Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mmPB42faUcdNedepnM2rjfVIYIo.roa
File: mmPB42faUcdNedepnM2rjfVIYIo.roa (raw, json)
Hash identifier: DD1rDSVGmu92jAgt1MqidTES+T08tBTbmGfvDdPGMb4=
Subject key identifier: 9A:63:C1:E3:67:DA:51:C7:4D:79:D7:A9:9C:CD:AB:8D:F5:48:60:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 243A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mmPB42faUcdNedepnM2rjfVIYIo.roa
Signing time: Tue 24 Jun 2025 20:42:06 +0000
ROA not before: Tue 24 Jun 2025 20:42:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9274 (0x243a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 20:42:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9A63C1E367DA51C74D79D7A99CCDAB8DF548608A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:54:46:2b:2b:3e:57:e7:1e:de:1a:c0:f8:2d:
b8:51:e6:15:d3:eb:26:33:04:23:11:8c:d8:f0:d5:
5c:ce:5c:ad:f8:5c:7d:da:50:8a:9c:54:1c:20:38:
88:99:4a:eb:5f:d1:f0:3b:f2:4a:39:30:cd:d2:a4:
50:c8:cb:73:24:d6:bc:03:66:0b:a0:aa:3f:ab:92:
e2:2a:54:34:ae:20:3f:d6:11:96:99:f7:35:cd:be:
e7:08:29:78:9e:96:68:82:0f:80:28:0c:ab:15:3d:
61:50:23:56:5f:d9:5a:d2:dc:e9:b3:56:f5:0f:ff:
cf:9a:4f:7d:19:ce:4e:fd:56:fe:9f:3d:61:ad:c8:
16:90:70:1a:8d:47:69:bb:bb:7c:14:fb:43:f5:fe:
dc:f4:f2:16:8a:64:1b:80:d7:5c:10:f7:c2:ed:92:
e3:c6:d4:1b:d3:f7:70:70:f6:4e:ff:36:b0:20:4f:
70:20:00:39:ec:f8:b7:21:01:7f:d5:f6:20:5b:d0:
e1:36:65:b2:6c:21:a1:6a:12:24:85:7b:cc:5f:e8:
6e:7f:bd:00:8b:0b:70:aa:97:f0:ab:41:f9:ed:41:
12:4e:f7:8d:bb:4a:ac:13:c6:cd:8d:b4:43:95:5e:
a4:e5:c8:54:32:aa:2c:42:8a:b1:89:1a:c2:f5:9f:
f4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:63:C1:E3:67:DA:51:C7:4D:79:D7:A9:9C:CD:AB:8D:F5:48:60:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mmPB42faUcdNedepnM2rjfVIYIo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:42:3e:b4:58:f2:58:34:c9:a3:41:c4:c1:12:21:91:78:fc:
02:7b:df:27:09:14:61:a6:b1:0d:4f:4c:36:3c:8c:01:1d:e3:
96:c9:a0:1a:92:37:5e:2a:84:0b:a4:61:60:a1:ea:ef:22:e0:
78:53:6c:42:a0:4f:5f:ac:ac:70:be:8f:90:2a:b2:f8:77:f2:
db:a8:81:cc:cd:78:bc:d7:09:59:bd:5c:d7:5a:73:b0:4a:d4:
82:43:3f:2b:5f:ba:5d:9f:a2:14:ba:36:82:1b:3d:2d:10:cc:
d7:69:33:02:31:57:f3:28:13:57:80:c4:4b:2a:a1:20:07:2b:
2d:28:55:c5:ad:a1:70:7d:57:b0:16:35:d8:88:45:79:c1:9c:
1d:a6:f4:5b:ec:8e:ef:0a:5b:0e:0e:23:10:67:94:a2:09:03:
51:f7:35:d4:c2:bd:b5:72:26:0b:d8:e3:89:4d:2b:e3:0e:ab:
e3:82:a9:fd:54:a0:b1:85:51:a4:cb:4b:17:a2:50:df:24:53:
a3:fe:9d:fb:b3:43:79:fe:50:4e:61:fb:13:b6:f9:dd:28:28:
17:dc:28:67:e2:89:7f:c6:b7:e1:95:6a:92:d6:2d:af:d3:dc:
d9:c7:c2:e9:f2:bd:25:4d:58:d7:6d:ca:24:99:bc:85:df:2a:
7c:0d:42:8e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQy
MDQyMDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlBNjNDMUUzNjdEQTUx
Qzc0RDc5RDdBOTlDQ0RBQjhERjU0ODYwOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHVEYrKz5X5x7eGsD4LbhR5hXT6yYzBCMRjNjw1VzOXK34XH3a
UIqcVBwgOIiZSutf0fA78ko5MM3SpFDIy3Mk1rwDZgugqj+rkuIqVDSuID/WEZaZ
9zXNvucIKXielmiCD4AoDKsVPWFQI1Zf2VrS3OmzVvUP/8+aT30Zzk79Vv6fPWGt
yBaQcBqNR2m7u3wU+0P1/tz08haKZBuA11wQ98LtkuPG1BvT93Bw9k7/NrAgT3Ag
ADns+LchAX/V9iBb0OE2ZbJsIaFqEiSFe8xf6G5/vQCLC3Cql/CrQfntQRJO9427
SqwTxs2NtEOVXqTlyFQyqixCirGJGsL1n/SJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmmPB42faUcdNedepnM2rjfVIYIowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tbVBCNDJmYVVjZE5lZGVw
bk0ycmpmVklZSW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFZCPrRY8lg0yaNBxMESIZF4/AJ73ycJFGGm
sQ1PTDY8jAEd45bJoBqSN14qhAukYWCh6u8i4HhTbEKgT1+srHC+j5Aqsvh38tuo
gczNeLzXCVm9XNdac7BK1IJDPytful2fohS6NoIbPS0QzNdpMwIxV/MoE1eAxEsq
oSAHKy0oVcWtoXB9V7AWNdiIRXnBnB2m9Fvsju8KWw4OIxBnlKIJA1H3NdTCvbVy
JgvY44lNK+MOq+OCqf1UoLGFUaTLSxeiUN8kU6P+nfuzQ3n+UE5h+xO2+d0oKBfc
KGfiiX/Gt+GVapLWLa/T3NnHwunyvSVNWNdtyiSZvIXfKnwNQo4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:34:06 2025 by rpki-client