Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Gb4emPBMmQqlMkeZtNNJ2Wo4-_g.roa
File: Gb4emPBMmQqlMkeZtNNJ2Wo4-_g.roa (raw, json)
Hash identifier: 59DYqdIIiLVz6GsHWzPwwNrAZqfapEU7cDsuN5NCMBU=
Subject key identifier: 19:BE:1E:98:F0:4C:99:0A:A5:32:47:99:B4:D3:49:D9:6A:38:FB:F8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 201E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Gb4emPBMmQqlMkeZtNNJ2Wo4-_g.roa
Signing time: Thu 19 Jun 2025 01:34:14 +0000
ROA not before: Thu 19 Jun 2025 01:34:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8222 (0x201e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 01:34:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=19BE1E98F04C990AA5324799B4D349D96A38FBF8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:4f:ca:d4:ed:1e:ef:b7:72:27:f0:3b:4b:ae:
f1:f2:54:1d:6d:ce:f2:83:42:08:8f:73:2e:6d:6d:
c2:15:c3:6c:6c:29:3b:82:85:63:54:14:4a:5b:71:
20:09:42:6d:bb:fb:99:cf:10:2a:52:0a:b5:f5:80:
71:a1:52:f7:47:7d:fe:8f:86:0f:fc:75:69:2d:75:
88:d5:c3:38:9c:f5:8a:a6:af:49:20:31:84:15:cc:
1d:d0:c1:f8:a6:40:37:1d:6b:72:c2:14:45:b6:8b:
8e:dc:ea:05:71:9f:e6:59:18:c7:49:e7:82:8f:2b:
61:1e:36:ae:40:1a:bd:29:f5:ca:b0:4e:6a:21:51:
d2:2d:2d:e8:18:fc:bb:c0:e5:75:aa:f0:c6:3d:8f:
e7:ad:2e:43:17:d6:e3:27:09:43:63:75:04:75:06:
02:74:84:aa:1b:29:1e:19:88:73:92:19:f4:f5:a4:
63:47:f3:b4:16:95:dc:81:b7:4a:0b:44:a8:39:bc:
bc:c6:14:ef:cd:92:b5:e7:cc:d1:be:8a:c4:6d:31:
6e:ea:a2:48:29:a6:6d:e3:44:57:06:60:07:c0:c4:
5e:f8:65:7f:ae:36:47:f2:77:d1:8c:69:b3:b3:85:
7d:bf:d9:28:76:a3:b8:b5:a3:3f:ba:92:e0:7b:b5:
a9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:BE:1E:98:F0:4C:99:0A:A5:32:47:99:B4:D3:49:D9:6A:38:FB:F8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Gb4emPBMmQqlMkeZtNNJ2Wo4-_g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
81:06:75:9c:4a:70:ca:0a:c3:99:71:4c:7c:2a:8a:3b:c7:1c:
93:0e:fb:ff:12:45:a4:6d:c9:b7:2c:b0:72:7d:be:ae:bb:ae:
10:23:cf:61:4e:3c:dc:04:03:a8:f1:da:15:4b:71:c5:60:e1:
5f:15:75:e1:d5:1b:dd:b6:34:c1:8a:4d:59:90:22:a9:bf:2f:
7e:41:9c:53:68:26:85:96:05:12:94:bc:07:97:8a:73:67:69:
0d:95:b0:a0:ae:1c:cf:63:39:7a:6f:26:68:a5:a8:49:f2:f1:
97:8b:aa:4c:64:84:10:d7:cb:79:b7:02:b0:a4:39:32:93:6e:
97:4f:b6:b8:3b:38:f2:2c:3a:9a:0f:41:0a:87:0f:dd:42:8d:
3a:90:fd:7e:89:0f:54:99:2f:a9:e4:35:ab:3f:ba:a2:df:fa:
8b:b8:0f:eb:72:89:82:2f:79:3c:3d:33:50:3b:7f:a0:56:85:
b4:33:bd:69:89:61:6d:4f:8f:0c:66:83:19:7c:64:07:58:a5:
09:ab:f5:d0:7c:1c:58:e1:16:ed:5f:d7:db:be:be:ab:e4:cc:
89:30:83:29:af:42:b7:80:81:e9:35:55:cc:f6:3d:f9:3b:b2:
4d:5f:82:99:82:d9:6b:d6:ad:33:05:1d:c7:1a:31:16:71:95:
d4:2e:4d:6f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIB4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
MTM0MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5QkUxRTk4RjA0Qzk5
MEFBNTMyNDc5OUI0RDM0OUQ5NkEzOEZCRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjT8rU7R7vt3In8DtLrvHyVB1tzvKDQgiPcy5tbcIVw2xsKTuC
hWNUFEpbcSAJQm27+5nPECpSCrX1gHGhUvdHff6Phg/8dWktdYjVwzic9Yqmr0kg
MYQVzB3QwfimQDcda3LCFEW2i47c6gVxn+ZZGMdJ54KPK2EeNq5AGr0p9cqwTmoh
UdItLegY/LvA5XWq8MY9j+etLkMX1uMnCUNjdQR1BgJ0hKobKR4ZiHOSGfT1pGNH
87QWldyBt0oLRKg5vLzGFO/NkrXnzNG+isRtMW7qokgppm3jRFcGYAfAxF74ZX+u
Nkfyd9GMabOzhX2/2Sh2o7i1oz+6kuB7tampAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGb4emPBMmQqlMkeZtNNJ2Wo4+/gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HYjRlbVBCTW1RcWxNa2Va
dE5OSjJXbzQtX2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIEGdZxKcMoKw5lxTHwqijvHHJMO+/8SRaRt
ybcssHJ9vq67rhAjz2FOPNwEA6jx2hVLccVg4V8VdeHVG922NMGKTVmQIqm/L35B
nFNoJoWWBRKUvAeXinNnaQ2VsKCuHM9jOXpvJmilqEny8ZeLqkxkhBDXy3m3ArCk
OTKTbpdPtrg7OPIsOpoPQQqHD91CjTqQ/X6JD1SZL6nkNas/uqLf+ou4D+tyiYIv
eTw9M1A7f6BWhbQzvWmJYW1Pjwxmgxl8ZAdYpQmr9dB8HFjhFu1f19u+vqvkzIkw
gymvQreAgek1Vcz2Pfk7sk1fgpmC2WvWrTMFHccaMRZxldQuTW8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:09:54 2025 by rpki-client