Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/NIGEq7_Q3l4Tehie81R6CP2XKrU.roa
File: NIGEq7_Q3l4Tehie81R6CP2XKrU.roa (raw, json)
Hash identifier: KZ6VlQQmEVhd9J0ACk+8Ld+E1ErAmpjMHu2RykRHlcI=
Subject key identifier: 34:81:84:AB:BF:D0:DE:5E:13:7A:18:9E:F3:54:7A:08:FD:97:2A:B5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22CE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NIGEq7_Q3l4Tehie81R6CP2XKrU.roa
Signing time: Sun 22 Jun 2025 23:11:58 +0000
ROA not before: Sun 22 Jun 2025 23:11:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8910 (0x22ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 23:11:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=348184ABBFD0DE5E137A189EF3547A08FD972AB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:44:7a:bd:c0:cd:b3:27:60:8e:d1:5b:7c:
ab:36:29:1d:40:7b:81:c5:47:9f:f1:48:cb:d4:08:
f1:0d:48:db:40:a2:14:b2:88:be:84:a9:db:1b:78:
89:91:24:88:40:78:7f:b9:4c:54:12:a2:2c:68:3a:
c1:34:45:79:e6:a2:89:58:a3:68:92:19:4c:e6:e7:
dc:45:8a:2d:37:c6:3f:2c:a2:a5:f4:62:d3:1b:06:
5e:82:c8:9a:85:e8:9a:42:be:18:b3:95:46:9a:04:
00:3d:a9:b9:68:36:f6:ba:45:26:fd:0b:04:32:b0:
60:8d:ae:5a:54:70:43:63:f0:10:28:ed:88:00:27:
b2:fa:6e:6a:19:55:33:ce:dc:bc:2d:1d:2e:f6:30:
c1:b4:d5:1b:2f:b8:e7:fa:19:8e:e2:20:1c:70:8e:
ea:0c:35:54:29:6d:86:66:34:43:a8:7e:a9:62:32:
86:1d:0d:b2:96:a1:9f:d3:ea:ca:3f:c5:f0:a9:5c:
35:8b:ce:91:92:da:7b:7f:0a:48:0d:9b:1a:02:29:
eb:7a:70:c9:75:b7:06:23:e4:6a:e9:8b:3a:2e:75:
ae:f4:b8:64:9f:32:2e:a2:22:e3:a2:fd:6f:3b:aa:
0a:bb:8c:3e:9e:88:29:7f:7e:76:c6:6e:bb:27:91:
55:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:81:84:AB:BF:D0:DE:5E:13:7A:18:9E:F3:54:7A:08:FD:97:2A:B5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NIGEq7_Q3l4Tehie81R6CP2XKrU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:2d:83:cf:dd:13:6b:1c:79:69:26:2f:21:bb:dd:17:c1:12:
5d:0f:12:f4:99:77:1b:6b:22:cd:72:05:ca:c1:d5:bf:2f:9b:
b1:1d:9b:38:27:fe:3d:4a:44:08:de:10:55:df:be:13:f8:99:
4f:41:a5:9e:fd:df:28:6e:fb:ab:2d:73:a8:8c:61:5b:72:cf:
f1:51:67:34:7d:d1:43:f3:86:75:bc:b0:52:4c:a3:79:fd:56:
e4:c9:c4:13:34:7e:5e:69:c9:2d:8f:f0:a9:5e:e5:f1:8d:a5:
d3:40:5c:a7:98:d8:c9:70:56:05:93:12:f9:c4:66:9e:a8:ed:
f1:14:b6:73:bf:d0:5f:fa:ff:e7:9e:27:f0:d3:ff:e7:6a:60:
59:16:77:f7:55:92:73:de:fe:1c:15:56:69:cc:75:09:d0:71:
f0:97:13:a3:a9:76:95:00:0f:6a:75:f7:6a:ae:1a:5e:8d:48:
2c:b6:43:66:5c:4e:cd:c7:15:9a:b4:84:a3:38:28:02:13:ba:
3b:8e:37:24:3d:85:0e:a2:7a:cd:c3:ae:9d:f6:04:c8:c9:19:
5c:4a:90:2d:bc:9d:9c:73:dc:ce:33:27:10:1c:9a:42:18:5c:
ef:cc:ee:61:14:15:08:5a:54:c2:f9:b3:58:d4:2f:d8:04:37:
8c:4d:7d:7c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIs4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIy
MzExNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM0ODE4NEFCQkZEMERF
NUUxMzdBMTg5RUYzNTQ3QTA4RkQ5NzJBQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0b0R6vcDNsydgjtFbfKs2KR1Ae4HFR5/xSMvUCPENSNtAohSy
iL6EqdsbeImRJIhAeH+5TFQSoixoOsE0RXnmoolYo2iSGUzm59xFii03xj8soqX0
YtMbBl6CyJqF6JpCvhizlUaaBAA9qbloNva6RSb9CwQysGCNrlpUcENj8BAo7YgA
J7L6bmoZVTPO3LwtHS72MMG01RsvuOf6GY7iIBxwjuoMNVQpbYZmNEOofqliMoYd
DbKWoZ/T6so/xfCpXDWLzpGS2nt/CkgNmxoCKet6cMl1twYj5Grpizouda70uGSf
Mi6iIuOi/W87qgq7jD6eiCl/fnbGbrsnkVUhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNIGEq7/Q3l4Tehie81R6CP2XKrUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OSUdFcTdfUTNsNFRlaGll
ODFSNkNQMlhLclUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIwtg8/dE2sceWkmLyG73RfBEl0PEvSZdxtr
Is1yBcrB1b8vm7Edmzgn/j1KRAjeEFXfvhP4mU9BpZ793yhu+6stc6iMYVtyz/FR
ZzR90UPzhnW8sFJMo3n9VuTJxBM0fl5pyS2P8Kle5fGNpdNAXKeY2MlwVgWTEvnE
Zp6o7fEUtnO/0F/6/+eeJ/DT/+dqYFkWd/dVknPe/hwVVmnMdQnQcfCXE6OpdpUA
D2p192quGl6NSCy2Q2ZcTs3HFZq0hKM4KAITujuONyQ9hQ6ies3Drp32BMjJGVxK
kC28nZxz3M4zJxAcmkIYXO/M7mEUFQhaVML5s1jUL9gEN4xNfXw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:15:22 2025 by rpki-client