Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/IG_AU1ls_Ieg7NabH2TFlIX7ts0.roa
File: IG_AU1ls_Ieg7NabH2TFlIX7ts0.roa (raw, json)
Hash identifier: GAXhbAbMSPJIoQAqPKi2uYWkAFaRzHOo+B4oim7K540=
Subject key identifier: 20:6F:C0:53:59:6C:FC:87:A0:EC:D6:9B:1F:64:C5:94:85:FB:B6:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1746
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IG_AU1ls_Ieg7NabH2TFlIX7ts0.roa
Signing time: Sat 07 Jun 2025 02:40:17 +0000
ROA not before: Sat 07 Jun 2025 02:40:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5958 (0x1746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 7 02:40:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=206FC053596CFC87A0ECD69B1F64C59485FBB6CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f4:d3:eb:50:15:fe:ff:68:c7:ba:98:b2:84:
58:e8:b2:9a:18:3c:93:d2:be:8a:a1:7a:79:ab:78:
45:02:6f:21:ce:ea:98:bc:da:85:3a:36:2a:92:fa:
ef:c4:cc:6e:ad:5c:0e:bb:65:9f:a6:d6:a5:07:2d:
12:a3:7c:aa:84:8a:89:e1:92:2c:7c:56:64:7e:5f:
e2:3c:4e:b7:f9:60:b0:f5:77:5b:fb:43:f0:bf:4b:
0a:25:93:01:76:5b:ff:a6:8a:aa:8e:b8:50:65:c5:
d5:5e:fb:33:a7:24:07:28:a2:e0:3c:f5:d0:39:df:
6e:c8:cd:06:49:e6:46:09:c9:f3:f3:43:c8:a0:31:
aa:63:4b:db:4c:90:11:da:92:f7:08:0c:30:da:57:
41:5c:57:64:05:83:e8:02:07:98:37:fe:8d:5b:93:
d7:26:c4:3e:f7:a3:69:cb:38:96:af:1a:78:87:7a:
88:5e:d6:45:fa:00:3b:5e:74:99:5f:81:71:c6:4b:
d9:33:c4:b7:1c:ee:04:14:4d:07:53:db:a5:17:6b:
25:57:b8:0c:fe:a0:71:2f:0f:17:ff:52:8d:13:4d:
84:9b:90:69:76:f0:c7:f6:f4:c5:a8:b6:89:ac:91:
f5:bb:de:f8:8a:8e:b1:69:c3:30:63:3f:45:99:e6:
c6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:6F:C0:53:59:6C:FC:87:A0:EC:D6:9B:1F:64:C5:94:85:FB:B6:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/IG_AU1ls_Ieg7NabH2TFlIX7ts0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:9a:c5:7b:2b:7f:8b:28:78:f4:26:9f:f4:a6:cb:17:37:63:
d1:b8:eb:ad:11:c8:80:42:eb:ba:9e:fa:cf:24:25:97:e0:3d:
67:a0:f5:19:68:a5:47:dd:02:c8:cc:69:d7:a3:91:15:48:fe:
4a:b2:66:58:1b:e9:bb:85:b9:bf:fc:4d:93:88:42:23:c5:5b:
ed:53:5a:da:0a:eb:a4:a6:e7:32:28:68:c2:35:d1:a9:57:3b:
27:bb:36:70:93:54:eb:db:13:cd:94:1a:00:0a:8a:94:51:61:
4e:22:a5:f6:69:90:db:62:29:a9:b8:4e:fa:46:a9:99:7e:e7:
0e:1f:02:a6:22:3d:c1:94:26:ea:22:dd:53:cf:d4:6d:ca:92:
3b:9d:2c:2d:47:15:d7:07:6f:11:d3:5d:2f:fc:50:e1:41:eb:
ee:74:00:21:43:0f:6c:f6:3e:14:ae:b7:69:4d:8b:de:d4:0b:
7e:06:e7:3f:ca:d5:74:e7:60:ba:68:2b:66:d2:2f:22:13:2a:
48:c5:8c:42:6d:41:46:28:12:19:05:ea:17:a4:9d:03:3e:ac:
66:a4:3f:41:7a:9c:31:53:29:da:b7:fe:f6:a9:9a:49:63:5f:
3d:b7:04:02:0e:ba:cb:7a:a1:e0:5f:85:90:3d:75:a9:0f:2c:
90:38:68:4e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICF0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDcw
MjQwMTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIwNkZDMDUzNTk2Q0ZD
ODdBMEVDRDY5QjFGNjRDNTk0ODVGQkI2Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC19NPrUBX+/2jHupiyhFjospoYPJPSvoqhenmreEUCbyHO6pi8
2oU6NiqS+u/EzG6tXA67ZZ+m1qUHLRKjfKqEionhkix8VmR+X+I8Trf5YLD1d1v7
Q/C/SwolkwF2W/+miqqOuFBlxdVe+zOnJAcoouA89dA5327IzQZJ5kYJyfPzQ8ig
MapjS9tMkBHakvcIDDDaV0FcV2QFg+gCB5g3/o1bk9cmxD73o2nLOJavGniHeohe
1kX6ADtedJlfgXHGS9kzxLcc7gQUTQdT26UXayVXuAz+oHEvDxf/Uo0TTYSbkGl2
8Mf29MWotomskfW73viKjrFpwzBjP0WZ5saxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUIG/AU1ls/Ieg7NabH2TFlIX7ts0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JR19BVTFsc19JZWc3TmFi
SDJURmxJWDd0czAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADCaxXsrf4soePQmn/Smyxc3Y9G4660RyIBC
67qe+s8kJZfgPWeg9RlopUfdAsjMadejkRVI/kqyZlgb6buFub/8TZOIQiPFW+1T
WtoK66Sm5zIoaMI10alXOye7NnCTVOvbE82UGgAKipRRYU4ipfZpkNtiKam4TvpG
qZl+5w4fAqYiPcGUJuoi3VPP1G3KkjudLC1HFdcHbxHTXS/8UOFB6+50ACFDD2z2
PhSut2lNi97UC34G5z/K1XTnYLpoK2bSLyITKkjFjEJtQUYoEhkF6heknQM+rGak
P0F6nDFTKdq3/vapmkljXz23BAIOust6oeBfhZA9dakPLJA4aE4=
-----END CERTIFICATE-----
Generated at Wed Jun 11 08:09:49 2025 by rpki-client