Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bWSsVf_JvRRwB57RHJDIrdeVTQY.roa
File: bWSsVf_JvRRwB57RHJDIrdeVTQY.roa (raw, json)
Hash identifier: M0lmkgw81IdYDOykju/tfl26N4LOGntVD8/kgMlyz+8=
Subject key identifier: 6D:64:AC:55:FF:C9:BD:14:70:07:9E:D1:1C:90:C8:AD:D7:95:4D:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2426
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bWSsVf_JvRRwB57RHJDIrdeVTQY.roa
Signing time: Tue 24 Jun 2025 18:12:12 +0000
ROA not before: Tue 24 Jun 2025 18:12:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9254 (0x2426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 18:12:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6D64AC55FFC9BD1470079ED11C90C8ADD7954D06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1a:6c:65:1f:be:9d:47:d6:9e:8c:fe:bc:85:
1a:2d:c0:9c:e9:ac:c5:8b:9a:c5:76:4e:33:77:1b:
7d:b2:82:70:63:c3:38:81:8b:65:54:54:2b:d3:28:
e1:00:05:13:c6:27:b7:4c:13:d4:cf:10:de:bc:72:
3f:0b:91:e5:66:e7:49:23:d6:bd:8e:6e:20:1a:c9:
b2:ae:bd:20:d4:72:33:2a:f2:e5:ec:7e:65:35:f5:
6a:f7:ec:6c:1a:b2:48:71:b5:15:a6:7d:83:85:e9:
e1:ea:a3:91:35:3b:cd:13:28:63:08:fe:34:42:e1:
9d:98:30:90:70:04:c5:02:59:de:4b:dc:e2:92:2e:
07:74:b1:92:10:7b:d6:49:ad:67:a6:01:27:a6:7b:
85:b8:3e:0b:d0:05:43:0b:9c:03:4a:af:e1:56:55:
2e:5e:d5:84:e7:25:96:02:68:63:1b:36:19:d4:d3:
20:ee:f7:b6:30:0d:78:01:ab:9d:8a:d0:05:08:0c:
a9:de:71:e7:3c:99:98:0a:b9:80:ea:31:3a:e5:82:
f2:3e:92:35:9c:c5:50:93:5b:ec:22:f9:2f:5b:75:
08:5a:7d:81:43:60:1f:83:9e:cf:8f:45:28:7a:38:
9f:95:b7:ea:e8:c7:37:89:17:8a:0b:62:4f:62:2d:
90:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:64:AC:55:FF:C9:BD:14:70:07:9E:D1:1C:90:C8:AD:D7:95:4D:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bWSsVf_JvRRwB57RHJDIrdeVTQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:58:fc:04:49:cb:d0:ca:a1:79:05:45:0d:81:dc:f6:27:13:
8b:ca:f0:0b:bd:de:7f:ec:2d:02:16:3c:99:f2:9b:f7:ff:78:
24:0e:25:56:64:91:77:ba:70:fa:1b:b9:d0:9c:0d:f7:5c:0b:
fc:dc:f6:5f:3f:e1:31:2f:d7:da:0f:2c:36:cf:85:02:5f:54:
23:12:d3:ed:d8:f6:3b:a9:71:20:89:91:db:6b:58:bb:4f:66:
5e:7c:69:9f:72:9d:93:77:4f:e3:15:97:c4:a5:af:29:b5:15:
94:52:0b:70:8d:b6:2f:b1:9d:82:30:77:14:33:e7:99:58:d5:
8a:14:18:45:c2:67:d9:72:cb:c1:d2:4d:24:dc:85:eb:8c:e7:
e9:09:02:91:63:1f:31:80:92:92:97:b6:ad:34:59:2b:ec:a6:
fe:2d:bf:02:23:99:f4:54:93:46:82:29:79:f9:77:b9:c0:43:
ea:4f:df:77:58:91:64:3b:f2:6f:7c:c1:eb:29:af:3d:9b:93:
e8:eb:1f:47:1f:71:04:e1:58:3f:e6:c8:52:9a:31:52:40:d3:
f4:f8:e9:74:23:74:dd:26:6e:95:f6:9a:59:cc:00:be:92:a4:
09:22:ff:3b:90:0a:c3:89:e2:a2:0f:07:3c:37:4f:97:c3:7e:
ef:53:db:8e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQx
ODEyMTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZENjRBQzU1RkZDOUJE
MTQ3MDA3OUVEMTFDOTBDOEFERDc5NTREMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOGmxlH76dR9aejP68hRotwJzprMWLmsV2TjN3G32ygnBjwziB
i2VUVCvTKOEABRPGJ7dME9TPEN68cj8LkeVm50kj1r2ObiAaybKuvSDUcjMq8uXs
fmU19Wr37GwaskhxtRWmfYOF6eHqo5E1O80TKGMI/jRC4Z2YMJBwBMUCWd5L3OKS
Lgd0sZIQe9ZJrWemASeme4W4PgvQBUMLnANKr+FWVS5e1YTnJZYCaGMbNhnU0yDu
97YwDXgBq52K0AUIDKnecec8mZgKuYDqMTrlgvI+kjWcxVCTW+wi+S9bdQhafYFD
YB+Dns+PRSh6OJ+Vt+roxzeJF4oLYk9iLZDXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbWSsVf/JvRRwB57RHJDIrdeVTQYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iV1NzVmZfSnZSUndCNTdS
SEpESXJkZVZUUVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHVY/ARJy9DKoXkFRQ2B3PYnE4vK8Au93n/s
LQIWPJnym/f/eCQOJVZkkXe6cPobudCcDfdcC/zc9l8/4TEv19oPLDbPhQJfVCMS
0+3Y9jupcSCJkdtrWLtPZl58aZ9ynZN3T+MVl8Slrym1FZRSC3CNti+xnYIwdxQz
55lY1YoUGEXCZ9lyy8HSTSTcheuM5+kJApFjHzGAkpKXtq00WSvspv4tvwIjmfRU
k0aCKXn5d7nAQ+pP33dYkWQ78m98wesprz2bk+jrH0cfcQThWD/myFKaMVJA0/T4
6XQjdN0mbpX2mlnMAL6SpAki/zuQCsOJ4qIPBzw3T5fDfu9T244=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:44:03 2025 by rpki-client