Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ivC0JS-lj9oa9adkL6nTj1vVIJo.roa
File: ivC0JS-lj9oa9adkL6nTj1vVIJo.roa (raw, json)
Hash identifier: qFMcR/vymsPIHgQ6RuCiYTVtU8/LWos/JA/DUToJics=
Subject key identifier: 8A:F0:B4:25:2F:A5:8F:DA:1A:F5:A7:64:2F:A9:D3:8F:5B:D5:20:9A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 200E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ivC0JS-lj9oa9adkL6nTj1vVIJo.roa
Signing time: Wed 18 Jun 2025 22:44:28 +0000
ROA not before: Wed 18 Jun 2025 22:44:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8206 (0x200e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 22:44:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8AF0B4252FA58FDA1AF5A7642FA9D38F5BD5209A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:95:ad:68:cb:42:d2:14:07:e8:36:cf:ef:
00:7b:6f:13:1e:62:c9:6c:78:08:f7:7b:df:6c:2f:
0d:4d:8c:90:19:3c:d6:2d:0b:3f:a3:cf:2a:44:e2:
0b:92:0a:1f:c5:32:10:a8:63:ed:70:06:e6:b6:de:
c3:f2:70:b2:37:93:eb:90:0d:d9:bd:9c:5e:a5:76:
10:87:6c:49:fa:a5:51:f2:66:97:72:4b:ba:bc:2e:
50:29:d0:ce:7e:9e:bc:e3:c4:88:ad:a2:25:d0:a8:
9b:34:cd:34:35:53:c5:aa:41:86:10:14:67:a9:f3:
d7:2f:c8:2a:82:36:0d:53:c9:cd:0d:64:2e:a4:fa:
fc:f1:56:88:e7:e7:01:e3:8c:5d:a8:fd:ad:d3:60:
22:e1:f1:20:7a:6b:80:2e:7e:df:40:48:c0:10:5c:
39:a6:fc:74:35:d6:ed:4e:ba:a4:4d:28:29:d6:4a:
de:cb:6f:b0:50:b7:da:30:b4:e1:d2:8c:2e:31:69:
4c:79:32:aa:d3:8e:04:95:38:c2:0d:58:0b:83:8a:
01:d8:16:c9:c7:17:da:63:09:8a:b8:5c:43:4c:7d:
5f:4f:1a:6a:7e:14:2a:02:30:0d:80:1c:89:be:97:
87:9b:c7:5e:b9:75:9c:a5:f7:b5:a9:76:a5:12:99:
86:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F0:B4:25:2F:A5:8F:DA:1A:F5:A7:64:2F:A9:D3:8F:5B:D5:20:9A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ivC0JS-lj9oa9adkL6nTj1vVIJo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:9c:de:6e:0b:36:93:8b:6a:4d:2f:1f:20:26:cd:60:d8:df:
14:7b:75:37:28:9a:a3:35:ba:9a:85:18:0b:2b:d0:1e:1d:bf:
3a:ab:af:51:fc:89:f8:bd:63:de:32:f4:ca:30:04:8b:ef:79:
2f:7e:c6:aa:72:99:62:f0:af:fe:5b:04:c0:4a:9d:0b:e4:59:
93:20:0f:64:2b:85:9e:46:aa:7d:1f:73:45:cc:22:80:2f:76:
61:75:41:c7:dd:66:93:e2:38:fb:3d:12:c9:49:91:86:5f:5a:
ba:c9:6d:1b:07:fb:e7:f3:23:37:49:16:00:42:fd:83:2d:83:
e8:16:e3:2b:51:2a:6d:3a:6a:39:15:73:87:7b:cd:47:eb:4e:
39:e3:5d:01:dc:38:92:e2:87:e8:3b:cd:98:2d:9f:6b:95:a6:
e6:f3:04:96:be:72:4b:17:1d:b8:0a:17:2f:b3:c8:72:dd:fb:
0f:80:38:21:2b:6d:ee:74:3f:41:03:d6:c6:4b:0c:c9:c5:87:
30:90:3a:ed:9d:0f:34:7e:eb:64:d9:e6:8b:5a:ba:cb:1b:80:
f1:5a:f9:44:f8:0b:23:c0:7d:5d:e9:89:e9:df:d9:c2:b3:0f:
a1:04:c3:54:9f:d6:55:77:8e:3b:d5:c1:25:f5:20:ac:6a:e2:
85:55:d2:d9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgy
MjQ0MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhBRjBCNDI1MkZBNThG
REExQUY1QTc2NDJGQTlEMzhGNUJENTIwOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA95WtaMtC0hQH6DbP7wB7bxMeYslseAj3e99sLw1NjJAZPNYt
Cz+jzypE4guSCh/FMhCoY+1wBua23sPycLI3k+uQDdm9nF6ldhCHbEn6pVHyZpdy
S7q8LlAp0M5+nrzjxIitoiXQqJs0zTQ1U8WqQYYQFGep89cvyCqCNg1Tyc0NZC6k
+vzxVojn5wHjjF2o/a3TYCLh8SB6a4Auft9ASMAQXDmm/HQ11u1OuqRNKCnWSt7L
b7BQt9owtOHSjC4xaUx5MqrTjgSVOMINWAuDigHYFsnHF9pjCYq4XENMfV9PGmp+
FCoCMA2AHIm+l4ebx165dZyl97WpdqUSmYblAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUivC0JS+lj9oa9adkL6nTj1vVIJowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pdkMwSlMtbGo5b2E5YWRr
TDZuVGoxdlZJSm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKWc3m4LNpOLak0vHyAmzWDY3xR7dTcomqM1
upqFGAsr0B4dvzqrr1H8ifi9Y94y9MowBIvveS9+xqpymWLwr/5bBMBKnQvkWZMg
D2QrhZ5Gqn0fc0XMIoAvdmF1QcfdZpPiOPs9EslJkYZfWrrJbRsH++fzIzdJFgBC
/YMtg+gW4ytRKm06ajkVc4d7zUfrTjnjXQHcOJLih+g7zZgtn2uVpubzBJa+cksX
HbgKFy+zyHLd+w+AOCErbe50P0ED1sZLDMnFhzCQOu2dDzR+62TZ5otaussbgPFa
+UT4CyPAfV3pienf2cKzD6EEw1Sf1lV3jjvVwSX1IKxq4oVV0tk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:33:02 2025 by rpki-client