
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/if5NKnou1VHEts9_J13ewMRXDVc.roa
File: if5NKnou1VHEts9_J13ewMRXDVc.roa (raw, json)
Hash identifier: iua0OmTOKiTYb2pjkOPhoF/6pqDlLofwhF/rgeuRZ1Y=
Subject key identifier: 89:FE:4D:2A:7A:2E:D5:51:C4:B6:CF:7F:27:5D:DE:C0:C4:57:0D:57
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2006
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/if5NKnou1VHEts9_J13ewMRXDVc.roa
Signing time: Wed 18 Jun 2025 20:58:59 +0000
ROA not before: Wed 18 Jun 2025 20:58:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8198 (0x2006)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 20:58:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=89FE4D2A7A2ED551C4B6CF7F275DDEC0C4570D57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:48:77:1c:a9:b0:da:ea:34:7b:7a:99:f9:92:
8b:d0:b5:66:87:59:b0:dd:bc:fe:c1:0c:1b:ad:6a:
86:61:35:41:9e:40:3d:f3:10:5b:0a:cd:78:75:77:
2d:1c:d0:91:c9:17:b9:62:c3:eb:2e:b4:03:f9:55:
b0:2c:9f:2d:f2:d5:9f:db:77:d4:49:4e:a8:22:87:
29:3b:9b:9c:9b:b0:c7:b2:8a:02:e2:20:fc:71:fb:
33:9b:04:70:de:a5:a0:ce:6e:54:25:69:4e:ca:e5:
54:ed:68:71:a3:e5:23:a2:50:1e:09:be:a8:d3:0c:
1a:51:c5:02:d3:8d:26:fe:02:df:7c:94:11:66:d4:
a9:03:c2:79:3d:ff:ca:57:8e:21:10:89:01:72:a0:
18:9c:55:4c:84:c0:5d:24:30:d4:e5:93:05:04:be:
a3:43:f3:77:5a:d7:1f:c0:34:e2:85:09:7f:6f:81:
97:e6:e6:46:4c:ec:12:f8:e8:98:8c:ba:dd:50:dc:
91:22:2b:55:b5:3a:b9:d2:32:a1:b5:0e:9a:a2:b5:
1a:aa:be:b9:91:f8:06:c8:f4:2d:1b:af:4e:43:54:
f5:69:e5:d8:2b:c6:39:12:14:84:e4:76:0b:89:09:
d7:02:43:77:84:23:e7:57:6d:84:5c:d1:85:86:3a:
95:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:FE:4D:2A:7A:2E:D5:51:C4:B6:CF:7F:27:5D:DE:C0:C4:57:0D:57
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/if5NKnou1VHEts9_J13ewMRXDVc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:d1:33:eb:87:e1:40:b9:e6:63:25:dd:1a:f3:bb:b6:63:f9:
5f:32:d3:d5:2b:b4:30:4f:0d:1b:46:71:be:24:ee:fc:3a:4b:
cc:f0:40:21:18:74:23:c4:5c:ed:b6:8d:f8:99:5e:8c:94:92:
79:93:75:ec:bd:f0:e3:48:29:b9:65:27:22:0d:04:a6:f7:4d:
67:eb:2b:c9:d2:65:b9:8b:3b:ec:09:89:d1:da:7c:e0:d4:1c:
02:d7:b2:fd:7b:3d:5e:e8:f2:5f:cd:2c:5f:3e:86:28:3f:1d:
77:9c:c0:b3:c8:c7:eb:c0:ed:f6:ad:78:c4:64:58:29:f9:49:
30:be:77:f3:1d:fe:f4:2a:03:82:fd:98:56:8d:11:fa:c9:c8:
8d:bc:4c:29:30:3e:c6:74:6f:98:0c:df:41:17:10:a2:dc:9a:
7f:ca:19:97:7c:55:98:02:26:ed:63:1a:a3:32:94:42:90:cf:
ae:0e:4b:f0:64:55:29:25:67:3c:b1:3a:2b:a2:65:42:75:60:
d9:ed:e3:28:9f:1b:40:e6:64:f5:94:34:0b:55:d9:61:bc:ac:
87:f4:23:1b:fe:f0:04:53:99:c2:26:5e:b6:65:16:31:e8:87:
7d:21:b3:1e:c4:ee:82:c3:f8:34:52:9c:3e:85:4f:18:5b:c7:
f0:f6:8a:12
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIAYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgy
MDU4NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg5RkU0RDJBN0EyRUQ1
NTFDNEI2Q0Y3RjI3NURERUMwQzQ1NzBENTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwSHccqbDa6jR7epn5kovQtWaHWbDdvP7BDButaoZhNUGeQD3z
EFsKzXh1dy0c0JHJF7liw+sutAP5VbAsny3y1Z/bd9RJTqgihyk7m5ybsMeyigLi
IPxx+zObBHDepaDOblQlaU7K5VTtaHGj5SOiUB4JvqjTDBpRxQLTjSb+At98lBFm
1KkDwnk9/8pXjiEQiQFyoBicVUyEwF0kMNTlkwUEvqND83da1x/ANOKFCX9vgZfm
5kZM7BL46JiMut1Q3JEiK1W1OrnSMqG1DpqitRqqvrmR+AbI9C0br05DVPVp5dgr
xjkSFITkdguJCdcCQ3eEI+dXbYRc0YWGOpWnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUif5NKnou1VHEts9/J13ewMRXDVcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pZjVOS25vdTFWSEV0czlf
SjEzZXdNUlhEVmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIzRM+uH4UC55mMl3Rrzu7Zj+V8y09UrtDBP
DRtGcb4k7vw6S8zwQCEYdCPEXO22jfiZXoyUknmTdey98ONIKbllJyINBKb3TWfr
K8nSZbmLO+wJidHafODUHALXsv17PV7o8l/NLF8+hig/HXecwLPIx+vA7fateMRk
WCn5STC+d/Md/vQqA4L9mFaNEfrJyI28TCkwPsZ0b5gM30EXEKLcmn/KGZd8VZgC
Ju1jGqMylEKQz64OS/BkVSklZzyxOiuiZUJ1YNnt4yifG0DmZPWUNAtV2WG8rIf0
Ixv+8ARTmcImXrZlFjHoh30hsx7E7oLD+DRSnD6FTxhbx/D2ihI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:39 2025 by rpki-client