Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Zf1mceupG4j9WSCsTeskbJ7RtbY.roa
File: Zf1mceupG4j9WSCsTeskbJ7RtbY.roa (raw, json)
Hash identifier: 5s1ir0JgYjWgUEuHKJQzHDB0pPi4jpOFPFH0N+SWP6k=
Subject key identifier: 65:FD:66:71:EB:A9:1B:88:FD:59:20:AC:4D:EB:24:6C:9E:D1:B5:B6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DAA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Zf1mceupG4j9WSCsTeskbJ7RtbY.roa
Signing time: Sun 25 May 2025 07:08:37 +0000
ROA not before: Sun 25 May 2025 07:08:37 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3498 (0xdaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 07:08:37 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=65FD6671EBA91B88FD5920AC4DEB246C9ED1B5B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:46:e8:df:bc:f8:07:b4:09:aa:f3:00:c1:71:
72:c1:a9:46:99:15:17:59:49:ca:e0:ba:b8:d9:80:
e5:dd:5a:21:3b:7e:24:d4:18:81:56:87:17:09:ed:
7c:30:f4:7e:4d:e3:02:3b:50:a5:b7:d4:23:5e:8e:
31:39:f5:d5:f8:ff:e7:47:e4:6c:27:a7:1e:7a:e0:
1a:de:17:8d:9d:14:df:f8:23:87:7b:f5:88:b1:1f:
7c:41:9a:8c:ab:c0:74:9c:64:57:ed:35:03:c6:7a:
d3:ae:37:ff:42:c2:09:c6:d0:78:24:b2:88:37:2b:
9c:d6:1b:4f:6f:4a:c4:16:b5:d3:52:48:3a:86:09:
24:06:f3:7f:97:26:3c:49:39:1e:f2:a7:07:54:f2:
8a:dc:33:c8:4d:cf:00:f0:72:fe:39:5d:ad:05:76:
f7:7d:00:27:db:17:18:c6:bb:96:fe:b5:b3:81:d2:
d8:f4:69:19:ad:23:c3:cf:94:58:bc:eb:73:0d:6c:
97:6a:a7:d5:31:c5:85:ea:28:3c:e0:1d:dc:83:8e:
4c:77:8e:af:62:02:a8:87:5f:88:a6:1f:aa:c4:eb:
0e:72:d0:7e:11:76:9d:fd:07:64:80:72:40:96:51:
25:c1:c1:ad:25:d1:aa:5b:9c:fb:65:10:a3:12:7d:
0b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FD:66:71:EB:A9:1B:88:FD:59:20:AC:4D:EB:24:6C:9E:D1:B5:B6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Zf1mceupG4j9WSCsTeskbJ7RtbY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:22:cb:ce:aa:1b:fb:0d:c9:2d:ae:a4:77:60:d1:97:f1:30:
57:00:34:79:a7:19:07:e9:97:98:54:09:3b:a4:84:ab:35:ee:
e6:86:b9:49:70:6e:54:cf:d3:c1:a7:b2:06:1d:15:d9:b8:f8:
dc:f4:c2:59:f7:eb:3c:15:6b:0d:f4:d9:e9:5a:52:d8:7c:c8:
34:28:bf:7c:66:3a:c4:a9:30:60:96:bd:fe:10:1d:b1:44:77:
db:0c:13:aa:50:09:aa:c8:76:73:12:03:43:af:2a:3d:f4:ce:
56:0b:4b:81:0e:2b:73:8a:2e:f4:88:24:60:66:b6:25:62:3e:
8b:40:c0:fb:29:27:10:8a:aa:d8:7f:ff:2b:93:ed:3a:a3:5c:
a5:e0:65:5c:f2:65:c6:60:8b:bb:55:63:62:16:65:49:a7:b7:
22:f8:4f:e9:80:10:49:f4:e5:78:67:51:9d:b4:67:9a:f7:90:
8c:6d:3d:2d:da:a2:7c:ca:61:d9:68:95:63:ae:9a:38:ae:d4:
ad:03:9a:3c:7b:dd:a6:fe:89:fa:11:27:e5:34:6f:4f:58:c8:
3b:30:15:e0:f2:a2:f9:ea:65:8d:de:46:d8:29:f0:ae:b8:3a:
ce:e7:01:e6:b9:2d:25:62:bd:42:ad:0c:46:d3:1c:57:d7:95:
43:d9:e0:b0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
NzA4MzdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY1RkQ2NjcxRUJBOTFC
ODhGRDU5MjBBQzRERUIyNDZDOUVEMUI1QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDARujfvPgHtAmq8wDBcXLBqUaZFRdZScrgurjZgOXdWiE7fiTU
GIFWhxcJ7Xww9H5N4wI7UKW31CNejjE59dX4/+dH5Gwnpx564BreF42dFN/4I4d7
9YixH3xBmoyrwHScZFftNQPGetOuN/9CwgnG0Hgksog3K5zWG09vSsQWtdNSSDqG
CSQG83+XJjxJOR7ypwdU8orcM8hNzwDwcv45Xa0Fdvd9ACfbFxjGu5b+tbOB0tj0
aRmtI8PPlFi863MNbJdqp9UxxYXqKDzgHdyDjkx3jq9iAqiHX4imH6rE6w5y0H4R
dp39B2SAckCWUSXBwa0l0apbnPtlEKMSfQuXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZf1mceupG4j9WSCsTeskbJ7RtbYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aZjFtY2V1cEc0ajlXU0Nz
VGVza2JKN1J0Ylkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGsiy86qG/sNyS2upHdg0ZfxMFcANHmnGQfp
l5hUCTukhKs17uaGuUlwblTP08GnsgYdFdm4+Nz0wln36zwVaw302elaUth8yDQo
v3xmOsSpMGCWvf4QHbFEd9sME6pQCarIdnMSA0OvKj30zlYLS4EOK3OKLvSIJGBm
tiViPotAwPspJxCKqth//yuT7TqjXKXgZVzyZcZgi7tVY2IWZUmntyL4T+mAEEn0
5XhnUZ20Z5r3kIxtPS3aonzKYdlolWOumjiu1K0Dmjx73ab+ifoRJ+U0b09YyDsw
FeDyovnqZY3eRtgp8K64Os7nAea5LSVivUKtDEbTHFfXlUPZ4LA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:01:57 2025 by rpki-client