Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FNanYlbyJreENpP_ycn1bzlgNRs.roa
File: FNanYlbyJreENpP_ycn1bzlgNRs.roa (raw, json)
Hash identifier: 4BKdbYpjaXB84ZA8YhloucjMOrVOY6UL+WmwlONHFII=
Subject key identifier: 14:D6:A7:62:56:F2:26:B7:84:36:93:FF:C9:C9:F5:6F:39:60:35:1B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 21CA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FNanYlbyJreENpP_ycn1bzlgNRs.roa
Signing time: Sat 21 Jun 2025 14:41:46 +0000
ROA not before: Sat 21 Jun 2025 14:41:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8650 (0x21ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 14:41:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=14D6A76256F226B7843693FFC9C9F56F3960351B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f5:95:71:0c:d4:6e:c5:18:03:c7:83:7e:eb:
c6:c9:d6:d1:3f:03:7f:9f:74:04:8b:a9:15:83:97:
04:d0:15:8f:6f:66:c2:72:0f:e1:0d:07:a8:e2:5d:
e1:91:a8:9b:ee:bc:39:07:c5:df:32:1a:5e:e6:d0:
4b:58:87:fd:0b:1e:0d:91:1d:fe:29:14:e6:20:f5:
72:71:89:72:49:ed:da:21:f0:5c:a3:8e:e7:59:d5:
dc:2d:59:b6:c7:07:e5:b2:1c:30:91:b7:7d:23:3e:
ba:ad:60:06:53:10:9f:18:4d:3c:90:2e:44:54:01:
11:ad:b7:1f:38:f0:05:12:5f:c2:ce:0e:cd:79:ed:
4d:5f:6e:4d:cf:e1:ee:5f:d5:52:cb:7a:14:78:76:
d8:f1:61:d7:1f:e6:b2:38:ee:93:e7:10:66:4b:af:
2b:14:5a:b6:8f:72:52:87:0c:64:be:f4:80:ac:1f:
d3:e2:37:32:08:c1:35:61:87:e9:ae:79:e5:0d:7c:
74:e9:75:29:b5:d7:93:cc:7e:8f:64:a7:29:7b:a2:
be:a8:10:f9:49:42:7b:17:32:f8:cb:93:8e:d5:86:
6c:3e:21:23:87:11:e0:5e:00:7c:c9:73:44:c2:4b:
b6:ba:25:49:ff:2e:ca:67:ad:88:d7:39:bd:57:68:
d9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D6:A7:62:56:F2:26:B7:84:36:93:FF:C9:C9:F5:6F:39:60:35:1B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FNanYlbyJreENpP_ycn1bzlgNRs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:67:6d:5d:e5:15:d7:ba:1f:c5:42:85:a4:94:d1:7f:d0:99:
7b:7e:7c:92:59:47:fb:9a:ef:f4:f4:6c:33:05:43:9b:56:a4:
06:a6:72:c8:43:ff:ce:af:f8:d9:09:47:72:e9:a0:eb:6b:a1:
d1:70:6a:a0:a5:02:ac:22:da:bc:e3:21:c0:d3:5e:5f:2c:cf:
58:53:ad:f9:1f:f0:81:c8:5b:08:e1:a6:6a:ff:90:80:22:ca:
65:e5:7b:a6:ea:cb:dc:76:4c:89:8d:b8:2c:f6:d4:33:b1:52:
2d:ac:34:b0:6a:38:91:d8:da:50:45:a1:e3:99:b0:c3:db:76:
43:7e:a2:ab:0b:a2:53:a1:f3:70:fa:a9:6a:bc:c0:91:a7:58:
60:46:41:1c:92:f5:f0:e5:63:d3:80:d0:ba:9f:24:13:4d:e1:
37:00:f2:32:81:21:3f:f0:e9:a4:79:b3:2f:a0:5a:ef:09:26:
fa:f8:39:23:ea:33:24:42:23:ce:59:f4:79:25:97:9b:b6:87:
2b:ba:88:c2:a5:ea:ce:20:2d:26:0b:65:48:d8:c4:4a:7a:ca:
e1:e3:6b:93:d5:bc:f4:4b:62:b1:23:e3:ec:cf:7b:86:26:db:
db:03:09:ad:6b:51:dc:35:39:98:71:f0:6f:75:ee:2a:cc:f3:
e1:12:ba:ff
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEx
NDQxNDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE0RDZBNzYyNTZGMjI2
Qjc4NDM2OTNGRkM5QzlGNTZGMzk2MDM1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC59ZVxDNRuxRgDx4N+68bJ1tE/A3+fdASLqRWDlwTQFY9vZsJy
D+ENB6jiXeGRqJvuvDkHxd8yGl7m0EtYh/0LHg2RHf4pFOYg9XJxiXJJ7doh8Fyj
judZ1dwtWbbHB+WyHDCRt30jPrqtYAZTEJ8YTTyQLkRUARGttx848AUSX8LODs15
7U1fbk3P4e5f1VLLehR4dtjxYdcf5rI47pPnEGZLrysUWraPclKHDGS+9ICsH9Pi
NzIIwTVhh+mueeUNfHTpdSm115PMfo9kpyl7or6oEPlJQnsXMvjLk47Vhmw+ISOH
EeBeAHzJc0TCS7a6JUn/LspnrYjXOb1XaNm1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFNanYlbyJreENpP/ycn1bzlgNRswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GTmFuWWxieUpyZUVOcFBf
eWNuMWJ6bGdOUnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAI5nbV3lFde6H8VChaSU0X/QmXt+fJJZR/ua
7/T0bDMFQ5tWpAamcshD/86v+NkJR3LpoOtrodFwaqClAqwi2rzjIcDTXl8sz1hT
rfkf8IHIWwjhpmr/kIAiymXle6bqy9x2TImNuCz21DOxUi2sNLBqOJHY2lBFoeOZ
sMPbdkN+oqsLolOh83D6qWq8wJGnWGBGQRyS9fDlY9OA0LqfJBNN4TcA8jKBIT/w
6aR5sy+gWu8JJvr4OSPqMyRCI85Z9Hkll5u2hyu6iMKl6s4gLSYLZUjYxEp6yuHj
a5PVvPRLYrEj4+zPe4Ym29sDCa1rUdw1OZhx8G917irM8+ESuv8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:37:08 2025 by rpki-client