Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/UF6s2daFc8Mt4SZwyP7Vhd-x7j0.roa
File: UF6s2daFc8Mt4SZwyP7Vhd-x7j0.roa (raw, json)
Hash identifier: nZaxR1K7rNzbRjv6cFh7M5vA4YQEqX14d6CGFLEjkNI=
Subject key identifier: 50:5E:AC:D9:D6:85:73:C3:2D:E1:26:70:C8:FE:D5:85:DF:B1:EE:3D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F72
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UF6s2daFc8Mt4SZwyP7Vhd-x7j0.roa
Signing time: Wed 18 Jun 2025 00:10:04 +0000
ROA not before: Wed 18 Jun 2025 00:10:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8050 (0x1f72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 00:10:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=505EACD9D68573C32DE12670C8FED585DFB1EE3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c0:b4:2a:52:78:ce:a0:66:5e:ec:5b:14:30:
7d:55:a9:5c:28:bb:45:3c:9d:32:14:71:b8:37:81:
98:c0:53:91:4b:06:1e:a4:22:62:93:8d:7f:71:b8:
7a:b4:f1:27:55:7b:48:4c:d7:45:e3:fa:f5:fd:e4:
1e:32:35:1e:d7:c8:e4:66:25:a3:11:68:69:a0:44:
a8:25:b4:d1:8b:a1:58:60:12:b5:12:de:5f:16:8c:
77:e5:5b:90:e9:40:1d:f1:15:12:62:18:c4:40:73:
f4:c1:bd:2f:44:58:ed:94:b4:5e:d2:81:0d:f7:a9:
a3:09:4e:5d:1d:2c:0b:5a:b1:de:09:41:6f:2b:52:
a7:da:66:87:56:ae:e9:21:30:67:12:dc:91:d0:f0:
28:8c:0b:a3:1c:58:21:02:25:9e:0c:18:b6:41:50:
03:70:f8:1c:6a:60:48:9d:ce:ec:a9:5b:d0:12:58:
17:16:62:11:2d:68:82:1f:6a:34:96:8b:1d:60:bc:
9e:4e:ed:20:b4:56:1e:f1:13:17:da:c7:e5:72:5e:
6a:53:33:96:07:f2:d7:10:8e:ab:14:34:ca:dc:3c:
2b:b2:68:42:70:64:d9:e5:e4:f3:ed:d7:bf:59:e6:
77:9f:22:83:83:b8:b7:b1:48:92:b6:1c:08:e3:b0:
c5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5E:AC:D9:D6:85:73:C3:2D:E1:26:70:C8:FE:D5:85:DF:B1:EE:3D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UF6s2daFc8Mt4SZwyP7Vhd-x7j0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:8d:49:bb:31:3e:24:44:c7:9e:7b:bc:04:b6:28:d8:e6:27:
7f:b9:f6:9a:99:91:99:a0:64:27:26:ce:97:6a:52:85:79:97:
09:1f:52:49:23:08:e5:84:f6:0d:84:b5:05:55:b1:a0:0e:31:
15:a4:ce:58:9d:16:49:d6:8c:24:06:42:8b:4f:c9:4a:44:7f:
ac:7c:6e:79:d7:d5:61:56:61:a2:3b:13:8d:97:a1:f1:b6:4e:
33:3a:1d:41:1a:b1:bb:d6:c7:d8:3a:7d:43:4c:8c:06:09:df:
a5:a8:b2:03:88:9f:6e:29:69:1a:00:8c:01:91:97:eb:fc:12:
f1:7e:e8:60:5c:83:37:57:c2:a7:61:19:44:85:0d:5c:8e:57:
af:39:b1:40:69:c6:f9:d6:a0:e0:42:6b:76:29:34:2e:ff:22:
84:74:df:4e:4e:32:ec:43:b7:32:17:5a:25:98:0a:ec:e3:07:
93:2d:79:8a:ff:99:40:71:bd:66:d4:b3:79:80:06:86:12:3e:
05:5c:f6:ee:83:54:87:72:8e:aa:c6:e7:ba:d7:59:ed:7f:e8:
1f:29:39:80:4a:11:0d:d7:d5:5e:c5:ab:b4:19:88:ab:bd:e7:
8b:0d:54:b8:fe:46:a8:a1:73:48:5f:59:ad:bc:2a:10:82:18:
8b:1b:10:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgw
MDEwMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUwNUVBQ0Q5RDY4NTcz
QzMyREUxMjY3MEM4RkVENTg1REZCMUVFM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0wLQqUnjOoGZe7FsUMH1VqVwou0U8nTIUcbg3gZjAU5FLBh6k
ImKTjX9xuHq08SdVe0hM10Xj+vX95B4yNR7XyORmJaMRaGmgRKgltNGLoVhgErUS
3l8WjHflW5DpQB3xFRJiGMRAc/TBvS9EWO2UtF7SgQ33qaMJTl0dLAtasd4JQW8r
UqfaZodWrukhMGcS3JHQ8CiMC6McWCECJZ4MGLZBUANw+BxqYEidzuypW9ASWBcW
YhEtaIIfajSWix1gvJ5O7SC0Vh7xExfax+VyXmpTM5YH8tcQjqsUNMrcPCuyaEJw
ZNnl5PPt179Z5nefIoODuLexSJK2HAjjsMWpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUF6s2daFc8Mt4SZwyP7Vhd+x7j0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VRjZzMmRhRmM4TXQ0U1p3
eVA3VmhkLXg3ajAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGGNSbsxPiREx557vAS2KNjmJ3+59pqZkZmg
ZCcmzpdqUoV5lwkfUkkjCOWE9g2EtQVVsaAOMRWkzlidFknWjCQGQotPyUpEf6x8
bnnX1WFWYaI7E42XofG2TjM6HUEasbvWx9g6fUNMjAYJ36WosgOIn24paRoAjAGR
l+v8EvF+6GBcgzdXwqdhGUSFDVyOV685sUBpxvnWoOBCa3YpNC7/IoR0305OMuxD
tzIXWiWYCuzjB5MteYr/mUBxvWbUs3mABoYSPgVc9u6DVIdyjqrG57rXWe1/6B8p
OYBKEQ3X1V7Fq7QZiKu954sNVLj+Rqihc0hfWa28KhCCGIsbECw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:24:03 2025 by rpki-client