Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/d7fkBLnmpgxXvBZ4UoGBS_ZZmSs.roa
File: d7fkBLnmpgxXvBZ4UoGBS_ZZmSs.roa (raw, json)
Hash identifier: qSuu7qxqKxwi31SdYEm8C29O1s6EuLJDQDzkOh4is3M=
Subject key identifier: 77:B7:E4:04:B9:E6:A6:0C:57:BC:16:78:52:81:81:4B:F6:59:99:2B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0352
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/d7fkBLnmpgxXvBZ4UoGBS_ZZmSs.roa
Signing time: Sun 11 May 2025 12:07:52 +0000
ROA not before: Sun 11 May 2025 12:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 850 (0x352)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 12:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=77B7E404B9E6A60C57BC16785281814BF659992B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:59:f5:3a:26:ad:63:a2:68:d2:aa:e4:f0:c2:
57:02:e5:85:62:3e:6f:34:71:57:26:3a:06:43:5c:
db:53:23:90:f1:bd:cd:35:08:ba:4c:8f:df:4f:1f:
a3:7c:94:49:48:5e:5a:b6:74:91:69:57:80:7f:ca:
47:7a:fb:43:f6:d0:32:50:7f:ed:49:92:b6:a1:cb:
9e:5a:e7:85:ab:b8:00:c9:e9:fe:a1:ea:5f:4d:82:
e8:33:67:16:3d:54:e2:2d:c2:36:3c:ae:9e:33:9e:
40:39:de:42:c7:71:da:59:32:4f:13:29:4d:1c:03:
8b:28:0c:28:47:18:03:97:67:fd:b8:9f:c8:90:58:
91:f8:31:91:ad:34:a5:a5:0e:93:a6:78:f3:6c:3c:
8f:de:44:55:86:83:d1:90:5d:0f:47:07:58:8e:a2:
7b:1d:6e:8f:e3:64:18:41:66:39:1e:16:7d:42:30:
5b:33:21:12:a1:7b:20:4d:1e:d5:c9:e7:31:84:aa:
8c:b5:fc:55:20:ea:fe:0d:27:f1:db:9c:e3:54:5e:
9c:f1:89:2b:28:b5:00:4a:01:c1:90:c5:73:dc:ef:
2f:ec:de:8b:4d:56:89:8b:82:aa:53:cc:dd:3e:aa:
8b:26:3a:0e:70:39:bf:0c:8a:ea:e8:4b:8c:5d:6a:
04:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B7:E4:04:B9:E6:A6:0C:57:BC:16:78:52:81:81:4B:F6:59:99:2B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/d7fkBLnmpgxXvBZ4UoGBS_ZZmSs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:0c:46:f7:16:1c:a3:0b:16:99:7a:a5:51:17:c7:74:d7:35:
b6:ea:bc:6f:61:ef:93:d9:7b:03:de:78:ab:a9:48:8a:e7:07:
83:be:9c:9b:a9:32:65:aa:99:14:3f:9c:06:50:95:b7:b2:1c:
ff:7c:a1:30:7e:09:db:b8:ee:98:6f:15:dd:b3:6f:86:91:0b:
65:69:f0:25:fd:52:dd:eb:59:b8:ff:ef:fc:f3:2e:25:38:52:
c8:d7:47:d7:27:fb:52:95:9e:1b:1e:b6:bf:dc:22:dd:e9:c4:
4a:a1:3a:60:58:ff:3b:52:f6:66:62:2f:28:9b:c0:5f:6f:bc:
70:5b:6f:ea:47:f9:7c:89:1a:7d:95:1f:fd:19:d2:8d:42:8f:
09:2d:e1:96:db:f3:95:55:3d:0c:09:e6:3e:0c:59:fd:3b:ff:
5b:cb:69:5f:4e:45:fc:e1:27:06:5e:37:3d:e5:dd:2b:e3:c9:
4f:96:4f:e9:e4:f7:39:40:8f:6a:09:46:b6:dc:c8:b1:74:ab:
11:d6:c2:36:d0:0b:b4:ed:5d:96:e4:fa:3e:e6:7f:31:6c:5f:
fd:b9:5d:3b:05:fd:1f:a7:19:cf:10:04:dc:50:18:dc:e6:35:
1e:9f:76:0e:a7:08:f1:32:59:44:9b:31:00:36:df:31:0c:0a:
64:af:ba:2e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MjA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc3QjdFNDA0QjlFNkE2
MEM1N0JDMTY3ODUyODE4MTRCRjY1OTk5MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVWfU6Jq1jomjSquTwwlcC5YViPm80cVcmOgZDXNtTI5Dxvc01
CLpMj99PH6N8lElIXlq2dJFpV4B/ykd6+0P20DJQf+1Jkrahy55a54WruADJ6f6h
6l9NgugzZxY9VOItwjY8rp4znkA53kLHcdpZMk8TKU0cA4soDChHGAOXZ/24n8iQ
WJH4MZGtNKWlDpOmePNsPI/eRFWGg9GQXQ9HB1iOonsdbo/jZBhBZjkeFn1CMFsz
IRKheyBNHtXJ5zGEqoy1/FUg6v4NJ/HbnONUXpzxiSsotQBKAcGQxXPc7y/s3otN
VomLgqpTzN0+qosmOg5wOb8MiuroS4xdagSLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUd7fkBLnmpgxXvBZ4UoGBS/ZZmSswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kN2ZrQkxubXBneFh2Qlo0
VW9HQlNfWlptU3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHgMRvcWHKMLFpl6pVEXx3TXNbbqvG9h75PZ
ewPeeKupSIrnB4O+nJupMmWqmRQ/nAZQlbeyHP98oTB+Cdu47phvFd2zb4aRC2Vp
8CX9Ut3rWbj/7/zzLiU4UsjXR9cn+1KVnhsetr/cIt3pxEqhOmBY/ztS9mZiLyib
wF9vvHBbb+pH+XyJGn2VH/0Z0o1Cjwkt4Zbb85VVPQwJ5j4MWf07/1vLaV9ORfzh
JwZeNz3l3SvjyU+WT+nk9zlAj2oJRrbcyLF0qxHWwjbQC7TtXZbk+j7mfzFsX/25
XTsF/R+nGc8QBNxQGNzmNR6fdg6nCPEyWUSbMQA23zEMCmSvui4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:26 2025 by rpki-client