Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TxOMwyTwASvKq7y2RWt4b0KK8EE.roa
File: TxOMwyTwASvKq7y2RWt4b0KK8EE.roa (raw, json)
Hash identifier: KoT5LNE2mL/D9NI+RpvVZZZ5jfkcWyyzWdKAqeTpjNc=
Subject key identifier: 4F:13:8C:C3:24:F0:01:2B:CA:AB:BC:B6:45:6B:78:6F:42:8A:F0:41
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2406
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TxOMwyTwASvKq7y2RWt4b0KK8EE.roa
Signing time: Tue 24 Jun 2025 14:12:03 +0000
ROA not before: Tue 24 Jun 2025 14:12:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9222 (0x2406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 14:12:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4F138CC324F0012BCAABBCB6456B786F428AF041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e8:9b:f3:10:a6:40:40:02:c9:46:3f:38:64:
c3:41:93:fa:6f:2d:35:e5:20:70:ae:f7:a1:d2:4b:
43:c1:2b:a4:57:53:d4:93:c3:c0:e9:13:c0:06:99:
b4:20:6e:e3:02:61:07:43:e2:a5:37:94:90:e5:4d:
09:d9:1a:98:70:d4:11:de:cc:b3:e8:90:ff:36:a1:
a3:cf:1b:41:23:c8:20:b2:36:e9:d2:1f:14:d6:d7:
bb:4c:f3:36:95:88:df:00:d5:59:f5:90:89:f1:c0:
89:9b:41:14:98:36:c0:bc:64:32:d1:a5:9b:c6:a8:
59:45:69:79:0d:fd:eb:88:9a:0a:c2:38:1a:73:cd:
3d:fb:e3:89:06:d3:6c:14:54:35:94:50:78:40:25:
59:40:00:c2:a7:d4:fa:fe:a4:a7:5a:92:3e:d0:ed:
66:44:35:0b:95:13:e0:48:1e:91:b8:74:03:da:94:
ab:94:85:c6:0e:54:19:6a:5f:af:ff:3b:0a:6c:35:
e9:3d:bd:54:a3:95:79:26:bf:e2:e9:1d:15:67:27:
e9:4c:c3:66:70:67:aa:2e:e0:d1:c0:d2:52:b6:84:
00:c3:0b:0f:ac:88:88:ea:e3:c4:64:ae:49:d8:af:
fd:8e:c1:45:4d:d3:22:c3:f2:d4:54:24:f7:0c:ce:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:13:8C:C3:24:F0:01:2B:CA:AB:BC:B6:45:6B:78:6F:42:8A:F0:41
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TxOMwyTwASvKq7y2RWt4b0KK8EE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
84:71:f0:d6:34:7a:e3:6a:37:5d:97:43:ca:fe:00:87:62:bb:
04:1a:85:f1:5b:cf:7b:c1:98:5f:eb:0f:28:32:ba:8f:53:15:
40:92:f7:0b:8a:8f:6f:e2:07:15:3e:df:5e:35:d7:b0:3b:bc:
24:97:1c:67:17:96:90:49:2a:f0:6e:12:2f:e4:4b:63:48:4e:
7b:76:8f:52:3f:e6:53:a8:40:c9:44:75:1c:16:48:9d:f3:3a:
c0:a5:81:76:29:16:34:b9:5b:27:4c:1e:d1:c5:1c:49:8a:ab:
63:fa:4e:8c:9e:b5:cc:31:f2:39:36:70:2c:0a:d0:18:f8:f4:
d7:37:29:3f:47:c2:37:5b:38:0d:9d:fb:33:ee:07:c8:32:02:
d2:78:ce:40:8e:f7:c9:b7:d8:71:e2:33:77:d3:c5:68:5a:95:
3e:38:26:fa:8b:5f:ff:3e:e8:9a:9f:4d:4e:a3:33:9b:67:f6:
4e:a3:89:bf:bb:45:b7:26:56:28:c1:b0:e9:36:3b:e7:a4:00:
f9:06:af:ce:76:6c:03:4b:70:32:aa:18:3d:6a:5a:ba:0f:27:
79:24:d6:47:95:75:58:55:48:f5:0c:34:8d:60:e4:c1:07:e5:
7a:d9:85:e2:18:7b:00:16:6c:3d:e9:b3:39:e6:b1:26:66:ed:
7f:36:c8:f6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQx
NDEyMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRGMTM4Q0MzMjRGMDAx
MkJDQUFCQkNCNjQ1NkI3ODZGNDI4QUYwNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc6JvzEKZAQALJRj84ZMNBk/pvLTXlIHCu96HSS0PBK6RXU9ST
w8DpE8AGmbQgbuMCYQdD4qU3lJDlTQnZGphw1BHezLPokP82oaPPG0EjyCCyNunS
HxTW17tM8zaViN8A1Vn1kInxwImbQRSYNsC8ZDLRpZvGqFlFaXkN/euImgrCOBpz
zT3744kG02wUVDWUUHhAJVlAAMKn1Pr+pKdakj7Q7WZENQuVE+BIHpG4dAPalKuU
hcYOVBlqX6//OwpsNek9vVSjlXkmv+LpHRVnJ+lMw2ZwZ6ou4NHA0lK2hADDCw+s
iIjq48RkrknYr/2OwUVN0yLD8tRUJPcMznnDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTxOMwyTwASvKq7y2RWt4b0KK8EEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UeE9Nd3lUd0FTdktxN3ky
Uld0NGIwS0s4RUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIRx8NY0euNqN12XQ8r+AIdiuwQahfFbz3vB
mF/rDygyuo9TFUCS9wuKj2/iBxU+314117A7vCSXHGcXlpBJKvBuEi/kS2NITnt2
j1I/5lOoQMlEdRwWSJ3zOsClgXYpFjS5WydMHtHFHEmKq2P6Toyetcwx8jk2cCwK
0Bj49Nc3KT9HwjdbOA2d+zPuB8gyAtJ4zkCO98m32HHiM3fTxWhalT44JvqLX/8+
6JqfTU6jM5tn9k6jib+7RbcmVijBsOk2O+ekAPkGr852bANLcDKqGD1qWroPJ3kk
1keVdVhVSPUMNI1g5MEH5XrZheIYewAWbD3psznmsSZm7X82yPY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:08:02 2025 by rpki-client