Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/UVPy8J2lRgJZJr63y4LVgs3s7RU.roa
File: UVPy8J2lRgJZJr63y4LVgs3s7RU.roa (raw, json)
Hash identifier: 4hkNb1iCbjsu/5OihPA7NT7IzAJTc5Tmc0pPgXN096w=
Subject key identifier: 51:53:F2:F0:9D:A5:46:02:59:26:BE:B7:CB:82:D5:82:CD:EC:ED:15
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 23F2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UVPy8J2lRgJZJr63y4LVgs3s7RU.roa
Signing time: Tue 24 Jun 2025 11:41:59 +0000
ROA not before: Tue 24 Jun 2025 11:41:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9202 (0x23f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 11:41:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5153F2F09DA546025926BEB7CB82D582CDECED15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:de:75:13:ef:ee:a7:af:d8:a9:25:55:e5:a4:
ba:5a:f2:84:47:e0:36:99:65:51:eb:18:5b:07:c1:
2a:7a:c3:3f:5f:35:4e:26:5e:13:aa:50:70:cd:c2:
04:7b:d6:d8:77:ba:98:2f:e4:9f:12:ea:1c:a3:d5:
7f:4d:f8:ed:f4:4c:1f:d0:dd:49:93:3f:05:fd:d9:
f9:9a:a9:38:70:0c:af:8e:d4:17:9a:c4:d4:1e:e3:
2c:6d:49:6a:6f:4b:69:e1:93:3e:c1:40:eb:af:40:
79:33:11:a8:15:95:09:a2:0e:1a:1a:01:f6:23:e9:
86:50:34:b6:9f:57:7d:75:7c:db:f8:c1:98:4f:4d:
6a:6c:13:98:7b:2c:d5:da:f0:26:a9:ff:e9:83:6c:
50:b8:3b:b7:a7:cb:c9:51:bd:93:43:39:2b:f5:ea:
aa:8f:3a:f2:0f:fd:8c:85:61:84:7f:0d:a7:55:2e:
52:f5:80:34:8a:89:19:d9:0a:86:1b:3e:61:eb:2e:
32:4b:5a:56:1f:41:23:c3:e3:d6:d1:17:da:74:e8:
61:ff:e4:6d:51:64:92:93:b4:fd:77:2e:4f:90:f4:
db:a2:21:56:00:1c:33:3f:f5:46:4a:01:55:98:a7:
dd:a2:d6:0f:ad:a3:f5:cd:46:4a:ff:5a:e0:92:ab:
bb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:53:F2:F0:9D:A5:46:02:59:26:BE:B7:CB:82:D5:82:CD:EC:ED:15
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UVPy8J2lRgJZJr63y4LVgs3s7RU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:33:99:e9:88:4a:71:e1:69:83:c0:9f:d5:c5:d4:1e:41:08:
0b:45:c0:14:15:0a:5c:92:45:d8:72:1f:b5:f2:85:9b:b2:a8:
43:47:11:48:82:5f:06:a7:ac:39:50:32:6a:2a:97:f5:29:a7:
be:40:b1:9c:eb:5a:9d:90:e1:f0:53:66:9e:c3:69:d8:b6:7e:
58:f6:3c:80:dd:33:d1:ea:06:80:a0:97:29:32:46:49:0b:07:
2a:05:62:9b:34:8e:86:e2:b4:dd:34:e2:a3:ba:bb:83:4d:30:
08:f8:19:6b:61:e2:6d:bc:cc:32:15:3a:55:8d:55:62:04:c0:
5b:9d:56:3f:e1:64:0d:c3:5d:95:0b:05:1d:df:43:1c:5b:a5:
bb:b6:2f:48:9c:e4:ba:61:ad:ff:b5:a6:f0:d6:5f:71:38:85:
5c:81:22:98:90:3d:7a:89:ca:af:61:82:e5:a1:e9:d6:1c:22:
0a:36:ac:d8:fc:71:62:d7:a0:ce:e9:df:20:4a:84:cd:1a:47:
24:1d:55:50:a9:ec:bd:07:00:57:9a:6a:5a:7d:61:0c:18:1e:
cf:42:46:b3:ee:8e:8a:11:0b:fd:f8:c3:a6:d2:f7:22:17:3e:
3a:f9:8f:99:68:05:e3:61:f3:72:89:3b:5a:57:17:b7:a5:1b:
21:12:f9:d4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQx
MTQxNTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUxNTNGMkYwOURBNTQ2
MDI1OTI2QkVCN0NCODJENTgyQ0RFQ0VEMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD73nUT7+6nr9ipJVXlpLpa8oRH4DaZZVHrGFsHwSp6wz9fNU4m
XhOqUHDNwgR71th3upgv5J8S6hyj1X9N+O30TB/Q3UmTPwX92fmaqThwDK+O1Bea
xNQe4yxtSWpvS2nhkz7BQOuvQHkzEagVlQmiDhoaAfYj6YZQNLafV311fNv4wZhP
TWpsE5h7LNXa8Cap/+mDbFC4O7eny8lRvZNDOSv16qqPOvIP/YyFYYR/DadVLlL1
gDSKiRnZCoYbPmHrLjJLWlYfQSPD49bRF9p06GH/5G1RZJKTtP13Lk+Q9NuiIVYA
HDM/9UZKAVWYp92i1g+to/XNRkr/WuCSq7thAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUVPy8J2lRgJZJr63y4LVgs3s7RUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9VVlB5OEoybFJnSlpKcjYz
eTRMVmdzM3M3UlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE8zmemISnHhaYPAn9XF1B5BCAtFwBQVClyS
RdhyH7XyhZuyqENHEUiCXwanrDlQMmoql/Upp75AsZzrWp2Q4fBTZp7Dadi2flj2
PIDdM9HqBoCglykyRkkLByoFYps0jobitN004qO6u4NNMAj4GWth4m28zDIVOlWN
VWIEwFudVj/hZA3DXZULBR3fQxxbpbu2L0ic5Lphrf+1pvDWX3E4hVyBIpiQPXqJ
yq9hguWh6dYcIgo2rNj8cWLXoM7p3yBKhM0aRyQdVVCp7L0HAFeaalp9YQwYHs9C
RrPujooRC/34w6bS9yIXPjr5j5loBeNh83KJO1pXF7elGyES+dQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:26:17 2025 by rpki-client