Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OJvcXz4M4PwY-dG0kRlcqvQZ0jk.roa
File: OJvcXz4M4PwY-dG0kRlcqvQZ0jk.roa (raw, json)
Hash identifier: a7JaBhtSTuYNrpJRD/8ggdSb2yqUuyhOFmD3xH+3+BI=
Subject key identifier: 38:9B:DC:5F:3E:0C:E0:FC:18:F9:D1:B4:91:19:5C:AA:F4:19:D2:39
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C16
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OJvcXz4M4PwY-dG0kRlcqvQZ0jk.roa
Signing time: Fri 13 Jun 2025 12:39:58 +0000
ROA not before: Fri 13 Jun 2025 12:39:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7190 (0x1c16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 12:39:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=389BDC5F3E0CE0FC18F9D1B491195CAAF419D239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ba:f6:00:e6:05:09:51:83:a3:47:8a:59:f4:
53:1f:ad:95:b7:15:d2:12:ef:57:1d:1b:24:7d:48:
6e:7b:16:00:b2:64:bf:aa:51:ca:06:5e:5c:f8:aa:
22:8a:dd:ef:13:a3:de:8a:6d:3d:a4:a5:a6:80:97:
46:53:87:da:16:e0:01:20:b5:67:b9:db:90:79:26:
40:c9:61:7b:5a:a8:35:00:d3:f3:b2:02:bb:65:17:
d3:18:f7:c8:91:64:4b:93:0e:e2:ad:b3:63:ef:e2:
17:a4:75:30:e3:0b:4d:df:df:2c:3a:4a:51:5a:6f:
48:df:0d:ff:81:e4:1d:a4:a5:0f:4e:5b:ef:b7:8b:
4b:65:ae:fa:63:b7:5b:3b:c5:e2:8d:34:81:e1:54:
e8:e7:d7:dc:5a:f0:a8:1c:cb:17:ae:35:d2:47:4b:
da:7d:a0:8e:b0:fa:17:c0:46:d4:c7:fc:cc:22:d0:
f3:4c:bc:a4:8a:3b:2b:3f:5b:e2:0f:75:17:d8:98:
37:a8:d6:7a:59:53:a1:d0:97:7a:c9:69:1d:81:28:
fb:e8:8f:88:70:80:2c:47:8c:68:80:11:7b:09:fc:
55:fc:56:71:57:8c:87:5a:51:66:4f:3f:91:dd:79:
0f:17:ab:6a:d0:96:b2:5f:14:63:64:09:e6:37:75:
12:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9B:DC:5F:3E:0C:E0:FC:18:F9:D1:B4:91:19:5C:AA:F4:19:D2:39
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OJvcXz4M4PwY-dG0kRlcqvQZ0jk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:dc:cf:da:07:0b:f0:02:6a:e0:fe:28:30:7a:30:9c:86:81:
68:fa:23:57:18:53:5b:48:30:7a:47:0d:10:b4:bc:ae:39:18:
13:86:9c:e0:78:95:24:66:9b:a4:5b:59:e5:8e:14:cc:4a:bb:
1c:ab:88:60:6e:73:d8:97:c1:4e:4d:3e:66:ec:19:dc:58:30:
07:7e:63:36:b7:2e:88:97:00:48:31:3e:1d:60:e9:eb:a7:de:
88:4f:d5:02:5b:85:b6:5e:3e:b0:25:7f:5f:c8:88:bc:f3:2e:
2e:0f:8d:5c:80:dc:a6:d4:3c:32:56:9c:10:81:fc:51:d6:1b:
18:b3:c7:e5:19:7c:6a:2f:8f:01:12:60:4f:f9:5d:08:2b:cf:
46:d1:43:52:1f:8d:b8:af:98:07:43:9c:0e:3d:10:8e:df:f5:
94:4b:82:6a:b6:29:07:19:ea:34:59:a6:3f:d3:33:b2:d1:31:
87:3a:0e:e3:70:6e:7a:84:41:8e:db:12:bd:b4:5c:31:1c:c4:
55:b2:9a:86:89:8b:dc:f9:0d:e8:d6:91:3a:4c:2a:ae:ee:cf:
41:3a:94:9f:51:f6:0a:95:0b:a4:f4:8c:b2:02:e0:7d:f5:0d:
42:9b:cd:6f:f5:5e:ee:40:85:c2:0d:d9:b0:f4:23:b8:36:29:
dc:20:da:c3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
MjM5NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM4OUJEQzVGM0UwQ0Uw
RkMxOEY5RDFCNDkxMTk1Q0FBRjQxOUQyMzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUuvYA5gUJUYOjR4pZ9FMfrZW3FdIS71cdGyR9SG57FgCyZL+q
UcoGXlz4qiKK3e8To96KbT2kpaaAl0ZTh9oW4AEgtWe525B5JkDJYXtaqDUA0/Oy
ArtlF9MY98iRZEuTDuKts2Pv4hekdTDjC03f3yw6SlFab0jfDf+B5B2kpQ9OW++3
i0tlrvpjt1s7xeKNNIHhVOjn19xa8KgcyxeuNdJHS9p9oI6w+hfARtTH/Mwi0PNM
vKSKOys/W+IPdRfYmDeo1npZU6HQl3rJaR2BKPvoj4hwgCxHjGiAEXsJ/FX8VnFX
jIdaUWZPP5HdeQ8Xq2rQlrJfFGNkCeY3dRIDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOJvcXz4M4PwY+dG0kRlcqvQZ0jkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PSnZjWHo0TTRQd1ktZEcw
a1JsY3F2UVowamsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKbcz9oHC/ACauD+KDB6MJyGgWj6I1cYU1tI
MHpHDRC0vK45GBOGnOB4lSRmm6RbWeWOFMxKuxyriGBuc9iXwU5NPmbsGdxYMAd+
Yza3LoiXAEgxPh1g6eun3ohP1QJbhbZePrAlf1/IiLzzLi4PjVyA3KbUPDJWnBCB
/FHWGxizx+UZfGovjwESYE/5XQgrz0bRQ1IfjbivmAdDnA49EI7f9ZRLgmq2KQcZ
6jRZpj/TM7LRMYc6DuNwbnqEQY7bEr20XDEcxFWymoaJi9z5DejWkTpMKq7uz0E6
lJ9R9gqVC6T0jLIC4H31DUKbzW/1Xu5AhcIN2bD0I7g2Kdwg2sM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:38:28 2025 by rpki-client