Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/c8daq_tBuUZmClKGpU2kCBESuZE.roa
File: c8daq_tBuUZmClKGpU2kCBESuZE.roa (raw, json)
Hash identifier: be3VXxUzZ3p/gfy0aArBd+R3MSiK2xHLRjlAlgdq6Zo=
Subject key identifier: 73:C7:5A:AB:FB:41:B9:46:66:0A:52:86:A5:4D:A4:08:11:12:B9:91
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C02
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/c8daq_tBuUZmClKGpU2kCBESuZE.roa
Signing time: Fri 13 Jun 2025 10:09:56 +0000
ROA not before: Fri 13 Jun 2025 10:09:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7170 (0x1c02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 10:09:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=73C75AABFB41B946660A5286A54DA4081112B991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:db:b6:5a:1c:3e:d6:e0:54:d3:d9:14:2a:a6:
ca:77:d9:c9:20:d6:9d:9f:e5:49:39:41:b2:f1:5f:
8b:0e:94:ed:8f:fe:aa:19:9c:e5:10:3a:12:9b:da:
a8:96:51:2f:8a:95:3a:70:8d:f6:de:c5:7a:d2:ac:
26:81:9e:6a:fc:73:8b:01:70:9d:83:9a:6f:61:a1:
4e:8a:a8:5d:19:31:95:0f:f2:f3:f0:1c:f2:d0:45:
2a:39:70:7c:76:ff:1d:b7:b2:aa:1d:7d:2e:60:3e:
0f:46:13:01:fe:56:f0:98:d6:f8:29:51:6c:9f:ee:
c8:35:55:bf:f6:12:69:43:d1:9b:d0:af:6a:91:f0:
d7:33:d8:5a:14:52:1e:39:85:51:ef:dc:fb:a4:a8:
0f:73:90:fa:aa:6a:34:df:70:ea:e2:a5:74:36:57:
21:c9:5e:0d:c4:57:32:9f:93:f8:08:d3:07:20:ae:
4e:bf:e4:4f:ff:bf:e5:22:d4:7f:e8:5d:2c:e4:df:
ad:d9:11:7e:87:c0:00:e6:7a:94:74:6d:e2:3f:02:
eb:9f:f0:22:1e:c3:f7:25:12:83:5b:1e:6c:c5:2c:
f1:01:ed:f3:2a:2e:e6:98:c5:52:f6:b1:38:4e:4e:
9e:84:03:d2:df:cc:25:36:87:ae:f4:11:8b:41:2b:
5f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:C7:5A:AB:FB:41:B9:46:66:0A:52:86:A5:4D:A4:08:11:12:B9:91
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/c8daq_tBuUZmClKGpU2kCBESuZE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:bc:18:f4:40:2e:4f:ff:6b:78:eb:bf:30:ba:cb:61:3c:30:
a0:12:0e:45:c9:e5:66:3b:26:51:db:f2:bb:6a:f2:c7:ae:90:
99:58:33:5c:5a:a6:cd:8f:f5:3b:2b:da:33:8d:a2:95:66:93:
02:cd:7d:9e:f6:d5:dd:73:f6:9a:4e:cf:0d:1d:04:28:9c:fa:
e7:2c:01:07:60:32:f9:5c:51:e0:4d:5d:fe:eb:e1:11:cc:32:
2f:c0:b4:56:b6:3d:2b:ac:64:19:d1:24:8a:4e:52:6a:91:11:
d8:6f:3f:72:1f:de:53:ad:18:5a:e4:6f:2b:fc:64:37:37:b0:
d7:fa:cb:36:ce:3d:23:20:53:ef:94:43:af:ed:8a:5e:19:07:
bc:45:b9:b2:2b:78:44:4e:7c:dc:02:4d:7c:29:12:f1:08:3d:
7e:b4:71:99:b4:69:cc:ac:15:3c:d6:8f:30:5d:a0:51:01:74:
f1:cb:26:0c:82:54:c7:f8:a8:7b:95:6b:7c:39:bb:02:69:71:
0f:94:27:d6:06:77:6e:98:9f:d1:a2:2b:c8:14:f2:b8:c5:70:
48:c8:e7:cd:e8:9b:7a:7f:ee:4d:41:f3:9b:f8:2f:4f:8c:39:
bd:b9:b8:4b:52:dc:e5:35:11:7b:ae:d2:3d:73:a8:32:dd:aa:
c8:a7:20:9c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
MDA5NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDczQzc1QUFCRkI0MUI5
NDY2NjBBNTI4NkE1NERBNDA4MTExMkI5OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDD27ZaHD7W4FTT2RQqpsp32ckg1p2f5Uk5QbLxX4sOlO2P/qoZ
nOUQOhKb2qiWUS+KlTpwjfbexXrSrCaBnmr8c4sBcJ2Dmm9hoU6KqF0ZMZUP8vPw
HPLQRSo5cHx2/x23sqodfS5gPg9GEwH+VvCY1vgpUWyf7sg1Vb/2EmlD0ZvQr2qR
8Ncz2FoUUh45hVHv3PukqA9zkPqqajTfcOripXQ2VyHJXg3EVzKfk/gI0wcgrk6/
5E//v+Ui1H/oXSzk363ZEX6HwADmepR0beI/Auuf8CIew/clEoNbHmzFLPEB7fMq
LuaYxVL2sThOTp6EA9LfzCU2h670EYtBK18RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUc8daq/tBuUZmClKGpU2kCBESuZEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jOGRhcV90QnVVWm1DbEtH
cFUya0NCRVN1WkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAi8GPRALk//a3jrvzC6y2E8MKASDkXJ5WY7
JlHb8rtq8seukJlYM1xaps2P9Tsr2jONopVmkwLNfZ721d1z9ppOzw0dBCic+ucs
AQdgMvlcUeBNXf7r4RHMMi/AtFa2PSusZBnRJIpOUmqREdhvP3If3lOtGFrkbyv8
ZDc3sNf6yzbOPSMgU++UQ6/til4ZB7xFubIreEROfNwCTXwpEvEIPX60cZm0acys
FTzWjzBdoFEBdPHLJgyCVMf4qHuVa3w5uwJpcQ+UJ9YGd26Yn9GiK8gU8rjFcEjI
583om3p/7k1B85v4L0+MOb25uEtS3OU1EXuu0j1zqDLdqsinIJw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:45:55 2025 by rpki-client