Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jnjMEyQZ8U-ghe5X0_eQnbn3yp8.roa
File: jnjMEyQZ8U-ghe5X0_eQnbn3yp8.roa (raw, json)
Hash identifier: JHgdJ5T5WhcwGLgmPsDlLkJI6qz2PS3co3euEEoks5k=
Subject key identifier: 8E:78:CC:13:24:19:F1:4F:A0:85:EE:57:D3:F7:90:9D:B9:F7:CA:9F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1C42
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jnjMEyQZ8U-ghe5X0_eQnbn3yp8.roa
Signing time: Fri 13 Jun 2025 18:09:53 +0000
ROA not before: Fri 13 Jun 2025 18:09:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7234 (0x1c42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 13 18:09:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8E78CC132419F14FA085EE57D3F7909DB9F7CA9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:19:45:8f:fd:46:58:9a:35:cf:ec:5d:63:88:
c9:a3:e2:30:bc:68:a6:88:7a:81:24:3e:8b:90:e7:
f3:32:79:92:12:eb:71:c2:b8:a4:8b:96:8d:35:39:
3e:40:95:5c:d7:c4:2c:b2:4a:9c:6c:8e:63:d2:b2:
3a:5d:74:9e:83:ec:36:33:99:94:23:07:2f:d4:37:
02:33:3b:72:e5:f0:fb:d8:2a:02:19:11:56:b9:3a:
a1:12:10:15:9c:0f:46:3b:20:fa:b5:e2:d5:0d:1b:
a4:19:79:60:2f:c1:0e:d7:f9:1b:33:0f:fd:47:f0:
bb:31:e0:22:5e:9f:81:67:87:03:35:4e:79:73:f0:
58:9a:7f:16:9c:7d:3b:53:bb:3b:29:1b:b4:8d:8e:
96:fd:39:89:53:54:13:2c:62:48:61:56:79:29:bd:
99:22:be:5b:11:1c:d2:ee:f8:68:fe:6b:55:19:d5:
ae:a5:56:b9:53:16:01:15:8f:45:a2:3e:23:ac:65:
9f:b6:fc:45:15:f3:50:12:da:b8:8e:93:5b:9c:db:
b2:4f:70:62:c8:f8:cd:0f:ac:6d:e4:be:fd:d7:31:
ab:33:28:f7:a0:a4:a8:7f:ee:ff:98:c0:8e:7d:6b:
99:21:52:56:20:1e:a0:30:94:79:25:80:ea:4e:3a:
8f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:78:CC:13:24:19:F1:4F:A0:85:EE:57:D3:F7:90:9D:B9:F7:CA:9F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jnjMEyQZ8U-ghe5X0_eQnbn3yp8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:0f:83:d9:02:53:de:ae:68:b5:80:d0:eb:f0:81:b7:93:eb:
17:f2:80:82:2f:93:d4:28:0d:34:f9:b3:6d:54:13:2f:b1:3a:
7f:6c:02:4f:1a:77:d6:0a:49:e0:65:c7:4b:da:3f:fa:5a:40:
a3:b3:80:f5:80:45:f7:76:3b:00:af:a9:35:ee:58:61:b6:9e:
45:ab:b2:ba:99:9c:b3:fc:4a:b2:48:32:4d:19:8c:ae:83:4f:
2c:ca:8a:92:b5:f6:85:a8:9e:ff:5c:0b:1f:26:86:b9:27:cc:
b4:fe:9a:69:56:4b:a8:ed:a1:d8:2a:44:07:50:f6:d4:95:5f:
e2:65:0b:0a:a1:16:e4:85:68:e0:f9:e7:be:00:58:f2:57:b7:
13:e8:35:f3:c7:24:9a:2d:ac:5f:aa:df:1f:b7:bd:75:66:0d:
08:cf:b3:20:f9:63:6e:54:93:7d:9f:43:b7:fb:f6:52:10:7a:
2b:78:41:c3:bc:23:d8:8b:9a:a7:bd:ff:3e:19:64:0b:dc:4b:
ee:b9:eb:7e:32:06:cc:6b:55:32:59:ef:7f:3c:49:06:37:80:
39:ba:32:ec:34:4b:36:34:44:61:61:b0:59:0e:29:42:f9:ff:
1b:92:c8:c1:6a:da:dc:72:f2:db:65:3e:62:4f:b4:cb:18:69:
2a:19:96:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTMx
ODA5NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhFNzhDQzEzMjQxOUYx
NEZBMDg1RUU1N0QzRjc5MDlEQjlGN0NBOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHGUWP/UZYmjXP7F1jiMmj4jC8aKaIeoEkPouQ5/MyeZIS63HC
uKSLlo01OT5AlVzXxCyySpxsjmPSsjpddJ6D7DYzmZQjBy/UNwIzO3Ll8PvYKgIZ
EVa5OqESEBWcD0Y7IPq14tUNG6QZeWAvwQ7X+RszD/1H8Lsx4CJen4FnhwM1Tnlz
8FiafxacfTtTuzspG7SNjpb9OYlTVBMsYkhhVnkpvZkivlsRHNLu+Gj+a1UZ1a6l
VrlTFgEVj0WiPiOsZZ+2/EUV81AS2riOk1uc27JPcGLI+M0PrG3kvv3XMaszKPeg
pKh/7v+YwI59a5khUlYgHqAwlHklgOpOOo/FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjnjMEyQZ8U+ghe5X0/eQnbn3yp8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qbmpNRXlRWjhVLWdoZTVY
MF9lUW5ibjN5cDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIYPg9kCU96uaLWA0OvwgbeT6xfygIIvk9Qo
DTT5s21UEy+xOn9sAk8ad9YKSeBlx0vaP/paQKOzgPWARfd2OwCvqTXuWGG2nkWr
srqZnLP8SrJIMk0ZjK6DTyzKipK19oWonv9cCx8mhrknzLT+mmlWS6jtodgqRAdQ
9tSVX+JlCwqhFuSFaOD5574AWPJXtxPoNfPHJJotrF+q3x+3vXVmDQjPsyD5Y25U
k32fQ7f79lIQeit4QcO8I9iLmqe9/z4ZZAvcS+65634yBsxrVTJZ7388SQY3gDm6
Muw0SzY0RGFhsFkOKUL5/xuSyMFq2txy8ttlPmJPtMsYaSoZlh0=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:49:38 2025 by rpki-client