Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XMPcYg-M5qP4bqKlB-hi28IaY9g.roa
File: XMPcYg-M5qP4bqKlB-hi28IaY9g.roa (raw, json)
Hash identifier: C30KmHf0zfZkTdYc7V3H+vy2ryUOArrHqClMbNNKwCg=
Subject key identifier: 5C:C3:DC:62:0F:8C:E6:A3:F8:6E:A2:A5:07:E8:62:DB:C2:1A:63:D8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EEA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XMPcYg-M5qP4bqKlB-hi28IaY9g.roa
Signing time: Tue 17 Jun 2025 07:10:03 +0000
ROA not before: Tue 17 Jun 2025 07:10:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7914 (0x1eea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 07:10:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5CC3DC620F8CE6A3F86EA2A507E862DBC21A63D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:50:b8:16:1b:45:b3:29:f5:94:8d:d4:ac:ef:
10:65:7d:e6:79:9e:22:1d:16:71:0c:c2:45:c8:b9:
36:28:f4:ee:95:33:01:ab:0b:ad:ac:6d:cc:2e:7d:
4f:b6:91:61:ee:6a:36:66:9c:e3:24:5e:22:6a:3b:
97:64:97:d8:cb:46:f1:5a:65:87:5c:12:32:7c:7e:
57:e2:51:c8:9c:04:11:43:da:27:16:6a:ab:eb:5e:
bc:16:40:95:1c:3a:3c:57:b6:71:85:51:f2:34:9c:
72:f4:ce:a5:28:41:53:52:de:a8:6c:94:75:72:a1:
cd:25:fe:8e:6b:7f:16:5b:ca:38:95:e2:ee:84:8f:
62:6e:be:55:30:06:00:b9:df:6a:36:af:56:2a:e6:
a7:ab:16:93:b8:62:c3:d8:56:1b:1e:c6:3c:3a:a1:
67:96:6d:38:51:08:46:e2:af:10:4e:49:3b:1a:99:
19:15:21:47:42:43:b0:2a:df:fb:37:43:13:65:8e:
14:59:c6:c8:c3:a1:29:b4:30:ad:72:5a:a7:81:cf:
e2:31:1c:ad:6b:ce:75:b9:4b:07:52:fd:d2:d5:1f:
1e:69:f7:40:4b:e2:55:ec:bc:a7:19:d3:60:e3:52:
36:02:b1:cf:ed:14:a4:03:33:45:15:20:49:1b:3b:
05:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C3:DC:62:0F:8C:E6:A3:F8:6E:A2:A5:07:E8:62:DB:C2:1A:63:D8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XMPcYg-M5qP4bqKlB-hi28IaY9g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:06:28:7d:c9:4c:73:57:9b:de:dc:ee:5a:7c:f2:ac:de:f1:
0f:5a:cc:6e:9a:a3:22:9b:fc:47:7d:ec:7a:b3:af:e4:83:09:
8c:c0:1c:7a:9c:93:92:29:14:c5:90:d5:6c:7e:1e:97:f8:21:
aa:2f:8b:40:d3:17:19:62:a2:ff:99:9b:77:49:60:06:97:dc:
10:3c:f0:d2:12:b3:ab:50:6f:fc:3e:f3:5c:8c:d5:f5:a6:e7:
39:57:29:2b:a4:13:50:ee:d3:34:28:09:48:cf:ef:e6:14:7d:
2e:d5:14:96:be:3b:66:91:ba:a9:a7:5a:bf:db:2e:a2:8c:ae:
3f:42:a7:8f:e8:e0:6c:fc:59:8b:f0:9a:0e:09:69:64:f2:49:
4b:6e:10:52:6b:2b:10:e5:35:b9:45:b0:b9:cb:df:0f:f0:91:
e3:57:4d:1f:19:c6:54:4b:41:c2:f6:9e:76:f2:05:37:55:18:
dd:00:02:4a:ae:b1:a5:55:f2:a0:84:94:89:0c:d7:f4:04:10:
f1:89:f4:e5:06:14:8d:4f:38:6c:45:17:75:08:c7:b4:65:be:
dd:c6:f2:95:cc:db:06:8d:e7:77:9a:0b:a6:76:c9:1d:11:64:
14:69:5b:b9:81:2e:87:c8:05:39:21:a0:ab:4f:67:70:15:2f:
63:5d:50:43
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
NzEwMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVDQzNEQzYyMEY4Q0U2
QTNGODZFQTJBNTA3RTg2MkRCQzIxQTYzRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3ULgWG0WzKfWUjdSs7xBlfeZ5niIdFnEMwkXIuTYo9O6VMwGr
C62sbcwufU+2kWHuajZmnOMkXiJqO5dkl9jLRvFaZYdcEjJ8flfiUcicBBFD2icW
aqvrXrwWQJUcOjxXtnGFUfI0nHL0zqUoQVNS3qhslHVyoc0l/o5rfxZbyjiV4u6E
j2JuvlUwBgC532o2r1Yq5qerFpO4YsPYVhsexjw6oWeWbThRCEbirxBOSTsamRkV
IUdCQ7Aq3/s3QxNljhRZxsjDoSm0MK1yWqeBz+IxHK1rznW5SwdS/dLVHx5p90BL
4lXsvKcZ02DjUjYCsc/tFKQDM0UVIEkbOwXRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXMPcYg+M5qP4bqKlB+hi28IaY9gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YTVBjWWctTTVxUDRicUts
Qi1oaTI4SWFZOWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGsGKH3JTHNXm97c7lp88qze8Q9azG6aoyKb
/Ed97Hqzr+SDCYzAHHqck5IpFMWQ1Wx+Hpf4Iaovi0DTFxliov+Zm3dJYAaX3BA8
8NISs6tQb/w+81yM1fWm5zlXKSukE1Du0zQoCUjP7+YUfS7VFJa+O2aRuqmnWr/b
LqKMrj9Cp4/o4Gz8WYvwmg4JaWTySUtuEFJrKxDlNblFsLnL3w/wkeNXTR8ZxlRL
QcL2nnbyBTdVGN0AAkqusaVV8qCElIkM1/QEEPGJ9OUGFI1POGxFF3UIx7Rlvt3G
8pXM2waN53eaC6Z2yR0RZBRpW7mBLofIBTkhoKtPZ3AVL2NdUEM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:31 2025 by rpki-client