Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cxH9knTCFxF45VLFU9ZePseebaY.roa
File: cxH9knTCFxF45VLFU9ZePseebaY.roa (raw, json)
Hash identifier: C4Tg3XCVDb7Pw0FWwcxpRcVxdmfpwS6SAbKkwaSJqxc=
Subject key identifier: 73:11:FD:92:74:C2:17:11:78:E5:52:C5:53:D6:5E:3E:C7:9E:6D:A6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F2A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cxH9knTCFxF45VLFU9ZePseebaY.roa
Signing time: Tue 17 Jun 2025 15:10:09 +0000
ROA not before: Tue 17 Jun 2025 15:10:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7978 (0x1f2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 15:10:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7311FD9274C2171178E552C553D65E3EC79E6DA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:26:1e:24:36:c5:c1:75:d0:93:39:01:90:0d:
2b:70:60:41:a6:4e:0c:f9:bd:d1:05:e1:b9:5b:d1:
b9:87:96:b2:3c:17:4d:54:79:33:be:da:19:a0:78:
02:4c:eb:dd:dc:6e:d2:e1:16:34:c1:a4:9f:88:b0:
24:25:64:1d:e6:c2:17:a9:33:14:9f:be:c8:f6:d2:
cd:ad:f1:c1:b1:4d:1d:09:5f:73:d2:50:50:3c:b6:
97:24:d0:e7:f6:fe:91:f7:94:36:fc:77:6a:77:4e:
56:07:3d:73:a4:db:58:fe:58:4d:44:39:d6:69:05:
92:7c:e2:e0:87:e3:04:21:08:88:ab:79:dc:ff:b0:
b0:1d:a4:74:ea:40:1c:e3:6f:4b:0e:88:6f:ff:bf:
cb:43:09:a0:f3:07:b3:e3:2b:e5:85:1d:9e:db:65:
c8:3c:cb:0b:93:70:60:6c:5e:ba:14:7d:da:98:e2:
f8:d9:86:50:22:0b:09:51:db:27:57:41:a9:d2:57:
72:31:17:a0:84:8c:5d:f7:4b:c4:d8:19:bb:3e:1c:
7a:77:4e:be:fd:b4:d7:0b:f1:80:5f:d7:e8:0a:c6:
dd:1e:b5:94:40:00:3f:12:06:7c:a8:94:22:f7:e8:
53:ac:b1:59:3c:18:30:58:23:ee:2e:23:fc:f6:57:
14:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:11:FD:92:74:C2:17:11:78:E5:52:C5:53:D6:5E:3E:C7:9E:6D:A6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cxH9knTCFxF45VLFU9ZePseebaY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:9a:e9:be:cd:cf:5e:67:82:dd:a8:e2:c7:f2:64:d7:46:c2:
fb:48:68:2c:94:48:f7:ee:9b:4f:2e:63:97:29:8f:a3:a0:5a:
cf:84:73:34:d9:e7:22:0e:0d:fc:14:ed:da:0c:99:a5:a9:dc:
6b:df:54:ae:e8:4b:9c:71:ac:e2:64:f3:f7:0b:e3:32:74:92:
1f:7b:97:0b:e0:7d:d1:79:66:84:8f:17:fc:2c:45:cf:bd:8b:
aa:93:e5:45:64:66:f0:ae:09:2f:fd:53:7e:05:87:1b:1e:7c:
f1:1d:c4:00:ac:98:0f:8e:6a:02:b3:d4:d3:d3:dc:3e:8a:5b:
6a:11:45:10:eb:0a:77:7d:eb:1c:bb:fe:d4:9f:01:9b:dd:82:
59:b5:7c:c4:46:da:e0:8b:d1:04:62:1a:28:ca:7d:26:09:b2:
a4:9f:fa:66:01:4f:6d:25:67:71:0b:68:bd:f6:18:2d:ac:a3:
f0:3b:53:f2:b3:51:ee:5d:21:3c:62:1d:e5:fe:df:68:7c:99:
d3:3c:df:ac:cf:a1:93:a5:73:bf:d0:da:a4:8c:df:0b:95:73:
8c:b7:02:f6:a4:e9:28:36:56:06:da:23:85:71:45:4a:5a:33:
54:32:b6:6c:0e:09:6b:71:b0:ea:87:77:71:5e:50:51:21:ea:
06:33:31:67
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHyowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcx
NTEwMDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDczMTFGRDkyNzRDMjE3
MTE3OEU1NTJDNTUzRDY1RTNFQzc5RTZEQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyJh4kNsXBddCTOQGQDStwYEGmTgz5vdEF4blb0bmHlrI8F01U
eTO+2hmgeAJM693cbtLhFjTBpJ+IsCQlZB3mwhepMxSfvsj20s2t8cGxTR0JX3PS
UFA8tpck0Of2/pH3lDb8d2p3TlYHPXOk21j+WE1EOdZpBZJ84uCH4wQhCIiredz/
sLAdpHTqQBzjb0sOiG//v8tDCaDzB7PjK+WFHZ7bZcg8ywuTcGBsXroUfdqY4vjZ
hlAiCwlR2ydXQanSV3IxF6CEjF33S8TYGbs+HHp3Tr79tNcL8YBf1+gKxt0etZRA
AD8SBnyolCL36FOssVk8GDBYI+4uI/z2VxRDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcxH9knTCFxF45VLFU9ZePseebaYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jeEg5a25UQ0Z4RjQ1VkxG
VTlaZVBzZWViYVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAICa6b7Nz15ngt2o4sfyZNdGwvtIaCyUSPfu
m08uY5cpj6OgWs+EczTZ5yIODfwU7doMmaWp3GvfVK7oS5xxrOJk8/cL4zJ0kh97
lwvgfdF5ZoSPF/wsRc+9i6qT5UVkZvCuCS/9U34FhxsefPEdxACsmA+OagKz1NPT
3D6KW2oRRRDrCnd96xy7/tSfAZvdglm1fMRG2uCL0QRiGijKfSYJsqSf+mYBT20l
Z3ELaL32GC2so/A7U/KzUe5dITxiHeX+32h8mdM836zPoZOlc7/Q2qSM3wuVc4y3
Avak6Sg2VgbaI4VxRUpaM1QytmwOCWtxsOqHd3FeUFEh6gYzMWc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:34:54 2025 by rpki-client