Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_AOcnp5Yr-riP7CjMzpWOvfU2sY.roa
File: _AOcnp5Yr-riP7CjMzpWOvfU2sY.roa (raw, json)
Hash identifier: 4p3c6u3CNN+t5HeVa+72UfBZCkeZaiEkkHhe9oLHMLg=
Subject key identifier: FC:03:9C:9E:9E:58:AF:EA:E2:3F:B0:A3:33:3A:56:3A:F7:D4:DA:C6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EB2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_AOcnp5Yr-riP7CjMzpWOvfU2sY.roa
Signing time: Tue 17 Jun 2025 00:34:12 +0000
ROA not before: Tue 17 Jun 2025 00:34:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7858 (0x1eb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 00:34:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FC039C9E9E58AFEAE23FB0A3333A563AF7D4DAC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6a:10:d4:0f:40:fe:7d:2a:bd:ca:62:9b:18:
e5:47:b7:f1:f4:0f:4a:06:f7:50:a9:7a:61:38:ac:
fd:cf:da:74:fd:f0:8f:26:93:b4:9a:a0:0a:19:19:
6c:61:6e:eb:55:4a:1a:56:d9:6c:53:28:99:59:d7:
a6:f0:72:aa:a0:1a:60:02:fa:3f:09:a6:b7:d6:b1:
06:a4:73:a3:7a:2a:bc:06:83:7b:b5:06:0f:72:cb:
de:fa:fb:72:c8:27:62:39:80:0c:49:1d:13:b9:62:
b1:fa:24:0d:86:44:d7:90:57:d0:b3:de:3b:35:1c:
ef:ea:cd:b4:3a:1b:16:02:21:26:fc:44:51:39:dc:
a2:ea:e2:19:a3:14:d7:cf:8d:54:5b:d2:bd:a7:e3:
7d:35:1e:f6:ff:e0:3e:88:c2:42:35:8e:f1:33:3a:
b6:53:9a:de:1e:5a:70:16:66:fd:8d:24:57:1a:f1:
68:cc:96:c8:d0:c3:13:85:39:b2:39:00:51:13:89:
bf:79:3d:80:b3:00:7a:f0:50:f1:90:69:9b:fd:b4:
ef:87:36:f8:e7:ff:6a:f9:8f:b8:44:5f:b4:b1:c4:
56:2b:5f:94:83:2b:c2:f9:23:c8:e9:3a:6b:a6:4a:
22:e0:15:86:bb:a5:41:e7:ad:06:92:c6:4d:c9:cf:
14:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:03:9C:9E:9E:58:AF:EA:E2:3F:B0:A3:33:3A:56:3A:F7:D4:DA:C6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_AOcnp5Yr-riP7CjMzpWOvfU2sY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:a0:a4:c2:0b:cd:ee:20:33:47:75:74:e4:34:3d:14:d2:e2:
f7:1a:2b:da:c2:d7:49:48:8d:34:18:92:10:59:63:92:61:03:
3d:a5:48:ab:9f:0d:6c:43:bf:5a:ad:35:da:09:fc:7a:5e:9b:
14:f6:4f:52:e5:2c:49:26:22:bd:21:6e:c5:74:76:7e:75:b8:
bb:e9:5f:99:90:27:d0:ca:7e:60:a9:ab:79:6f:66:c6:2f:2f:
d4:60:c0:99:a3:7b:dc:ab:21:3d:07:5c:93:f7:ad:32:13:30:
94:bd:61:20:12:ad:8e:bb:4b:db:ed:ed:d1:28:d6:45:23:3c:
25:b6:fd:9b:df:02:01:69:cc:65:b1:6d:34:57:b8:1e:d0:d3:
b7:b6:87:cb:34:ae:f2:f3:98:1e:14:e4:2a:b9:05:75:08:2e:
45:2a:7c:82:4f:d9:93:1b:b4:b6:c9:8b:08:d4:f1:a7:37:14:
80:06:b3:c8:0e:02:97:d4:40:ba:84:90:61:c2:27:64:51:79:
ee:40:8a:b1:7d:29:a9:98:4f:61:e0:90:5a:d9:0c:ce:41:a4:
bc:0b:2a:9b:af:92:dd:15:78:5e:26:63:0e:ab:d7:85:c2:d0:
3c:f6:32:cc:8c:a8:1b:ee:48:56:e8:b0:61:f1:14:38:99:4b:
dc:6b:bb:d0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHrIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
MDM0MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZDMDM5QzlFOUU1OEFG
RUFFMjNGQjBBMzMzM0E1NjNBRjdENERBQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0ahDUD0D+fSq9ymKbGOVHt/H0D0oG91CpemE4rP3P2nT98I8m
k7SaoAoZGWxhbutVShpW2WxTKJlZ16bwcqqgGmAC+j8JprfWsQakc6N6KrwGg3u1
Bg9yy976+3LIJ2I5gAxJHRO5YrH6JA2GRNeQV9Cz3js1HO/qzbQ6GxYCISb8RFE5
3KLq4hmjFNfPjVRb0r2n4301Hvb/4D6IwkI1jvEzOrZTmt4eWnAWZv2NJFca8WjM
lsjQwxOFObI5AFETib95PYCzAHrwUPGQaZv9tO+HNvjn/2r5j7hEX7SxxFYrX5SD
K8L5I8jpOmumSiLgFYa7pUHnrQaSxk3JzxRnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/AOcnp5Yr+riP7CjMzpWOvfU2sYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fQU9jbnA1WXItcmlQN0Nq
TXpwV092ZlUyc1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEKgpMILze4gM0d1dOQ0PRTS4vcaK9rC10lI
jTQYkhBZY5JhAz2lSKufDWxDv1qtNdoJ/HpemxT2T1LlLEkmIr0hbsV0dn51uLvp
X5mQJ9DKfmCpq3lvZsYvL9RgwJmje9yrIT0HXJP3rTITMJS9YSASrY67S9vt7dEo
1kUjPCW2/ZvfAgFpzGWxbTRXuB7Q07e2h8s0rvLzmB4U5Cq5BXUILkUqfIJP2ZMb
tLbJiwjU8ac3FIAGs8gOApfUQLqEkGHCJ2RRee5AirF9KamYT2HgkFrZDM5BpLwL
Kpuvkt0VeF4mYw6r14XC0Dz2MsyMqBvuSFbosGHxFDiZS9xru9A=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:48 2025 by rpki-client