Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IAgbYUaoLo3F2gRzvub7e2k4sH8.roa
File: IAgbYUaoLo3F2gRzvub7e2k4sH8.roa (raw, json)
Hash identifier: YW4mi6BvA8F7Rj4SUVC+4XWJrfERgbHYihmH2toCWog=
Subject key identifier: 20:08:1B:61:46:A8:2E:8D:C5:DA:04:73:BE:E6:FB:7B:69:38:B0:7F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CA6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IAgbYUaoLo3F2gRzvub7e2k4sH8.roa
Signing time: Sat 14 Jun 2025 06:39:55 +0000
ROA not before: Sat 14 Jun 2025 06:39:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7334 (0x1ca6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 06:39:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=20081B6146A82E8DC5DA0473BEE6FB7B6938B07F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:54:74:cb:a0:b2:f2:07:85:a7:80:d0:a9:9b:
e9:b3:c9:78:24:8f:81:2f:b0:c3:85:19:9e:8d:6b:
7c:56:cb:9c:bb:c4:7b:bd:53:5f:8d:b0:08:2c:29:
3e:cd:a0:d8:fd:47:ed:17:46:c2:48:7c:f2:9e:5f:
a7:8a:82:2f:19:5d:c2:2b:cc:c3:08:e5:3b:6c:48:
b3:60:bd:d2:e0:06:11:55:33:7d:5c:6c:b6:7e:60:
8b:75:6d:df:fb:5b:1a:3c:e4:87:c2:34:6c:b8:02:
e4:f2:9d:9a:36:dd:81:1a:3e:d8:40:5d:23:70:33:
59:42:47:24:b8:1a:6b:3c:68:a9:d3:8f:47:72:ba:
7a:fa:4f:5b:e0:e8:9d:2b:93:5d:06:7c:56:15:3f:
74:56:00:b4:40:c6:c5:88:45:40:36:d1:3d:ac:36:
68:5d:f7:f0:ef:6f:44:fa:f8:02:d6:2d:47:40:11:
6f:d5:00:86:4f:5b:6f:c7:51:1e:a2:52:84:aa:48:
37:8d:c7:f5:e9:5b:b0:18:65:ca:a1:b3:bd:6e:72:
fe:85:6b:52:38:e2:14:15:51:bd:ad:95:14:da:8e:
d5:c4:03:4d:b9:ee:1d:d0:d3:38:88:ea:49:7f:17:
c7:ff:21:f8:31:48:a7:f8:8d:23:34:e9:e8:31:16:
9e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:08:1B:61:46:A8:2E:8D:C5:DA:04:73:BE:E6:FB:7B:69:38:B0:7F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IAgbYUaoLo3F2gRzvub7e2k4sH8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:78:8d:f7:56:ad:90:49:7d:0e:43:50:29:84:60:b4:c2:c9:
e9:51:c5:31:73:b3:77:d8:74:d2:e5:bc:50:72:14:e9:ba:63:
05:91:77:01:82:8f:e9:b3:75:4b:af:da:cc:86:a1:21:a7:37:
f2:1a:94:6d:54:63:d5:da:63:79:7b:28:34:30:64:10:74:79:
f7:14:85:9d:68:e2:63:b3:5d:7a:c7:db:c0:bd:6b:7b:9d:93:
6f:28:dd:34:73:26:03:21:d5:51:e4:0f:2b:d8:b2:a9:93:4b:
59:db:39:40:43:eb:57:b2:b8:76:eb:c3:a9:e2:47:9a:42:e7:
66:47:b6:3d:11:f5:4d:8a:27:5e:e3:1b:f9:1d:d1:70:b3:33:
d3:b0:99:c3:74:cc:51:8e:ff:cd:10:07:14:da:c2:fc:8b:e4:
b4:a0:f9:53:1d:07:12:79:5c:c6:1f:ce:e2:e4:58:21:10:02:
b6:5c:b8:7c:a7:d1:cd:1f:d5:d0:9c:54:3b:96:06:d2:4e:04:
99:cd:8b:7b:38:cf:e3:2c:9a:99:6d:ba:e2:c3:5b:5d:27:48:
2c:a9:b3:e1:95:7e:6c:d7:8d:22:91:d9:55:ab:b7:6a:58:32:
31:51:0d:0e:75:23:fb:86:7f:12:cb:a2:00:07:44:5d:91:a5:
ce:3e:01:27
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHKYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQw
NjM5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIwMDgxQjYxNDZBODJF
OERDNURBMDQ3M0JFRTZGQjdCNjkzOEIwN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7VHTLoLLyB4WngNCpm+mzyXgkj4EvsMOFGZ6Na3xWy5y7xHu9
U1+NsAgsKT7NoNj9R+0XRsJIfPKeX6eKgi8ZXcIrzMMI5TtsSLNgvdLgBhFVM31c
bLZ+YIt1bd/7Wxo85IfCNGy4AuTynZo23YEaPthAXSNwM1lCRyS4Gms8aKnTj0dy
unr6T1vg6J0rk10GfFYVP3RWALRAxsWIRUA20T2sNmhd9/Dvb0T6+ALWLUdAEW/V
AIZPW2/HUR6iUoSqSDeNx/XpW7AYZcqhs71ucv6Fa1I44hQVUb2tlRTajtXEA025
7h3Q0ziI6kl/F8f/IfgxSKf4jSM06egxFp7rAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIAgbYUaoLo3F2gRzvub7e2k4sH8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JQWdiWVVhb0xvM0YyZ1J6
dnViN2UyazRzSDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAV4jfdWrZBJfQ5DUCmEYLTCyelRxTFzs3fY
dNLlvFByFOm6YwWRdwGCj+mzdUuv2syGoSGnN/IalG1UY9XaY3l7KDQwZBB0efcU
hZ1o4mOzXXrH28C9a3udk28o3TRzJgMh1VHkDyvYsqmTS1nbOUBD61eyuHbrw6ni
R5pC52ZHtj0R9U2KJ17jG/kd0XCzM9OwmcN0zFGO/80QBxTawvyL5LSg+VMdBxJ5
XMYfzuLkWCEQArZcuHyn0c0f1dCcVDuWBtJOBJnNi3s4z+MsmpltuuLDW10nSCyp
s+GVfmzXjSKR2VWrt2pYMjFRDQ51I/uGfxLLogAHRF2Rpc4+ASc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:10:01 2025 by rpki-client