Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/X-1Dy0hhNAf3lXB6HYOapbX_FbM.roa
File: X-1Dy0hhNAf3lXB6HYOapbX_FbM.roa (raw, json)
Hash identifier: qHdn36CMqUChl180Vk2dMARX5TleuXRIM4/NfQk9HPM=
Subject key identifier: 5F:ED:43:CB:48:61:34:07:F7:95:70:7A:1D:83:9A:A5:B5:FF:15:B3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2082
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/X-1Dy0hhNAf3lXB6HYOapbX_FbM.roa
Signing time: Thu 19 Jun 2025 17:15:36 +0000
ROA not before: Thu 19 Jun 2025 17:15:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8322 (0x2082)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 17:15:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5FED43CB48613407F795707A1D839AA5B5FF15B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fe:f6:2b:94:f4:ac:3c:b4:73:da:d8:60:71:
62:8c:61:50:d7:61:0c:12:cf:a0:a6:9a:3b:d7:7c:
69:c4:01:b9:28:8b:5e:c1:92:00:90:44:9d:03:57:
6a:a6:fe:fc:cd:fa:aa:d7:36:83:c8:a2:72:81:81:
d4:c7:25:d2:88:f9:8a:f2:f6:92:1e:a1:e1:0a:f2:
53:43:36:66:52:59:78:76:f5:da:b7:7c:f1:9f:4a:
32:a1:85:e6:84:77:25:5c:dd:e3:0c:87:f6:fc:6d:
86:7d:e0:95:0e:4f:62:3c:80:ac:6d:23:e6:d6:21:
88:a3:50:84:27:f5:20:03:fb:5a:cd:52:90:81:61:
5c:55:72:82:4f:0b:0b:6c:08:cc:a3:16:af:91:5f:
a8:65:b0:4c:8c:a0:86:c5:0a:de:ea:a8:3e:3c:90:
2b:c0:0a:7d:e9:e5:44:82:3b:94:5e:95:d6:43:c6:
b9:58:93:0f:04:99:80:cc:18:ac:fa:a1:8c:1d:98:
1a:2d:c2:c8:b3:0e:59:2d:a4:48:fc:ea:44:d1:69:
82:9b:56:68:de:30:35:1e:d8:54:2f:c7:ae:87:d8:
73:c7:e6:e6:9c:50:76:60:68:83:02:1e:6f:d8:f9:
62:ea:71:0c:4f:3c:de:92:af:1a:fb:4b:59:6f:a2:
85:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:ED:43:CB:48:61:34:07:F7:95:70:7A:1D:83:9A:A5:B5:FF:15:B3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/X-1Dy0hhNAf3lXB6HYOapbX_FbM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
11:c6:5f:79:68:d7:d9:8d:ba:89:49:4c:f1:4a:da:4b:2c:03:
22:5b:c2:25:15:00:b6:d3:73:3f:72:ec:27:1b:d7:86:0c:5d:
93:36:c9:82:4b:25:70:44:d7:c4:1f:a2:1e:f8:1c:66:97:9b:
7e:b7:e6:90:12:e0:2a:f2:7d:8f:62:28:28:cc:d3:94:2b:c5:
24:ac:8d:cf:2e:9a:d1:82:3a:35:87:09:26:65:a9:9d:e3:e2:
fe:d5:08:e5:32:d4:4a:d4:bf:03:40:a1:4a:31:49:2c:b0:b0:
33:77:19:d4:af:fa:14:9a:05:29:4b:30:83:d5:33:08:88:e4:
56:c9:85:09:84:ff:ca:56:6a:5c:5f:e2:27:90:4a:d6:80:af:
98:2e:25:02:42:13:d5:63:d4:c0:17:ed:67:8d:da:f1:8c:4f:
76:4e:61:0d:6d:1d:86:ef:f0:2b:21:d8:1d:91:07:f0:bb:24:
66:9c:4f:99:3e:b4:58:37:b5:16:b8:50:4c:48:34:54:46:69:
06:6e:b0:49:c2:66:8b:9f:a9:4a:9a:0e:36:f1:10:96:06:9a:
ea:e1:49:fd:85:e1:ea:1b:da:f1:3e:f8:df:73:36:ec:5e:41:
64:31:6e:47:a8:3f:d2:a7:d5:8c:00:85:08:82:35:26:f1:f1:
89:92:c4:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIIIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
NzE1MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVGRUQ0M0NCNDg2MTM0
MDdGNzk1NzA3QTFEODM5QUE1QjVGRjE1QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr/vYrlPSsPLRz2thgcWKMYVDXYQwSz6CmmjvXfGnEAbkoi17B
kgCQRJ0DV2qm/vzN+qrXNoPIonKBgdTHJdKI+Yry9pIeoeEK8lNDNmZSWXh29dq3
fPGfSjKhheaEdyVc3eMMh/b8bYZ94JUOT2I8gKxtI+bWIYijUIQn9SAD+1rNUpCB
YVxVcoJPCwtsCMyjFq+RX6hlsEyMoIbFCt7qqD48kCvACn3p5USCO5ReldZDxrlY
kw8EmYDMGKz6oYwdmBotwsizDlktpEj86kTRaYKbVmjeMDUe2FQvx66H2HPH5uac
UHZgaIMCHm/Y+WLqcQxPPN6Srxr7S1lvooXpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUX+1Dy0hhNAf3lXB6HYOapbX/FbMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YLTFEeTBoaE5BZjNsWEI2
SFlPYXBiWF9GYk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABHGX3lo19mNuolJTPFK2kssAyJbwiUVALbT
cz9y7Ccb14YMXZM2yYJLJXBE18Qfoh74HGaXm3635pAS4CryfY9iKCjM05QrxSSs
jc8umtGCOjWHCSZlqZ3j4v7VCOUy1ErUvwNAoUoxSSywsDN3GdSv+hSaBSlLMIPV
MwiI5FbJhQmE/8pWalxf4ieQStaAr5guJQJCE9Vj1MAX7WeN2vGMT3ZOYQ1tHYbv
8Csh2B2RB/C7JGacT5k+tFg3tRa4UExINFRGaQZusEnCZoufqUqaDjbxEJYGmurh
Sf2F4eob2vE++N9zNuxeQWQxbkeoP9Kn1YwAhQiCNSbx8YmSxMU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:35 2025 by rpki-client