Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_ztpGjuaYBTLmNqoI0EVALbaFeQ.roa
File: _ztpGjuaYBTLmNqoI0EVALbaFeQ.roa (raw, json)
Hash identifier: C6bYCKAFl7P1eF8BTs850bG31tci2OCNiDy5ZNxizYo=
Subject key identifier: FF:3B:69:1A:3B:9A:60:14:CB:98:DA:A8:23:41:15:00:B6:DA:15:E4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FC2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_ztpGjuaYBTLmNqoI0EVALbaFeQ.roa
Signing time: Wed 18 Jun 2025 10:31:59 +0000
ROA not before: Wed 18 Jun 2025 10:31:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8130 (0x1fc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 10:31:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FF3B691A3B9A6014CB98DAA823411500B6DA15E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:44:b4:3c:d8:af:a8:5b:5f:da:b1:ba:4d:f8:
8a:80:98:05:41:a7:96:1f:31:d5:6c:20:0f:b7:ec:
5c:e1:4c:6c:6a:ec:69:64:bb:93:86:08:90:dd:6e:
ee:1b:be:79:7b:b9:8f:d6:73:99:4d:11:a5:b8:9d:
bd:76:cd:ee:5e:8e:f6:df:06:b3:f6:87:ec:8c:dd:
2b:53:ee:d8:c6:1e:e0:e1:4b:17:d5:2b:39:e7:b2:
bb:bb:84:b1:02:83:d7:57:a4:17:7d:5d:52:3a:fa:
57:f5:32:83:1c:63:20:1d:42:6d:57:2c:10:5a:a5:
1d:8f:92:f5:4a:f0:76:37:b5:fa:6c:fa:5f:2b:f6:
c3:27:e0:44:e8:98:e6:79:8c:23:79:97:99:3c:d6:
f1:6d:67:2d:33:66:65:a2:da:63:48:c5:f0:22:4e:
b4:c2:62:e7:de:23:d8:9b:51:35:5a:24:00:34:b3:
05:09:8d:b9:60:41:5f:e9:dd:e0:0a:a1:3a:cd:47:
79:a8:e5:20:a2:4f:bf:b2:ab:4a:02:13:ae:d5:da:
48:e5:01:13:4e:d3:11:32:a6:21:e8:87:95:03:60:
cc:61:9f:83:d5:3a:d7:cd:81:7f:23:a1:a5:72:36:
bf:59:21:7d:db:17:d1:97:bc:5f:ad:89:10:f1:ee:
7d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3B:69:1A:3B:9A:60:14:CB:98:DA:A8:23:41:15:00:B6:DA:15:E4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_ztpGjuaYBTLmNqoI0EVALbaFeQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:3e:19:82:89:a6:6d:9b:1f:3a:b2:a6:d5:07:d2:49:b6:51:
40:f7:c8:e5:bf:36:c5:54:04:5f:c8:0c:37:17:cb:97:39:24:
cb:6a:5d:81:ff:4e:ff:99:40:05:47:39:b8:45:98:82:6a:45:
60:32:2f:5f:80:92:c9:72:82:15:d9:ec:09:ce:c9:62:9c:87:
ab:13:1d:36:b1:7d:6e:15:d0:a5:e8:23:51:36:37:8f:a7:98:
95:44:7d:65:9a:76:aa:53:8f:7d:2d:32:1d:98:77:f9:e5:b1:
cf:85:1e:ba:3a:af:f2:3d:38:09:51:f4:4b:e9:dc:ce:7b:5c:
e6:71:87:b9:4f:75:11:b9:50:2e:60:2b:6e:c8:71:03:c2:58:
b3:60:d9:fa:7b:d3:06:91:82:f9:87:d5:62:03:4a:35:93:06:
b8:f0:f0:db:e1:db:9e:ce:2c:be:ad:9f:c0:dc:f6:e8:d3:6e:
09:64:21:1f:a8:3d:0e:73:48:93:eb:bd:21:f6:fa:d3:b2:34:
3f:81:b7:aa:98:b4:18:12:cf:73:34:75:57:6b:50:90:ff:8b:
a9:d4:fe:b8:3a:7a:cb:1c:28:5f:fa:c9:eb:d9:1d:4c:42:8c:
8b:ad:72:8d:9f:ef:85:2b:7d:e5:53:66:b5:64:63:b0:56:22:
14:25:45:86
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
MDMxNTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZGM0I2OTFBM0I5QTYw
MTRDQjk4REFBODIzNDExNTAwQjZEQTE1RTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDRLQ82K+oW1/asbpN+IqAmAVBp5YfMdVsIA+37FzhTGxq7Glk
u5OGCJDdbu4bvnl7uY/Wc5lNEaW4nb12ze5ejvbfBrP2h+yM3StT7tjGHuDhSxfV
Kznnsru7hLECg9dXpBd9XVI6+lf1MoMcYyAdQm1XLBBapR2PkvVK8HY3tfps+l8r
9sMn4ETomOZ5jCN5l5k81vFtZy0zZmWi2mNIxfAiTrTCYufeI9ibUTVaJAA0swUJ
jblgQV/p3eAKoTrNR3mo5SCiT7+yq0oCE67V2kjlARNO0xEypiHoh5UDYMxhn4PV
OtfNgX8joaVyNr9ZIX3bF9GXvF+tiRDx7n0jAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/ztpGjuaYBTLmNqoI0EVALbaFeQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fenRwR2p1YVlCVExtTnFv
STBFVkFMYmFGZVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF8+GYKJpm2bHzqyptUH0km2UUD3yOW/NsVU
BF/IDDcXy5c5JMtqXYH/Tv+ZQAVHObhFmIJqRWAyL1+AkslyghXZ7AnOyWKch6sT
HTaxfW4V0KXoI1E2N4+nmJVEfWWadqpTj30tMh2Yd/nlsc+FHro6r/I9OAlR9Evp
3M57XOZxh7lPdRG5UC5gK27IcQPCWLNg2fp70waRgvmH1WIDSjWTBrjw8Nvh257O
LL6tn8Dc9ujTbglkIR+oPQ5zSJPrvSH2+tOyND+Bt6qYtBgSz3M0dVdrUJD/i6nU
/rg6esscKF/6yevZHUxCjIutco2f74UrfeVTZrVkY7BWIhQlRYY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:36 2025 by rpki-client