Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fPwAPytMGjvWszkag-d3lLp_vq4.roa
File: fPwAPytMGjvWszkag-d3lLp_vq4.roa (raw, json)
Hash identifier: tHZR37cF6P9dXRMFr5scWxWvE1swo0NYpO05p0qhHbE=
Subject key identifier: 7C:FC:00:3F:2B:4C:1A:3B:D6:B3:39:1A:83:E7:77:94:BA:7F:BE:AE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 238E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fPwAPytMGjvWszkag-d3lLp_vq4.roa
Signing time: Mon 23 Jun 2025 23:12:07 +0000
ROA not before: Mon 23 Jun 2025 23:12:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9102 (0x238e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 23:12:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7CFC003F2B4C1A3BD6B3391A83E77794BA7FBEAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:aa:3a:2f:91:48:0a:88:ac:91:bd:7f:17:db:
e0:45:37:1c:01:25:3d:4d:c5:a9:e4:eb:4b:f7:a6:
35:89:59:55:8d:5e:e7:c6:04:00:2c:22:22:d8:07:
a1:de:2a:fd:3e:ac:a7:0f:62:23:47:2d:39:1f:a3:
04:bc:46:24:98:85:e1:d3:6d:21:b8:9d:50:3f:cd:
a8:e1:24:2f:6b:00:c0:d6:37:3e:b3:df:4f:3f:17:
8d:f7:2e:ac:a9:37:9f:ae:7d:c1:4c:d7:a6:d6:5a:
e5:e2:b2:17:e0:69:75:ab:d2:05:4d:51:e6:30:ac:
bb:5a:1f:62:88:03:73:e8:31:29:a6:22:4a:ce:0f:
a2:66:5f:c3:a1:ee:b3:08:31:27:a7:6d:3a:fa:4b:
2e:69:a2:b0:e8:57:ce:d6:98:e2:21:51:69:d4:fb:
93:b9:b8:3d:ba:ba:2b:42:80:e9:59:56:12:5a:1b:
b7:42:1b:16:02:c5:e5:9e:bd:02:ac:d7:ea:01:60:
b3:a1:3d:6c:54:56:98:68:8f:c4:54:bf:d1:35:0c:
3f:67:1e:92:e1:d6:98:1e:70:b8:12:bc:78:4b:68:
e1:8d:5a:cc:08:fe:55:a1:b9:67:7c:53:1e:1f:6b:
77:92:66:72:e2:dc:d4:be:ab:58:b8:ae:e3:ac:02:
aa:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:FC:00:3F:2B:4C:1A:3B:D6:B3:39:1A:83:E7:77:94:BA:7F:BE:AE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fPwAPytMGjvWszkag-d3lLp_vq4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:61:99:5a:0c:8b:9a:8c:04:95:f6:34:a1:25:6f:fe:d5:85:
fc:8b:5d:cc:e1:58:db:65:13:67:0f:2d:61:80:c4:49:e9:a2:
21:ac:50:d8:de:a1:21:75:e6:84:8e:ea:26:08:48:61:9d:23:
04:18:27:5f:46:80:d9:1c:d9:7a:b8:f9:a1:0f:cd:7c:0a:96:
f0:f3:a2:5b:ef:09:ce:8b:49:8f:e7:23:85:b0:21:44:21:fa:
f2:be:45:8e:1f:a5:dd:2e:87:99:74:c2:7f:43:fb:68:f3:39:
5b:65:1c:33:cb:f9:38:d6:e8:3d:63:3f:f4:d8:1c:6b:54:02:
f7:b3:89:c3:19:fb:77:36:25:6e:33:47:07:f0:21:5c:07:8a:
38:1c:f9:42:4b:30:d7:b7:de:69:ed:4f:8c:ae:cf:ff:95:b0:
a0:5f:e8:77:32:fb:64:4e:1a:c1:d1:fb:26:bb:15:13:60:4b:
47:d2:d1:f8:5a:ca:b0:3f:78:44:bc:af:06:8c:e0:88:ce:ac:
ea:3c:dc:9f:36:c2:72:59:c9:0a:38:01:22:5e:dd:05:07:4d:
05:c1:cd:20:64:b9:5b:be:f6:a2:00:76:65:e3:92:d2:f7:df:
e8:73:10:5f:77:77:b9:e7:27:d6:ff:5a:15:2b:42:aa:8f:84:
8b:bc:34:56
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMy
MzEyMDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdDRkMwMDNGMkI0QzFB
M0JENkIzMzkxQTgzRTc3Nzk0QkE3RkJFQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMqjovkUgKiKyRvX8X2+BFNxwBJT1Nxank60v3pjWJWVWNXufG
BAAsIiLYB6HeKv0+rKcPYiNHLTkfowS8RiSYheHTbSG4nVA/zajhJC9rAMDWNz6z
308/F433LqypN5+ufcFM16bWWuXishfgaXWr0gVNUeYwrLtaH2KIA3PoMSmmIkrO
D6JmX8Oh7rMIMSenbTr6Sy5porDoV87WmOIhUWnU+5O5uD26uitCgOlZVhJaG7dC
GxYCxeWevQKs1+oBYLOhPWxUVphoj8RUv9E1DD9nHpLh1pgecLgSvHhLaOGNWswI
/lWhuWd8Ux4fa3eSZnLi3NS+q1i4ruOsAqpBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfPwAPytMGjvWszkag+d3lLp/vq4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mUHdBUHl0TUdqdldzemth
Zy1kM2xMcF92cTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIdhmVoMi5qMBJX2NKElb/7VhfyLXczhWNtl
E2cPLWGAxEnpoiGsUNjeoSF15oSO6iYISGGdIwQYJ19GgNkc2Xq4+aEPzXwKlvDz
olvvCc6LSY/nI4WwIUQh+vK+RY4fpd0uh5l0wn9D+2jzOVtlHDPL+TjW6D1jP/TY
HGtUAvezicMZ+3c2JW4zRwfwIVwHijgc+UJLMNe33mntT4yuz/+VsKBf6Hcy+2RO
GsHR+ya7FRNgS0fS0fhayrA/eES8rwaM4IjOrOo83J82wnJZyQo4ASJe3QUHTQXB
zSBkuVu+9qIAdmXjktL33+hzEF93d7nnJ9b/WhUrQqqPhIu8NFY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:37:07 2025 by rpki-client