Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/a9Z_ZyhtKj9Iog8vCuTw6NM-ZMI.roa
File: a9Z_ZyhtKj9Iog8vCuTw6NM-ZMI.roa (raw, json)
Hash identifier: AHRb9ESeCYUdUvueI8fR8L44Zi1vI3UAPTMh5Ikmr9Y=
Subject key identifier: 6B:D6:7F:67:28:6D:2A:3F:48:A2:0F:2F:0A:E4:F0:E8:D3:3E:64:C2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02AE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/a9Z_ZyhtKj9Iog8vCuTw6NM-ZMI.roa
Signing time: Sat 10 May 2025 15:37:51 +0000
ROA not before: Sat 10 May 2025 15:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 686 (0x2ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 15:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6BD67F67286D2A3F48A20F2F0AE4F0E8D33E64C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:cb:c9:b0:37:f0:5b:33:6d:c9:0a:a9:84:37:
26:2c:bd:76:de:28:db:6c:2f:1a:91:af:a4:9e:70:
8e:4f:e2:36:98:fd:b3:46:be:19:37:ec:2d:96:98:
ae:4e:cc:25:82:2f:62:4f:dc:ac:00:2b:87:b1:01:
ba:7f:45:46:9a:bb:03:36:07:3d:96:db:fb:7d:53:
74:3f:15:a5:4c:f6:40:4a:4c:14:2d:ae:63:eb:b5:
47:45:8f:99:66:c8:12:e3:c5:96:68:f3:ac:64:4c:
16:bb:6e:a9:1a:73:90:51:ea:51:de:d9:e9:d9:c0:
3a:33:18:e5:49:20:64:39:c0:c1:2f:6c:f4:54:a8:
6b:79:3f:9b:8f:96:45:44:4e:6e:31:c0:5a:2d:69:
3b:cd:b6:8b:61:e7:04:e3:03:33:06:6b:60:71:48:
1f:88:c2:0c:70:4f:82:d1:e7:c8:e8:18:c9:cb:21:
cb:99:89:ed:30:f4:ba:07:ac:2d:6e:44:2d:c6:63:
8e:4b:8b:1a:c9:41:16:05:50:5e:f5:1f:b6:ec:c6:
1d:32:9a:a0:d0:07:18:42:93:71:68:19:c9:4c:5c:
46:c1:5c:86:15:26:73:8c:d1:de:f6:07:53:d7:5d:
e5:70:59:42:01:20:80:fc:42:11:72:e6:d4:7b:73:
36:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D6:7F:67:28:6D:2A:3F:48:A2:0F:2F:0A:E4:F0:E8:D3:3E:64:C2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/a9Z_ZyhtKj9Iog8vCuTw6NM-ZMI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:c7:bf:3e:ba:52:7c:3d:b8:7c:8b:82:af:51:34:f9:30:84:
8f:dc:af:57:a8:72:64:74:39:c9:3e:46:11:93:95:39:3f:95:
77:cd:13:12:c3:dd:a8:e6:69:d3:3f:6d:fb:41:86:d3:e9:da:
6b:7a:8d:0f:91:b8:73:9b:e8:c1:90:01:e4:c3:82:05:61:d4:
ac:d3:7d:6f:f1:56:eb:fe:10:6b:eb:b9:14:f8:10:7a:85:df:
58:a2:d7:74:c9:99:73:7f:07:1d:9d:90:06:ab:91:81:30:e9:
02:40:01:04:80:26:34:26:b2:f4:69:d4:0e:00:f0:61:c9:a2:
d8:ff:14:cc:72:d7:20:27:a8:e4:1f:de:e9:88:d5:42:f3:43:
2b:b1:10:72:7c:da:74:f6:69:8c:01:04:ad:4e:c4:af:f1:36:
3c:8e:c7:91:49:44:45:01:20:ef:88:00:ee:ee:5b:77:bd:f6:
f0:74:ba:25:ac:9e:18:ae:e0:e0:b1:2d:0a:47:ca:95:74:ec:
36:fc:1e:16:64:22:54:11:00:5b:08:5a:c5:bc:fa:51:6d:0d:
d5:df:d7:f9:f4:3d:66:e1:23:f5:5c:8e:09:7b:50:f5:01:4e:
5a:65:d5:67:97:91:3e:12:dc:36:1f:6b:ee:81:bd:18:74:28:
14:3e:d7:be
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
NTM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZCRDY3RjY3Mjg2RDJB
M0Y0OEEyMEYyRjBBRTRGMEU4RDMzRTY0QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDky8mwN/BbM23JCqmENyYsvXbeKNtsLxqRr6SecI5P4jaY/bNG
vhk37C2WmK5OzCWCL2JP3KwAK4exAbp/RUaauwM2Bz2W2/t9U3Q/FaVM9kBKTBQt
rmPrtUdFj5lmyBLjxZZo86xkTBa7bqkac5BR6lHe2enZwDozGOVJIGQ5wMEvbPRU
qGt5P5uPlkVETm4xwFotaTvNtoth5wTjAzMGa2BxSB+IwgxwT4LR58joGMnLIcuZ
ie0w9LoHrC1uRC3GY45LixrJQRYFUF71H7bsxh0ymqDQBxhCk3FoGclMXEbBXIYV
JnOM0d72B1PXXeVwWUIBIID8QhFy5tR7czY9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUa9Z/ZyhtKj9Iog8vCuTw6NM+ZMIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hOVpfWnlodEtqOUlvZzh2
Q3VUdzZOTS1aTUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEHHvz66Unw9uHyLgq9RNPkwhI/cr1eocmR0
Ock+RhGTlTk/lXfNExLD3ajmadM/bftBhtPp2mt6jQ+RuHOb6MGQAeTDggVh1KzT
fW/xVuv+EGvruRT4EHqF31ii13TJmXN/Bx2dkAarkYEw6QJAAQSAJjQmsvRp1A4A
8GHJotj/FMxy1yAnqOQf3umI1ULzQyuxEHJ82nT2aYwBBK1OxK/xNjyOx5FJREUB
IO+IAO7uW3e99vB0uiWsnhiu4OCxLQpHypV07Db8HhZkIlQRAFsIWsW8+lFtDdXf
1/n0PWbhI/Vcjgl7UPUBTlpl1WeXkT4S3DYfa+6BvRh0KBQ+174=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:04:28 2025 by rpki-client