Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dhBB7sXwcWSfmw1cWanPDdK2Jeo.roa
File: dhBB7sXwcWSfmw1cWanPDdK2Jeo.roa (raw, json)
Hash identifier: CxIfphgJ+Ru847vhC0JK3r9t9JFCF6Dodyoo8pP4LJg=
Subject key identifier: 76:10:41:EE:C5:F0:71:64:9F:9B:0D:5C:59:A9:CF:0D:D2:B6:25:EA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1CEA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dhBB7sXwcWSfmw1cWanPDdK2Jeo.roa
Signing time: Sat 14 Jun 2025 15:09:55 +0000
ROA not before: Sat 14 Jun 2025 15:09:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7402 (0x1cea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 14 15:09:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=761041EEC5F071649F9B0D5C59A9CF0DD2B625EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c2:10:26:28:e8:81:5b:5d:1a:90:1b:5d:a6:
7f:15:53:cd:f6:f5:6d:cf:78:cb:fe:19:32:a1:04:
30:ee:43:23:13:b0:05:60:d1:72:8a:7f:39:a2:8a:
ac:28:6e:76:81:91:3e:ae:65:ca:50:91:70:6a:f2:
9a:a8:52:83:a7:ef:40:5d:17:f7:79:90:2f:a9:1a:
36:9d:61:1c:76:47:f5:15:0f:fb:64:66:f7:35:01:
73:d3:03:ea:b4:ad:fd:32:1e:2f:b1:bb:0e:03:6f:
87:e4:39:24:e6:73:d9:a3:bb:24:3f:5b:1f:0d:37:
e8:f1:d6:04:03:5a:fc:3d:60:27:4b:8f:14:f6:69:
96:75:39:18:66:14:64:3e:7b:48:71:1a:13:4c:ef:
58:cd:65:af:0b:34:f0:cc:1b:3d:d8:70:cd:1f:09:
8e:b1:3c:7f:01:dc:77:37:c8:db:6e:a3:06:1c:69:
5f:ff:84:d0:fb:42:e1:09:9d:15:a4:53:fc:91:64:
d1:a5:7c:73:64:a3:f6:1e:53:a2:74:6b:3a:04:53:
0c:f2:32:57:38:ff:15:fb:4a:be:18:9a:c7:a8:9b:
8b:6b:4f:6f:dd:55:db:c0:a7:1c:19:26:bb:33:b9:
a3:dd:eb:f9:f4:03:f0:e6:0c:6c:a7:7a:e7:d9:6e:
ca:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:10:41:EE:C5:F0:71:64:9F:9B:0D:5C:59:A9:CF:0D:D2:B6:25:EA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dhBB7sXwcWSfmw1cWanPDdK2Jeo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:f0:e6:a8:f8:9a:52:66:0c:0a:ae:a9:d4:de:e5:a5:94:24:
5b:58:a0:91:fb:f8:99:78:ee:97:2b:24:ff:12:8d:8f:48:07:
c2:0c:dc:90:51:36:bc:8b:7c:f5:62:e6:53:2e:89:39:f6:b6:
47:f0:c3:9c:d7:9a:38:ff:75:58:79:c1:7f:06:1f:94:0d:db:
02:1e:46:50:b3:3b:80:02:f4:62:73:58:c0:4b:11:2b:bf:65:
a0:35:5a:74:f7:b7:e2:1d:39:43:a1:e5:5e:d0:b5:7d:81:d3:
07:fb:95:e1:aa:ef:64:c4:ba:25:0e:79:dd:12:cc:2f:33:ae:
ab:f2:c0:fb:2e:07:94:99:ed:31:81:ae:f4:01:e6:df:34:ff:
1e:a5:55:56:ea:a2:b9:81:12:d0:e5:a1:1b:e9:25:1c:d5:7c:
dd:31:f5:8c:ff:71:af:b8:83:18:84:7f:36:eb:76:cd:0e:41:
ed:b2:6c:83:46:2b:34:41:2c:5e:19:e8:0d:66:48:5e:c2:c7:
d9:3e:2e:ae:34:2c:4e:bc:0b:87:53:34:90:05:60:b5:3c:86:
aa:c5:3b:46:e1:87:97:b0:85:e9:07:88:0d:af:ea:4b:7d:34:
2e:d1:49:04:d4:ea:8a:b6:a3:4d:52:20:7c:9d:ae:e1:e3:bc:
9f:e4:93:81
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTQx
NTA5NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc2MTA0MUVFQzVGMDcx
NjQ5RjlCMEQ1QzU5QTlDRjBERDJCNjI1RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSwhAmKOiBW10akBtdpn8VU8329W3PeMv+GTKhBDDuQyMTsAVg
0XKKfzmiiqwobnaBkT6uZcpQkXBq8pqoUoOn70BdF/d5kC+pGjadYRx2R/UVD/tk
Zvc1AXPTA+q0rf0yHi+xuw4Db4fkOSTmc9mjuyQ/Wx8NN+jx1gQDWvw9YCdLjxT2
aZZ1ORhmFGQ+e0hxGhNM71jNZa8LNPDMGz3YcM0fCY6xPH8B3Hc3yNtuowYcaV//
hND7QuEJnRWkU/yRZNGlfHNko/YeU6J0azoEUwzyMlc4/xX7Sr4Ymseom4trT2/d
VdvApxwZJrszuaPd6/n0A/DmDGyneufZbsptAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdhBB7sXwcWSfmw1cWanPDdK2JeowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kaEJCN3NYd2NXU2ZtdzFj
V2FuUERkSzJKZW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGTw5qj4mlJmDAquqdTe5aWUJFtYoJH7+Jl4
7pcrJP8SjY9IB8IM3JBRNryLfPVi5lMuiTn2tkfww5zXmjj/dVh5wX8GH5QN2wIe
RlCzO4AC9GJzWMBLESu/ZaA1WnT3t+IdOUOh5V7QtX2B0wf7leGq72TEuiUOed0S
zC8zrqvywPsuB5SZ7TGBrvQB5t80/x6lVVbqormBEtDloRvpJRzVfN0x9Yz/ca+4
gxiEfzbrds0OQe2ybINGKzRBLF4Z6A1mSF7Cx9k+Lq40LE68C4dTNJAFYLU8hqrF
O0bhh5ewhekHiA2v6kt9NC7RSQTU6oq2o01SIHydruHjvJ/kk4E=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:54 2025 by rpki-client