Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ZdXtSwKyu6FIIpTD8JxcG6uruug.roa
File: ZdXtSwKyu6FIIpTD8JxcG6uruug.roa (raw, json)
Hash identifier: exB0FCbK25Lp6qRJM0FQVpmHWMNEiEHaU1LkaDdp/k4=
Subject key identifier: 65:D5:ED:4B:02:B2:BB:A1:48:22:94:C3:F0:9C:5C:1B:AB:AB:BA:E8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2336
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZdXtSwKyu6FIIpTD8JxcG6uruug.roa
Signing time: Mon 23 Jun 2025 12:11:55 +0000
ROA not before: Mon 23 Jun 2025 12:11:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9014 (0x2336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 12:11:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=65D5ED4B02B2BBA1482294C3F09C5C1BABABBAE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:98:40:06:38:85:1d:1a:22:54:67:19:8d:d1:
1c:3c:90:b0:e2:62:3d:2c:69:b3:46:40:62:06:41:
79:ac:fd:7d:14:ca:52:70:0c:5a:b1:63:44:5f:8e:
83:38:2b:31:b9:b7:23:16:9e:1d:0a:5c:e5:0c:da:
92:69:6a:5e:76:2e:1c:b3:89:5b:61:ad:f4:d7:43:
96:e3:5b:01:00:28:0a:0c:68:a3:80:df:07:cb:3d:
0a:10:37:52:84:9c:64:bc:6c:e5:68:5f:e0:46:0c:
64:94:e7:ee:fa:96:b6:76:ce:b7:bf:9a:ef:22:cf:
84:c7:86:f2:a6:c8:9d:3e:27:a7:f0:33:22:cc:71:
b3:d2:b8:ea:2f:3a:f0:8c:f9:b5:f9:a6:39:79:40:
38:a0:08:2e:bc:8e:ed:a3:79:48:64:9c:5a:a3:8d:
19:32:42:11:c7:b6:f1:26:16:80:24:73:e3:6d:4a:
3d:87:18:05:f7:73:e0:68:68:72:4e:2e:0b:fc:4c:
a5:07:c1:4d:c1:c3:3c:01:7a:f2:31:ce:8f:79:c6:
80:15:dc:98:c3:40:4a:ad:e2:95:ee:b1:25:b4:bd:
87:e5:90:de:bb:5c:7f:ad:6b:93:ad:fa:80:69:55:
4d:31:f0:43:56:cb:d6:e9:07:55:37:34:a5:c5:e0:
18:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D5:ED:4B:02:B2:BB:A1:48:22:94:C3:F0:9C:5C:1B:AB:AB:BA:E8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZdXtSwKyu6FIIpTD8JxcG6uruug.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:e2:ff:bf:60:36:96:24:cc:36:d9:86:ca:29:fa:2e:1e:69:
1a:ee:7a:2f:1d:1b:f3:8f:12:84:22:37:5d:6a:cb:47:99:4b:
cc:ad:80:a6:a3:ba:e5:be:33:56:33:43:fb:5f:a9:52:d8:2e:
e5:45:82:4d:a4:64:b8:27:98:5c:a9:95:d9:ef:45:46:33:50:
ae:ec:cf:1e:9b:6a:ec:c9:0a:9c:0d:a3:84:8d:57:4f:b0:90:
95:7e:42:2b:57:69:8c:c4:ea:9b:bf:28:3b:89:2a:15:25:bc:
b4:0e:3f:da:4f:61:c8:a3:9a:9b:fa:9d:05:44:f2:9b:72:c9:
3b:e7:39:c0:bf:20:f1:e1:4a:b7:57:fe:92:9b:ef:59:25:32:
93:66:5d:63:72:9d:2c:3a:66:6e:da:f9:c4:39:c5:39:88:c3:
45:38:d7:50:c7:1d:6b:18:f8:43:db:ce:a6:83:da:73:aa:61:
57:38:2f:f7:19:06:aa:13:9b:28:61:f9:ac:5f:ac:b3:0b:dc:
83:2b:8d:aa:6e:39:4b:78:aa:02:63:23:9c:38:0f:18:c1:c1:
be:ed:d6:a4:01:9d:02:05:74:fa:4d:51:a8:35:35:9b:d1:b4:
83:46:40:ea:f8:c0:45:8d:b8:27:63:2c:a2:37:33:28:f0:31:
dd:ee:6d:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMx
MjExNTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY1RDVFRDRCMDJCMkJC
QTE0ODIyOTRDM0YwOUM1QzFCQUJBQkJBRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwmEAGOIUdGiJUZxmN0Rw8kLDiYj0sabNGQGIGQXms/X0UylJw
DFqxY0RfjoM4KzG5tyMWnh0KXOUM2pJpal52LhyziVthrfTXQ5bjWwEAKAoMaKOA
3wfLPQoQN1KEnGS8bOVoX+BGDGSU5+76lrZ2zre/mu8iz4THhvKmyJ0+J6fwMyLM
cbPSuOovOvCM+bX5pjl5QDigCC68ju2jeUhknFqjjRkyQhHHtvEmFoAkc+NtSj2H
GAX3c+BoaHJOLgv8TKUHwU3BwzwBevIxzo95xoAV3JjDQEqt4pXusSW0vYflkN67
XH+ta5Ot+oBpVU0x8ENWy9bpB1U3NKXF4BiFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZdXtSwKyu6FIIpTD8JxcG6uruugwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aZFh0U3dLeXU2RklJcFRE
OEp4Y0c2dXJ1dWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGPi/79gNpYkzDbZhsop+i4eaRruei8dG/OP
EoQiN11qy0eZS8ytgKajuuW+M1YzQ/tfqVLYLuVFgk2kZLgnmFypldnvRUYzUK7s
zx6bauzJCpwNo4SNV0+wkJV+QitXaYzE6pu/KDuJKhUlvLQOP9pPYcijmpv6nQVE
8ptyyTvnOcC/IPHhSrdX/pKb71klMpNmXWNynSw6Zm7a+cQ5xTmIw0U411DHHWsY
+EPbzqaD2nOqYVc4L/cZBqoTmyhh+axfrLML3IMrjapuOUt4qgJjI5w4DxjBwb7t
1qQBnQIFdPpNUag1NZvRtINGQOr4wEWNuCdjLKI3MyjwMd3ubUI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:37:41 2025 by rpki-client