Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/i6WXIES_ZkyQfgB-E9HZQfi8yNk.roa
File: i6WXIES_ZkyQfgB-E9HZQfi8yNk.roa (raw, json)
Hash identifier: RYiyZ5g8QWCeYXnzPhZ5OXgOZ1CppMG00GHSkv9uU68=
Subject key identifier: 8B:A5:97:20:44:BF:66:4C:90:7E:00:7E:13:D1:D9:41:F8:BC:C8:D9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2266
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i6WXIES_ZkyQfgB-E9HZQfi8yNk.roa
Signing time: Sun 22 Jun 2025 10:11:50 +0000
ROA not before: Sun 22 Jun 2025 10:11:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8806 (0x2266)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 10:11:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8BA5972044BF664C907E007E13D1D941F8BCC8D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:87:11:9b:19:c8:12:d0:3e:a6:19:2d:5a:90:
c6:fc:27:9e:20:fc:f9:1c:38:79:52:d8:28:e5:7e:
3e:f1:8e:ac:dd:d0:72:28:ae:39:18:ad:db:01:22:
71:3c:14:32:45:25:7f:92:ac:f5:4e:e7:d7:56:46:
61:9f:83:c2:fd:a0:8a:d9:20:01:64:2c:99:ee:cf:
6d:4f:d2:49:59:0c:81:02:db:04:d0:20:f4:3c:12:
09:58:d4:2c:d0:d8:4a:6c:f3:89:7b:7b:44:3a:74:
ec:12:2c:2a:05:96:67:f6:00:0b:51:83:5f:f4:25:
ac:14:eb:85:17:37:76:a5:e3:47:4f:53:ec:65:d6:
ee:27:bb:aa:4c:b6:b1:10:a4:03:1f:bd:62:1d:12:
a9:49:ed:db:7b:f1:3f:34:05:7d:58:59:9d:0f:0a:
e1:2a:94:b7:2f:f4:29:0f:52:98:b4:20:16:72:a3:
d0:11:90:7b:e4:61:ad:7f:87:32:3b:26:17:6c:96:
bd:6f:78:45:a4:63:0f:c0:0b:72:e5:37:ce:c5:41:
d2:52:5c:f0:e4:b8:2e:da:e6:c4:27:d9:8b:2d:fe:
47:2d:92:9f:1b:1b:19:24:fd:18:65:bb:af:2d:28:
c4:af:07:f5:fc:23:4f:c3:74:f4:c8:c3:8b:ac:75:
da:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A5:97:20:44:BF:66:4C:90:7E:00:7E:13:D1:D9:41:F8:BC:C8:D9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i6WXIES_ZkyQfgB-E9HZQfi8yNk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:fb:1b:c8:95:18:49:53:6d:c1:ea:91:29:ea:38:cf:a9:3a:
bf:20:70:bc:bf:cc:3e:c4:b2:cf:f0:50:21:5e:45:79:9b:12:
a3:52:71:54:69:22:ef:a3:85:22:06:1e:20:a5:4c:81:80:61:
f6:3b:72:ee:4e:0d:da:2c:bf:67:92:02:f8:15:11:ac:2e:55:
73:ac:a3:c7:20:da:00:7c:51:d7:40:fe:fa:df:bb:75:08:e7:
0e:86:c1:5a:5d:1b:b2:29:b9:9e:1c:1d:7d:13:95:36:c3:da:
2e:e2:3c:2f:47:0f:aa:51:51:a7:29:53:a8:a5:0c:6d:69:96:
64:fd:86:c1:0a:f2:2c:6c:be:0c:75:47:ca:6f:db:64:73:86:
4d:27:1a:b5:9a:5d:95:2f:1a:01:90:e7:8d:00:a5:a5:64:af:
28:4c:28:4c:33:28:af:2a:cf:b6:9e:07:e2:42:55:46:11:0e:
1c:74:d4:5b:9e:0b:09:d3:26:b6:19:d0:28:eb:81:34:50:7d:
04:bb:ae:77:75:c9:14:2f:01:b8:f7:27:2b:7f:78:4f:85:ed:
63:b6:2e:d9:5f:18:ed:14:92:6d:dc:ad:1e:36:ea:cf:79:dd:
84:d9:76:dd:f8:af:55:16:f5:24:a0:24:6a:be:78:03:31:79:
74:71:ae:8e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICImYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
MDExNTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhCQTU5NzIwNDRCRjY2
NEM5MDdFMDA3RTEzRDFEOTQxRjhCQ0M4RDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAhxGbGcgS0D6mGS1akMb8J54g/PkcOHlS2Cjlfj7xjqzd0HIo
rjkYrdsBInE8FDJFJX+SrPVO59dWRmGfg8L9oIrZIAFkLJnuz21P0klZDIEC2wTQ
IPQ8EglY1CzQ2Eps84l7e0Q6dOwSLCoFlmf2AAtRg1/0JawU64UXN3al40dPU+xl
1u4nu6pMtrEQpAMfvWIdEqlJ7dt78T80BX1YWZ0PCuEqlLcv9CkPUpi0IBZyo9AR
kHvkYa1/hzI7Jhdslr1veEWkYw/AC3LlN87FQdJSXPDkuC7a5sQn2Yst/kctkp8b
Gxkk/Rhlu68tKMSvB/X8I0/DdPTIw4usddodAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUi6WXIES/ZkyQfgB+E9HZQfi8yNkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pNldYSUVTX1preVFmZ0It
RTlIWlFmaTh5Tmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAA37G8iVGElTbcHqkSnqOM+pOr8gcLy/zD7E
ss/wUCFeRXmbEqNScVRpIu+jhSIGHiClTIGAYfY7cu5ODdosv2eSAvgVEawuVXOs
o8cg2gB8UddA/vrfu3UI5w6GwVpdG7IpuZ4cHX0TlTbD2i7iPC9HD6pRUacpU6il
DG1plmT9hsEK8ixsvgx1R8pv22Rzhk0nGrWaXZUvGgGQ540ApaVkryhMKEwzKK8q
z7aeB+JCVUYRDhx01FueCwnTJrYZ0CjrgTRQfQS7rnd1yRQvAbj3Jyt/eE+F7WO2
LtlfGO0Ukm3crR426s953YTZdt34r1UW9SSgJGq+eAMxeXRxro4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:44:26 2025 by rpki-client