Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/n5lKaWZMej0GEzSAnFhOiPDzvdc.roa
File: n5lKaWZMej0GEzSAnFhOiPDzvdc.roa (raw, json)
Hash identifier: xJeoSo/uVwwR5W642fjLNvVi+PdkqAeMyIcW6rQLno8=
Subject key identifier: 9F:99:4A:69:66:4C:7A:3D:06:13:34:80:9C:58:4E:88:F0:F3:BD:D7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2286
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/n5lKaWZMej0GEzSAnFhOiPDzvdc.roa
Signing time: Sun 22 Jun 2025 14:11:49 +0000
ROA not before: Sun 22 Jun 2025 14:11:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8838 (0x2286)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 14:11:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9F994A69664C7A3D061334809C584E88F0F3BDD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:b7:d5:c0:f8:03:6d:aa:ed:d4:48:69:8c:
40:b9:e9:c6:43:cf:3a:61:68:63:28:33:56:e5:2a:
dc:19:ed:55:36:e6:44:81:b9:52:5e:11:6a:ed:8c:
83:86:9e:bc:60:2c:35:ad:06:ab:8c:d2:76:63:d5:
1a:a5:99:48:71:ed:25:fd:06:fe:a5:16:12:8e:8c:
9d:9d:0f:8c:a0:e8:fe:8f:77:c3:91:73:e8:40:9e:
ce:20:4d:8f:77:f1:89:d8:2f:c1:df:2f:85:a6:6f:
42:71:a4:db:4a:0d:80:d8:9a:a9:b7:55:9f:b9:dc:
70:f9:c0:09:be:32:45:c8:e4:fa:de:17:95:e6:f3:
94:b0:89:ee:d6:6e:a0:92:21:f6:91:aa:18:aa:cb:
be:32:c2:d8:28:8d:d9:dc:63:27:32:56:dc:df:6b:
62:db:ff:81:b0:19:5a:68:5b:a3:76:40:6f:72:01:
64:ed:7c:53:67:f1:90:fc:02:3b:cf:9c:93:8b:5c:
a6:c5:94:bc:ab:9d:3f:63:c3:61:d4:e3:8a:9d:7f:
6d:83:03:88:37:13:fc:31:58:52:be:ea:ab:c7:d0:
89:58:62:1a:f3:c4:1e:4b:08:df:e7:1c:35:40:b1:
6c:a8:13:49:ac:d4:97:13:5e:a7:98:d1:f5:fc:51:
5c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:99:4A:69:66:4C:7A:3D:06:13:34:80:9C:58:4E:88:F0:F3:BD:D7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/n5lKaWZMej0GEzSAnFhOiPDzvdc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:91:11:cf:ea:bf:9a:10:b2:db:18:c6:44:17:d5:f8:c0:b6:
b8:46:84:be:87:76:72:c3:35:e1:25:2e:8c:43:61:8b:0e:5e:
6a:53:6b:ec:0b:70:29:70:68:f1:a4:49:4f:f0:d2:14:2b:5d:
b0:f1:2a:93:fa:ea:4a:45:d3:04:1d:be:66:d7:d7:48:ed:0e:
2b:ea:07:6c:c7:8d:c8:8f:b5:f5:9f:a0:b9:80:51:9e:7b:d5:
dd:d1:1f:f6:b9:ea:05:ed:e5:84:58:7d:85:21:08:b6:a6:b6:
64:37:4c:e8:c7:ef:04:d7:ea:b5:bf:06:19:33:b8:7e:90:9f:
8b:5f:4f:ac:98:57:04:2f:51:f3:52:63:99:77:df:9a:6b:d8:
cb:10:59:da:e7:e9:89:23:d7:28:48:aa:e4:61:e0:17:23:8c:
ee:46:71:40:73:65:80:c9:14:3c:d0:f0:8b:9b:18:15:b8:5c:
9f:2d:6b:55:c4:05:37:81:ef:e4:f3:1f:9b:2c:32:76:a0:41:
0a:9c:5d:ab:ec:5a:b7:ef:56:03:7c:91:e3:24:41:15:1b:86:
5b:48:f3:2e:20:4d:3f:66:19:51:c5:33:82:0b:bc:6f:74:c3:
67:e9:27:b9:43:62:34:80:27:98:56:a2:08:1d:b5:d4:cb:c6:
60:1c:dd:3f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
NDExNDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlGOTk0QTY5NjY0QzdB
M0QwNjEzMzQ4MDlDNTg0RTg4RjBGM0JERDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpdrfVwPgDbart1EhpjEC56cZDzzphaGMoM1blKtwZ7VU25kSB
uVJeEWrtjIOGnrxgLDWtBquM0nZj1RqlmUhx7SX9Bv6lFhKOjJ2dD4yg6P6Pd8OR
c+hAns4gTY938YnYL8HfL4Wmb0JxpNtKDYDYmqm3VZ+53HD5wAm+MkXI5PreF5Xm
85Swie7WbqCSIfaRqhiqy74ywtgojdncYycyVtzfa2Lb/4GwGVpoW6N2QG9yAWTt
fFNn8ZD8AjvPnJOLXKbFlLyrnT9jw2HU44qdf22DA4g3E/wxWFK+6qvH0IlYYhrz
xB5LCN/nHDVAsWyoE0ms1JcTXqeY0fX8UVyBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUn5lKaWZMej0GEzSAnFhOiPDzvdcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uNWxLYVdaTWVqMEdFelNB
bkZoT2lQRHp2ZGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK6REc/qv5oQstsYxkQX1fjAtrhGhL6HdnLD
NeElLoxDYYsOXmpTa+wLcClwaPGkSU/w0hQrXbDxKpP66kpF0wQdvmbX10jtDivq
B2zHjciPtfWfoLmAUZ571d3RH/a56gXt5YRYfYUhCLamtmQ3TOjH7wTX6rW/Bhkz
uH6Qn4tfT6yYVwQvUfNSY5l335pr2MsQWdrn6Ykj1yhIquRh4BcjjO5GcUBzZYDJ
FDzQ8IubGBW4XJ8ta1XEBTeB7+TzH5ssMnagQQqcXavsWrfvVgN8keMkQRUbhltI
8y4gTT9mGVHFM4ILvG90w2fpJ7lDYjSAJ5hWoggdtdTLxmAc3T8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:52:29 2025 by rpki-client