Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ozXhfPeqWBWFjR-njg2E5qKNipI.roa
File: ozXhfPeqWBWFjR-njg2E5qKNipI.roa (raw, json)
Hash identifier: IwbA7Cg8/KGJBm78Ri6vHxk599eo85T7ShrQBxApDRw=
Subject key identifier: A3:35:E1:7C:F7:AA:58:15:85:8D:1F:A7:8E:0D:84:E6:A2:8D:8A:92
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 15E6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ozXhfPeqWBWFjR-njg2E5qKNipI.roa
Signing time: Thu 05 Jun 2025 06:39:24 +0000
ROA not before: Thu 05 Jun 2025 06:39:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5606 (0x15e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 06:39:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A335E17CF7AA5815858D1FA78E0D84E6A28D8A92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:26:cc:2a:e7:64:9a:1f:d5:f5:8e:4f:61:a4:
73:00:92:df:f9:00:2d:f4:89:7e:52:61:04:05:32:
a8:8d:17:f7:8e:20:ff:bd:ad:40:40:f8:6c:79:28:
a7:ca:ca:d0:9b:e9:95:d9:1b:98:53:33:9d:81:f0:
4d:8c:b3:bd:f3:e1:5b:74:5d:a3:ac:51:85:76:13:
69:1e:de:e4:0b:98:b2:17:3f:72:fc:cf:0f:a9:82:
f6:57:da:09:73:3e:b8:c9:fd:5a:cb:3f:7b:00:c8:
77:6d:e1:ea:29:72:aa:af:d5:f0:9a:ca:7a:46:50:
00:71:cb:a6:94:5e:47:ba:fd:a6:d1:66:3a:76:4d:
03:12:4d:8b:5e:77:75:bb:3a:1c:bb:87:c9:31:a3:
7c:d0:91:56:da:dd:77:cf:42:ca:bd:9f:98:ad:3f:
c4:19:48:d8:46:f7:91:de:56:41:06:c5:e7:be:37:
a4:e6:83:20:8a:9f:87:11:04:1c:7d:b6:de:65:16:
61:4d:35:aa:e0:cb:69:89:35:94:fd:a8:63:d5:a3:
0c:0f:0d:5f:ea:eb:40:2f:14:d1:ef:31:3b:f9:33:
60:7d:c7:db:c4:32:4f:10:5a:69:fe:55:99:c6:5d:
5e:1b:54:b1:4b:10:88:70:51:b0:55:81:d9:e8:72:
47:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:35:E1:7C:F7:AA:58:15:85:8D:1F:A7:8E:0D:84:E6:A2:8D:8A:92
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ozXhfPeqWBWFjR-njg2E5qKNipI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:3d:3f:ac:63:d4:f4:c6:41:ae:b5:c1:1a:1d:32:fd:9f:df:
1e:d0:48:0e:fc:2d:09:d6:cb:ce:00:44:74:69:d2:04:a9:be:
c8:a9:57:22:f6:1f:c8:e8:db:d8:d6:68:b0:d8:be:47:ea:b3:
b0:f6:13:2c:55:95:47:3d:8d:ce:b2:40:05:a2:1a:b9:73:99:
02:27:4d:6b:e0:73:c8:df:49:e9:82:e5:af:a3:1d:d4:4c:49:
4b:69:ab:71:4b:b0:e0:88:b8:0e:2b:c0:7f:ee:1c:6c:6f:8d:
95:dd:61:09:67:10:24:be:f7:9e:01:3d:4d:64:14:cc:58:bb:
67:88:37:e6:ac:d5:ed:7e:e4:f3:87:7b:a7:37:f7:9c:1d:8d:
25:25:c7:91:86:9a:7c:94:bb:74:b6:e4:a7:bc:5a:96:55:df:
38:f5:77:b4:f8:71:10:ea:29:67:7a:aa:83:9e:25:03:ad:f5:
3e:f4:d9:30:37:f3:ad:43:b7:7b:c7:2f:9b:09:3c:f6:cc:96:
6e:79:d9:89:cc:54:26:58:de:db:08:61:6c:41:c4:06:5f:d4:
60:f0:30:8f:15:06:33:7b:9b:bb:59:98:e3:9b:1e:b9:9f:7e:
dc:86:f5:a5:9e:3b:ea:db:53:4e:b3:bc:57:34:9b:55:a4:5c:
f4:83:42:dc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFeYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUw
NjM5MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEzMzVFMTdDRjdBQTU4
MTU4NThEMUZBNzhFMEQ4NEU2QTI4RDhBOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Jswq52SaH9X1jk9hpHMAkt/5AC30iX5SYQQFMqiNF/eOIP+9
rUBA+Gx5KKfKytCb6ZXZG5hTM52B8E2Ms73z4Vt0XaOsUYV2E2ke3uQLmLIXP3L8
zw+pgvZX2glzPrjJ/VrLP3sAyHdt4eopcqqv1fCaynpGUABxy6aUXke6/abRZjp2
TQMSTYted3W7Ohy7h8kxo3zQkVba3XfPQsq9n5itP8QZSNhG95HeVkEGxee+N6Tm
gyCKn4cRBBx9tt5lFmFNNargy2mJNZT9qGPVowwPDV/q60AvFNHvMTv5M2B9x9vE
Mk8QWmn+VZnGXV4bVLFLEIhwUbBVgdnockd/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUozXhfPeqWBWFjR+njg2E5qKNipIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9velhoZlBlcVdCV0ZqUi1u
amcyRTVxS05pcEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ49P6xj1PTGQa61wRodMv2f3x7QSA78LQnW
y84ARHRp0gSpvsipVyL2H8jo29jWaLDYvkfqs7D2EyxVlUc9jc6yQAWiGrlzmQIn
TWvgc8jfSemC5a+jHdRMSUtpq3FLsOCIuA4rwH/uHGxvjZXdYQlnECS+954BPU1k
FMxYu2eIN+as1e1+5POHe6c395wdjSUlx5GGmnyUu3S25Ke8WpZV3zj1d7T4cRDq
KWd6qoOeJQOt9T702TA3861Dt3vHL5sJPPbMlm552YnMVCZY3tsIYWxBxAZf1GDw
MI8VBjN7m7tZmOObHrmfftyG9aWeO+rbU06zvFc0m1WkXPSDQtw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:44 2025 by rpki-client