Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gmvGdc7B4P51aCi5ryUWw5JRjcE.roa
File: gmvGdc7B4P51aCi5ryUWw5JRjcE.roa (raw, json)
Hash identifier: B68NEZuMXIKRYabz4d1cp2YgssS7OvwRnsk9bS8jKzI=
Subject key identifier: 82:6B:C6:75:CE:C1:E0:FE:75:68:28:B9:AF:25:16:C3:92:51:8D:C1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 23B6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gmvGdc7B4P51aCi5ryUWw5JRjcE.roa
Signing time: Tue 24 Jun 2025 04:12:06 +0000
ROA not before: Tue 24 Jun 2025 04:12:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9142 (0x23b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 04:12:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=826BC675CEC1E0FE756828B9AF2516C392518DC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1b:a5:df:25:36:ac:63:ff:1d:c8:bb:ff:67:
5c:c1:54:74:32:c1:06:d4:3a:4f:a0:ec:23:67:8d:
38:20:f8:f3:54:c6:8f:c0:20:e6:06:a9:a6:20:b0:
96:f1:6e:b4:aa:b5:ea:38:71:cf:72:ae:ac:fa:3d:
dd:c0:c3:ac:cd:81:e9:a5:9a:87:58:cf:1c:73:71:
d3:3b:88:b7:f0:9e:79:6e:9e:6d:62:b3:02:51:a3:
1c:96:86:ab:1f:1b:09:df:95:f7:59:5c:f7:bd:38:
da:c0:d6:6e:4b:65:b2:7d:4b:35:92:e2:e1:27:b0:
d9:e5:00:40:4d:68:fc:4d:71:72:ed:e8:21:c5:c0:
82:7e:db:2f:7a:25:fd:ab:0d:f2:4d:62:16:36:45:
77:aa:de:7a:49:50:a1:28:f0:57:86:f4:b3:0e:60:
65:71:60:43:69:cc:5d:a3:2f:e2:15:72:8b:0a:fa:
25:dd:52:c2:42:3f:95:35:8a:e3:26:80:ac:73:5c:
45:69:e2:68:ff:e9:c4:eb:16:85:70:f1:5f:e6:84:
e1:86:3c:97:7b:e5:fc:28:95:0d:80:8f:f5:c5:6a:
4b:f0:49:41:90:9b:8e:9f:c7:ef:9e:70:71:93:ad:
76:1c:8b:4e:21:20:b7:f4:40:5e:50:53:5f:e3:6a:
55:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:6B:C6:75:CE:C1:E0:FE:75:68:28:B9:AF:25:16:C3:92:51:8D:C1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gmvGdc7B4P51aCi5ryUWw5JRjcE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:52:10:a5:ea:dc:29:a7:10:cf:c5:00:26:97:8b:82:f6:4a:
54:b1:a3:e8:13:bc:6d:be:49:46:f2:55:b3:18:74:31:48:ce:
dc:69:2e:86:00:c7:be:cd:3b:e4:39:3b:72:60:0b:88:1e:c2:
5e:bd:7a:1a:bb:1a:99:1a:0e:e8:8c:79:e1:19:0c:d4:ae:a7:
2a:16:71:09:28:9a:d6:a3:ba:a6:3d:5d:44:82:a9:36:10:bc:
f6:87:16:f9:92:98:bc:dd:1c:97:09:3b:7e:ca:28:36:ba:64:
c0:8b:a5:62:33:b9:2a:ff:de:3c:26:10:77:8b:5c:c4:ba:a5:
c7:68:bc:15:e5:b3:6c:8f:24:8d:d5:b6:40:e8:10:64:15:b4:
15:06:db:67:ff:9b:7d:7e:2f:14:ec:ae:10:82:de:d6:ef:ad:
14:c4:8b:a3:e2:52:34:0c:6e:22:df:6b:3f:69:13:37:07:23:
96:47:90:84:cf:63:5a:17:26:4e:fa:08:d9:ca:3f:d7:c2:11:
0e:80:81:cf:f5:88:f8:8a:08:59:12:7a:45:8a:ad:ed:a8:af:
b3:4e:7a:62:40:dc:01:c6:0d:b0:bb:e8:b6:77:34:3c:22:b4:
3c:13:64:36:6c:9e:44:80:98:a7:fb:c9:68:4b:d5:ce:e0:80:
57:9d:ad:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQw
NDEyMDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyNkJDNjc1Q0VDMUUw
RkU3NTY4MjhCOUFGMjUxNkMzOTI1MThEQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVG6XfJTasY/8dyLv/Z1zBVHQywQbUOk+g7CNnjTgg+PNUxo/A
IOYGqaYgsJbxbrSqteo4cc9yrqz6Pd3Aw6zNgemlmodYzxxzcdM7iLfwnnlunm1i
swJRoxyWhqsfGwnflfdZXPe9ONrA1m5LZbJ9SzWS4uEnsNnlAEBNaPxNcXLt6CHF
wIJ+2y96Jf2rDfJNYhY2RXeq3npJUKEo8FeG9LMOYGVxYENpzF2jL+IVcosK+iXd
UsJCP5U1iuMmgKxzXEVp4mj/6cTrFoVw8V/mhOGGPJd75fwolQ2Aj/XFakvwSUGQ
m46fx++ecHGTrXYci04hILf0QF5QU1/jalUZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgmvGdc7B4P51aCi5ryUWw5JRjcEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nbXZHZGM3QjRQNTFhQ2k1
cnlVV3c1SlJqY0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF1SEKXq3CmnEM/FACaXi4L2SlSxo+gTvG2+
SUbyVbMYdDFIztxpLoYAx77NO+Q5O3JgC4gewl69ehq7GpkaDuiMeeEZDNSupyoW
cQkomtajuqY9XUSCqTYQvPaHFvmSmLzdHJcJO37KKDa6ZMCLpWIzuSr/3jwmEHeL
XMS6pcdovBXls2yPJI3VtkDoEGQVtBUG22f/m31+LxTsrhCC3tbvrRTEi6PiUjQM
biLfaz9pEzcHI5ZHkITPY1oXJk76CNnKP9fCEQ6Agc/1iPiKCFkSekWKre2or7NO
emJA3AHGDbC76LZ3NDwitDwTZDZsnkSAmKf7yWhL1c7ggFedrYI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:35:09 2025 by rpki-client