Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gam7GF8SK9QGRD49Hf6FtQ9Lc68.roa
File: gam7GF8SK9QGRD49Hf6FtQ9Lc68.roa (raw, json)
Hash identifier: NE5wI39NZfDLO2TVJ8LrAV5A92h+DULH5n3oiXd5Vr4=
Subject key identifier: 81:A9:BB:18:5F:12:2B:D4:06:44:3E:3D:1D:FE:85:B5:0F:4B:73:AF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1426
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gam7GF8SK9QGRD49Hf6FtQ9Lc68.roa
Signing time: Mon 02 Jun 2025 22:39:15 +0000
ROA not before: Mon 02 Jun 2025 22:39:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5158 (0x1426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 22:39:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=81A9BB185F122BD406443E3D1DFE85B50F4B73AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9c:78:5f:38:3d:1c:81:e2:18:6f:ae:db:97:
39:6b:10:0e:7b:e9:4c:cd:3e:19:3c:81:10:3f:ed:
9a:a0:db:8e:13:9e:b7:a8:41:52:ae:50:63:26:86:
a0:c9:86:ef:4b:15:22:70:46:95:2d:95:52:a8:5b:
0d:80:d6:6d:71:43:78:a9:57:cd:a6:13:b5:3f:e3:
cc:32:e3:ba:83:0c:f2:65:4d:89:89:9c:37:7d:fb:
bf:64:46:0a:13:17:ae:77:e5:52:be:e1:d5:32:69:
38:4c:e6:28:55:26:5a:3b:06:82:02:81:fb:f6:5b:
ce:83:fa:74:50:33:d1:f1:0a:c6:f2:4b:01:80:a2:
23:2b:49:b2:69:c8:c5:69:2e:be:e4:93:db:d9:be:
93:0c:9f:7e:16:c6:8f:84:66:31:e4:c3:c2:53:f0:
af:51:c0:8f:08:68:4d:5b:02:da:44:85:a6:55:62:
41:08:d2:cb:e0:ba:0d:34:5b:4f:03:59:b6:05:06:
6d:2c:88:2e:2a:68:58:1b:8d:b1:ef:db:9d:47:f7:
f6:26:c7:8e:48:e0:80:eb:dc:c2:18:86:7e:6e:a7:
75:82:ce:13:48:8c:9f:c5:5f:6f:63:f6:83:e3:1c:
d7:59:03:37:6a:40:33:9a:ff:02:de:28:64:f3:40:
79:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:A9:BB:18:5F:12:2B:D4:06:44:3E:3D:1D:FE:85:B5:0F:4B:73:AF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gam7GF8SK9QGRD49Hf6FtQ9Lc68.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:92:6d:8d:31:a8:24:30:1b:55:90:74:ba:c1:5a:a0:58:fb:
f2:d9:b3:9c:e5:89:11:11:76:0b:4b:2a:d7:95:6a:d9:d4:37:
16:1f:c5:e4:f9:67:9a:22:59:a8:8c:56:d9:16:1c:1b:7e:6b:
83:f7:a4:8d:0e:21:10:9d:46:48:bb:8e:c6:d7:23:ff:0d:66:
a8:69:20:5d:8b:83:5f:96:07:e6:1a:14:38:56:ed:e5:7a:78:
bb:75:5b:f8:0c:51:be:28:aa:13:db:e2:d2:5b:ab:e9:a8:98:
65:49:51:d8:8b:af:78:08:2a:1c:15:03:50:bf:b0:15:69:d3:
dc:b9:04:c0:eb:e9:f4:4d:a2:96:7e:76:76:c3:22:8c:ae:5f:
7c:d9:82:a5:46:0a:ac:f9:d1:7b:4c:44:62:35:86:97:8e:d0:
a1:65:ff:20:6c:74:9f:cf:87:b1:53:5f:24:0f:33:d8:b9:ec:
a1:f8:46:b4:ba:09:1e:13:0c:07:39:d8:00:f5:e0:cb:5e:7a:
26:ff:a8:75:2e:8b:7a:5a:6f:17:2c:f2:a9:93:cf:66:f3:ba:
17:7f:7e:47:da:88:f4:b3:3b:b4:bf:f8:5d:42:63:63:9a:b9:
ab:e5:cd:d8:f8:29:77:7f:45:4d:3a:6e:a5:a7:1c:fd:de:08:
0f:8a:6e:80
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIy
MjM5MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgxQTlCQjE4NUYxMjJC
RDQwNjQ0M0UzRDFERkU4NUI1MEY0QjczQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhnHhfOD0cgeIYb67blzlrEA576UzNPhk8gRA/7Zqg244Tnreo
QVKuUGMmhqDJhu9LFSJwRpUtlVKoWw2A1m1xQ3ipV82mE7U/48wy47qDDPJlTYmJ
nDd9+79kRgoTF6535VK+4dUyaThM5ihVJlo7BoICgfv2W86D+nRQM9HxCsbySwGA
oiMrSbJpyMVpLr7kk9vZvpMMn34Wxo+EZjHkw8JT8K9RwI8IaE1bAtpEhaZVYkEI
0svgug00W08DWbYFBm0siC4qaFgbjbHv251H9/Ymx45I4IDr3MIYhn5up3WCzhNI
jJ/FX29j9oPjHNdZAzdqQDOa/wLeKGTzQHlfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgam7GF8SK9QGRD49Hf6FtQ9Lc68wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nYW03R0Y4U0s5UUdSRDQ5
SGY2RnRROUxjNjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGKSbY0xqCQwG1WQdLrBWqBY+/LZs5zliRER
dgtLKteVatnUNxYfxeT5Z5oiWaiMVtkWHBt+a4P3pI0OIRCdRki7jsbXI/8NZqhp
IF2Lg1+WB+YaFDhW7eV6eLt1W/gMUb4oqhPb4tJbq+momGVJUdiLr3gIKhwVA1C/
sBVp09y5BMDr6fRNopZ+dnbDIoyuX3zZgqVGCqz50XtMRGI1hpeO0KFl/yBsdJ/P
h7FTXyQPM9i57KH4RrS6CR4TDAc52AD14Mteeib/qHUui3pabxcs8qmTz2bzuhd/
fkfaiPSzO7S/+F1CY2Oauavlzdj4KXd/RU06bqWnHP3eCA+KboA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:46:40 2025 by rpki-client