Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/crkKqDlF-rUqjseuKTM3sVnZnXA.roa
File: crkKqDlF-rUqjseuKTM3sVnZnXA.roa (raw, json)
Hash identifier: lz6I5/FmS7k6mMK3N8NizUWu3nj8P4eo4PlXnPCfWms=
Subject key identifier: 72:B9:0A:A8:39:45:FA:B5:2A:8E:C7:AE:29:33:37:B1:59:D9:9D:70
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1996
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/crkKqDlF-rUqjseuKTM3sVnZnXA.roa
Signing time: Tue 10 Jun 2025 04:39:44 +0000
ROA not before: Tue 10 Jun 2025 04:39:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6550 (0x1996)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 04:39:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=72B90AA83945FAB52A8EC7AE293337B159D99D70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8b:56:e8:46:38:ab:a2:97:7e:3b:02:aa:c7:
18:be:2b:b5:2d:5b:79:d3:be:5d:a1:bb:22:b8:f0:
3f:b8:51:2a:3e:36:78:18:8e:13:a5:0c:46:74:02:
d0:e9:41:fb:ba:0e:9c:26:88:90:3a:a4:5e:bb:60:
9c:4c:b5:f1:4a:e0:c1:39:da:c3:ac:66:c5:1b:71:
a2:ad:43:1b:ca:d4:ea:cf:e9:ee:a5:35:a8:e8:81:
49:e6:37:7b:4c:e5:cb:4c:b9:01:32:86:56:62:15:
95:81:37:59:35:73:3d:c6:38:e6:45:69:84:86:cd:
73:04:fa:84:96:fe:75:e6:9a:34:54:48:a9:2f:6e:
f9:19:13:e3:0d:e7:21:6d:e3:67:38:8e:9a:a0:d0:
90:fa:62:90:01:86:3f:ef:d7:18:cb:eb:74:7f:c1:
42:c2:99:e4:a6:28:e9:d3:f7:59:75:ad:17:c2:19:
2a:34:bb:ee:a9:aa:15:02:f2:f5:c5:89:2d:8d:81:
e7:ea:1b:73:d5:f7:0c:d3:49:12:88:37:d1:b9:fc:
2d:33:5f:26:66:40:df:de:83:a4:73:5e:ab:1b:3b:
e7:5c:ab:0e:8e:8d:ba:7d:73:7a:65:3e:bf:64:dc:
ba:e4:27:b4:4f:24:42:ad:8e:bf:c2:aa:19:cb:1d:
dd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B9:0A:A8:39:45:FA:B5:2A:8E:C7:AE:29:33:37:B1:59:D9:9D:70
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/crkKqDlF-rUqjseuKTM3sVnZnXA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:3e:7c:3e:55:39:59:cf:d5:43:62:bd:ac:9d:82:04:6a:fb:
a1:a7:da:08:3c:e7:e1:8b:3a:e8:1a:09:90:78:d7:2a:fe:a0:
c4:90:04:66:56:cb:81:b8:b3:17:97:6c:5a:6e:72:be:14:43:
09:71:a3:fe:3b:b8:f0:5d:ad:98:b9:50:f2:cd:51:93:66:73:
fe:53:e4:f7:41:8b:eb:08:2a:69:e3:5c:1f:07:14:d0:2c:b6:
4a:8b:2a:50:56:3f:ae:0e:c5:69:0a:22:ee:c8:c4:4c:91:41:
8b:2a:fb:8c:a0:78:88:44:1a:5e:a6:92:b5:12:97:45:dd:e0:
6e:a6:ce:83:bc:bb:d7:70:49:53:7d:ac:33:29:2d:dc:d1:8d:
11:d9:df:69:55:1c:17:56:6a:17:5a:18:97:5d:05:f1:bd:93:
4c:68:47:b5:f8:77:a0:2f:12:4e:36:80:62:53:ae:bf:76:5f:
31:b7:0b:4e:21:74:3f:df:60:ae:e6:74:5e:cc:9a:17:6a:31:
bf:bd:9e:ed:80:9d:62:5c:0a:fd:1d:79:8a:70:d2:9a:b8:cb:
f5:eb:80:e4:8e:49:bf:d8:ca:06:2b:46:76:03:4e:1d:47:23:
97:1c:58:83:f7:7e:6c:e4:30:d2:93:3c:af:35:e7:78:47:77:
3e:0c:ba:74
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAw
NDM5NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDcyQjkwQUE4Mzk0NUZB
QjUyQThFQzdBRTI5MzMzN0IxNTlEOTlENzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMi1boRjiropd+OwKqxxi+K7UtW3nTvl2huyK48D+4USo+NngY
jhOlDEZ0AtDpQfu6DpwmiJA6pF67YJxMtfFK4ME52sOsZsUbcaKtQxvK1OrP6e6l
NajogUnmN3tM5ctMuQEyhlZiFZWBN1k1cz3GOOZFaYSGzXME+oSW/nXmmjRUSKkv
bvkZE+MN5yFt42c4jpqg0JD6YpABhj/v1xjL63R/wULCmeSmKOnT91l1rRfCGSo0
u+6pqhUC8vXFiS2NgefqG3PV9wzTSRKIN9G5/C0zXyZmQN/eg6RzXqsbO+dcqw6O
jbp9c3plPr9k3LrkJ7RPJEKtjr/CqhnLHd2XAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcrkKqDlF+rUqjseuKTM3sVnZnXAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jcmtLcURsRi1yVXFqc2V1
S1RNM3NWblpuWEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHA+fD5VOVnP1UNivaydggRq+6Gn2gg85+GL
OugaCZB41yr+oMSQBGZWy4G4sxeXbFpucr4UQwlxo/47uPBdrZi5UPLNUZNmc/5T
5PdBi+sIKmnjXB8HFNAstkqLKlBWP64OxWkKIu7IxEyRQYsq+4ygeIhEGl6mkrUS
l0Xd4G6mzoO8u9dwSVN9rDMpLdzRjRHZ32lVHBdWahdaGJddBfG9k0xoR7X4d6Av
Ek42gGJTrr92XzG3C04hdD/fYK7mdF7MmhdqMb+9nu2AnWJcCv0deYpw0pq4y/Xr
gOSOSb/YygYrRnYDTh1HI5ccWIP3fmzkMNKTPK8153hHdz4MunQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:05:38 2025 by rpki-client