
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hdwD9XmiIZH3XgF3vV0o8yh4CV4.roa
File: hdwD9XmiIZH3XgF3vV0o8yh4CV4.roa (raw, json)
Hash identifier: xAmRMlejPj4RiIZ5q9kjwDEk4hQ58y1X4oNsH8ZOS5s=
Subject key identifier: 85:DC:03:F5:79:A2:21:91:F7:5E:01:77:BD:5D:28:F3:28:78:09:5E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 23CA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hdwD9XmiIZH3XgF3vV0o8yh4CV4.roa
Signing time: Tue 24 Jun 2025 06:41:58 +0000
ROA not before: Tue 24 Jun 2025 06:41:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9162 (0x23ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 06:41:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=85DC03F579A22191F75E0177BD5D28F32878095E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:55:83:41:55:df:e3:c0:bf:4f:c4:4e:71:f0:
1b:86:39:2a:66:81:03:94:b1:f6:52:1a:9f:7a:9a:
fe:be:b0:5d:ce:27:cb:ee:5e:44:39:ab:04:00:ba:
8d:5d:cf:35:11:86:ce:e4:1f:7c:b1:ce:df:67:68:
60:07:4b:9b:3d:34:36:24:f5:e4:7d:28:9f:19:9e:
28:8b:a7:4d:5b:eb:d3:b8:cf:f8:17:8e:3c:44:eb:
d3:94:5a:7c:4a:25:2d:17:1d:ea:61:30:94:a2:44:
9c:56:6f:bb:bb:7a:3c:6a:a3:99:5d:e7:67:2a:8b:
08:2a:bd:12:de:f7:bf:19:1b:17:67:86:64:c7:3b:
bf:69:0a:fa:97:01:04:2d:a7:8d:62:45:4f:19:79:
57:fe:a5:27:7d:82:e8:ff:69:c2:ae:bc:13:5c:b6:
6d:88:b3:e8:6c:88:01:3b:33:19:22:92:6d:95:73:
f5:ce:0b:11:bd:74:fd:6e:98:0a:c7:1c:7a:90:83:
2c:bd:fa:24:c0:90:c4:7b:c3:01:06:4d:35:e3:54:
b8:c1:32:5a:fb:8f:e7:27:85:84:9b:a4:91:12:bf:
09:89:1b:12:22:bb:7a:e9:9f:61:81:bf:7e:b2:a8:
cd:d9:dc:7b:33:f6:ff:9d:3c:a7:b8:1a:af:36:71:
8b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DC:03:F5:79:A2:21:91:F7:5E:01:77:BD:5D:28:F3:28:78:09:5E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hdwD9XmiIZH3XgF3vV0o8yh4CV4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:ca:d4:85:90:fa:8c:bd:1d:85:8c:47:4d:52:61:c4:23:40:
b9:7a:77:11:94:a7:b0:6c:23:41:1d:3e:c9:7d:d7:4c:cf:e0:
ea:0f:6c:56:9b:c4:36:06:ff:c3:87:c0:58:29:68:d1:90:e6:
be:5e:e2:d4:62:be:77:4f:00:94:bb:da:ac:ec:90:93:0e:de:
0b:78:b0:d7:73:2d:b9:6f:c8:63:47:0f:83:d7:51:f5:f1:ac:
4d:f8:8a:71:32:ea:bf:d6:2e:76:ac:8a:5a:f8:8b:ac:c2:18:
d4:35:94:bb:90:ad:cd:13:43:e6:de:43:ca:6d:c2:84:c6:68:
9e:24:dd:cd:a4:f2:30:d2:d4:50:5a:90:0b:bb:6e:81:44:36:
45:34:5d:c3:8d:4a:7b:e6:d9:7c:8b:62:35:b7:d3:4a:fa:e7:
f9:14:9a:82:ba:b4:91:6d:b1:c0:b8:fd:df:9a:8a:0f:bf:ca:
c7:83:d6:d8:c8:42:5b:fe:b4:64:21:68:0e:26:de:68:85:e0:
fd:37:2d:03:69:41:41:b4:c7:41:d2:09:58:56:5d:a2:40:aa:
86:43:30:b9:5a:f9:e8:f0:28:5a:c3:91:2b:a5:da:c1:cc:c2:
ee:bd:bc:c2:37:21:93:aa:42:f2:89:55:90:79:76:3e:6f:66:
92:74:b3:bb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQw
NjQxNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg1REMwM0Y1NzlBMjIx
OTFGNzVFMDE3N0JENUQyOEYzMjg3ODA5NUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMVYNBVd/jwL9PxE5x8BuGOSpmgQOUsfZSGp96mv6+sF3OJ8vu
XkQ5qwQAuo1dzzURhs7kH3yxzt9naGAHS5s9NDYk9eR9KJ8ZniiLp01b69O4z/gX
jjxE69OUWnxKJS0XHephMJSiRJxWb7u7ejxqo5ld52cqiwgqvRLe978ZGxdnhmTH
O79pCvqXAQQtp41iRU8ZeVf+pSd9guj/acKuvBNctm2Is+hsiAE7Mxkikm2Vc/XO
CxG9dP1umArHHHqQgyy9+iTAkMR7wwEGTTXjVLjBMlr7j+cnhYSbpJESvwmJGxIi
u3rpn2GBv36yqM3Z3Hsz9v+dPKe4Gq82cYvzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhdwD9XmiIZH3XgF3vV0o8yh4CV4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oZHdEOVhtaUlaSDNYZ0Yz
dlYwbzh5aDRDVjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAArK1IWQ+oy9HYWMR01SYcQjQLl6dxGUp7Bs
I0EdPsl910zP4OoPbFabxDYG/8OHwFgpaNGQ5r5e4tRivndPAJS72qzskJMO3gt4
sNdzLblvyGNHD4PXUfXxrE34inEy6r/WLnasilr4i6zCGNQ1lLuQrc0TQ+beQ8pt
woTGaJ4k3c2k8jDS1FBakAu7boFENkU0XcONSnvm2XyLYjW300r65/kUmoK6tJFt
scC4/d+aig+/yseD1tjIQlv+tGQhaA4m3miF4P03LQNpQUG0x0HSCVhWXaJAqoZD
MLla+ejwKFrDkSul2sHMwu69vMI3IZOqQvKJVZB5dj5vZpJ0s7s=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:44 2025 by rpki-client