj61
j/oEf1gVUOREaafz1leDGiKxzQBm9J3bYQSHFc8DWitJjuW9XIdSadnvltRwOwsO
KH07BU8F7iT7V94cb9qRGhldoetXrzehj5P1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDbJ5Iqro2JtH1NdB0kV6CK0AH6owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EYko1SXFybzJKdEgxTmRC
MGtWNkNLMEFINm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKh5iq3Q2P3BJ05nt9J9lVkLDcOQgjYn4xQB
XcaH2hDk+53IT6cuW+ftN3tH4EuMkLkM4n1fhq0AWNGh0koL8gVOJHC2rJi6blBH
JXSLVJ8YV4nWtKnw3Zvu19VknbR+cRJD89NlgWJycuMvxEHUd+4QNX3N7Zhk+kTf
GcAS8CZ5ANMGjkuPhq51eG1Sw99sBcQYG/Z1oLxP+/52BcBLPLTxJH+3ZS3xflwR
5aJE0t2BOZItKtpiMdTLiOaVpXjpGDGOZ8+nzHZ8MEs3Cfxy3youDynuxdEDXE3m
7e746qabV7jpSMY4aHKQv8mUptMGb5UAFl+oRGK73eFYIHkPIQg=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:37:20 2025 by rpki-client