Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JvVKdYfIOJ9jVvPq-RkNphcIGic.roa
File: JvVKdYfIOJ9jVvPq-RkNphcIGic.roa (raw, json)
Hash identifier: zXFVP+Uc0+bu3zWVKyciv8sr9Up5nUXFYNtfJJj2apY=
Subject key identifier: 26:F5:4A:75:87:C8:38:9F:63:56:F3:EA:F9:19:0D:A6:17:08:1A:27
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2012
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JvVKdYfIOJ9jVvPq-RkNphcIGic.roa
Signing time: Wed 18 Jun 2025 23:53:05 +0000
ROA not before: Wed 18 Jun 2025 23:53:05 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8210 (0x2012)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 23:53:05 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=26F54A7587C8389F6356F3EAF9190DA617081A27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:89:4a:39:f7:80:43:5f:3d:14:da:d3:94:
ce:fd:f9:c6:69:d8:99:07:a3:c0:0e:d0:3f:ed:06:
0b:01:b3:da:0d:52:66:e4:59:19:50:c2:20:be:ac:
54:8e:1f:33:a2:58:83:12:08:55:97:fa:62:d0:c1:
f0:bb:4b:87:b0:c6:5d:1b:dd:60:97:f5:ab:e0:72:
bc:cc:5e:67:6b:e4:9c:b8:15:2d:be:6e:fb:74:31:
35:5f:a7:36:29:c1:7b:70:0c:0c:b9:e3:a9:f9:08:
51:6e:43:ac:6f:b8:a2:17:f8:50:b9:a2:df:84:12:
43:ae:f3:f5:76:42:db:36:7e:45:1f:76:c9:c1:0a:
99:1e:1b:49:7d:cf:f7:f9:7e:72:46:a8:09:48:46:
0a:3f:7e:2a:22:c1:4b:09:9c:3e:3e:fd:7f:d5:f8:
b1:36:28:a5:4f:a0:88:3f:7e:42:a0:54:be:1c:11:
34:28:d8:aa:df:9e:98:5e:d1:e3:54:9f:ba:24:52:
51:bd:18:64:9d:cc:1a:79:77:e3:47:f6:0e:b1:60:
ea:c8:6a:4f:f7:3c:5b:98:04:e8:43:a7:22:88:2d:
19:8c:b5:8c:1c:1a:97:4b:4d:a9:69:13:36:1e:6e:
18:b0:9e:72:55:ba:8e:7d:a2:ed:35:c3:80:4d:37:
7d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F5:4A:75:87:C8:38:9F:63:56:F3:EA:F9:19:0D:A6:17:08:1A:27
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JvVKdYfIOJ9jVvPq-RkNphcIGic.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:49:b4:c5:46:4d:3c:c1:ef:b1:e0:c6:29:5c:03:6e:42:13:
02:49:2f:65:e6:4e:ff:dd:d3:63:9e:c4:50:b5:70:8c:85:13:
e5:aa:9c:8e:76:59:a7:7e:3e:61:aa:95:73:39:1d:05:75:68:
94:82:20:0d:c6:eb:cd:56:85:8c:9b:d4:e8:38:ce:c4:25:03:
a7:45:bb:57:6f:8b:fb:4e:ba:4f:8a:1f:3c:da:aa:20:30:84:
a8:73:f8:df:61:eb:e3:d6:32:60:a7:a1:3e:1d:89:35:65:e3:
59:a9:23:bb:5b:52:8f:5e:32:33:66:28:79:49:fe:6f:c3:64:
12:c7:31:30:92:33:9a:85:67:d8:e6:08:07:7f:f8:1d:8c:ce:
f1:ed:a7:0a:14:a3:f5:eb:38:f9:74:64:88:6f:a2:91:ae:c5:
c1:d4:ce:5d:b6:48:a0:07:24:30:79:9e:61:3d:11:c3:36:9f:
82:77:21:8a:9d:28:f6:a9:b3:b4:25:f7:88:58:22:67:77:67:
13:17:d5:16:bd:50:81:f4:6a:2b:de:d4:b7:69:0d:22:85:73:
22:7f:e7:81:5d:a8:ed:e4:fa:2d:39:e0:cd:82:aa:5b:ed:25:
67:8e:ca:79:00:33:01:47:de:e3:10:ad:6a:66:95:74:52:8d:
11:70:88:4b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIBIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgy
MzUzMDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI2RjU0QTc1ODdDODM4
OUY2MzU2RjNFQUY5MTkwREE2MTcwODFBMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjG4lKOfeAQ189FNrTlM79+cZp2JkHo8AO0D/tBgsBs9oNUmbk
WRlQwiC+rFSOHzOiWIMSCFWX+mLQwfC7S4ewxl0b3WCX9avgcrzMXmdr5Jy4FS2+
bvt0MTVfpzYpwXtwDAy546n5CFFuQ6xvuKIX+FC5ot+EEkOu8/V2Qts2fkUfdsnB
CpkeG0l9z/f5fnJGqAlIRgo/fioiwUsJnD4+/X/V+LE2KKVPoIg/fkKgVL4cETQo
2Krfnphe0eNUn7okUlG9GGSdzBp5d+NH9g6xYOrIak/3PFuYBOhDpyKILRmMtYwc
GpdLTalpEzYebhiwnnJVuo59ou01w4BNN311AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJvVKdYfIOJ9jVvPq+RkNphcIGicwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KdlZLZFlmSU9KOWpWdlBx
LVJrTnBoY0lHaWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIJJtMVGTTzB77HgxilcA25CEwJJL2XmTv/d
02OexFC1cIyFE+WqnI52Wad+PmGqlXM5HQV1aJSCIA3G681WhYyb1Og4zsQlA6dF
u1dvi/tOuk+KHzzaqiAwhKhz+N9h6+PWMmCnoT4diTVl41mpI7tbUo9eMjNmKHlJ
/m/DZBLHMTCSM5qFZ9jmCAd/+B2MzvHtpwoUo/XrOPl0ZIhvopGuxcHUzl22SKAH
JDB5nmE9EcM2n4J3IYqdKPaps7Ql94hYImd3ZxMX1Ra9UIH0aive1LdpDSKFcyJ/
54FdqO3k+i054M2CqlvtJWeOynkAMwFH3uMQrWpmlXRSjRFwiEs=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:07:17 2025 by rpki-client