Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qjOnw1EC_zr3OfdrM-FnOVhSzUE.roa
File: qjOnw1EC_zr3OfdrM-FnOVhSzUE.roa (raw, json)
Hash identifier: B6OBo2ziggl28QlEDCjqZ00RzMGVLmZl5TKtuGiy9CQ=
Subject key identifier: AA:33:A7:C3:51:02:FF:3A:F7:39:F7:6B:33:E1:67:39:58:52:CD:41
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1542
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qjOnw1EC_zr3OfdrM-FnOVhSzUE.roa
Signing time: Wed 04 Jun 2025 10:09:34 +0000
ROA not before: Wed 04 Jun 2025 10:09:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5442 (0x1542)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 4 10:09:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AA33A7C35102FF3AF739F76B33E167395852CD41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b3:6b:f5:40:b4:8f:de:c1:f5:04:4f:ef:b6:
8d:ce:55:ba:41:1d:5f:e9:5c:cd:c5:69:b3:8d:94:
9a:a7:55:5c:d4:14:f8:df:a6:30:6c:f9:5c:51:1f:
1d:bb:50:80:f3:b8:6b:53:81:27:33:18:37:8d:5b:
23:44:93:1e:da:f5:20:f2:13:8a:e8:ca:8c:cb:e2:
27:2b:68:8c:0b:cf:3d:35:6b:ef:27:f7:9f:da:38:
f0:0c:db:a9:47:6b:1c:ff:f6:54:04:bc:ee:d6:18:
d4:a5:7d:09:ac:b2:e6:f3:e8:4a:aa:d5:89:16:d3:
e4:6c:e4:d5:b8:5b:b2:35:3c:29:1f:40:f7:06:65:
57:77:04:14:b6:af:4b:38:cb:80:f5:65:af:69:10:
6d:fc:c8:5c:4a:d3:9a:fb:ae:52:be:f4:95:a3:f5:
be:b0:11:64:72:5f:a0:a9:f3:65:23:22:ed:d9:6c:
2e:39:77:78:7b:21:22:7e:be:3f:af:ad:82:28:f9:
4a:d1:2c:b7:6a:29:7e:d4:df:0b:32:21:86:d1:14:
c1:f2:b3:f8:5a:f4:9f:60:d8:d7:cc:28:26:00:8c:
63:ba:08:db:ea:37:21:a6:74:dd:e9:91:0d:4e:35:
e4:ed:0f:20:64:63:19:bb:37:e3:19:06:01:82:d3:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:33:A7:C3:51:02:FF:3A:F7:39:F7:6B:33:E1:67:39:58:52:CD:41
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qjOnw1EC_zr3OfdrM-FnOVhSzUE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:9e:c8:79:4f:f6:ee:04:52:29:e8:9f:55:24:ea:01:10:be:
7d:1c:a3:9d:d2:6f:56:b3:75:4c:42:62:91:c5:29:3e:1d:b9:
1d:43:7e:54:bf:82:6f:86:03:f4:3b:4b:f5:2e:8e:66:0c:c1:
8f:0c:19:01:05:75:f6:0a:cb:d4:ec:f2:40:5b:a0:ac:a5:9a:
22:04:c0:63:57:f5:ca:d6:b2:48:1d:f3:fe:86:cb:e6:bc:8a:
1a:ab:8b:e0:67:56:8c:6b:e6:37:d6:bc:19:66:dd:71:31:62:
a5:a7:5c:fe:7c:cf:2a:7f:c7:d2:5d:59:2a:95:41:85:cc:2a:
7e:32:0a:61:b9:73:7a:ad:f2:69:93:76:d2:d6:32:e6:b3:fe:
bf:01:52:16:23:82:05:40:9f:64:4e:21:24:9c:04:55:26:b2:
14:d1:04:4c:d5:c3:90:84:1f:05:ff:93:b5:93:57:9d:7a:36:
eb:84:da:c1:29:ee:06:7b:38:0e:b9:a8:2e:c1:bf:4e:f0:f3:
48:83:c0:e3:76:90:4e:40:2a:9c:2a:ee:c3:77:54:d6:ca:e9:
91:fc:d2:0f:69:8c:95:6c:f8:8b:0f:7f:26:21:2d:09:bc:89:
1e:d1:df:cd:3e:08:82:de:5e:5e:43:6f:04:ae:87:b5:60:db:
3a:cd:66:02
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDQx
MDA5MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFBMzNBN0MzNTEwMkZG
M0FGNzM5Rjc2QjMzRTE2NzM5NTg1MkNENDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/s2v1QLSP3sH1BE/vto3OVbpBHV/pXM3FabONlJqnVVzUFPjf
pjBs+VxRHx27UIDzuGtTgSczGDeNWyNEkx7a9SDyE4royozL4icraIwLzz01a+8n
95/aOPAM26lHaxz/9lQEvO7WGNSlfQmssubz6Eqq1YkW0+Rs5NW4W7I1PCkfQPcG
ZVd3BBS2r0s4y4D1Za9pEG38yFxK05r7rlK+9JWj9b6wEWRyX6Cp82UjIu3ZbC45
d3h7ISJ+vj+vrYIo+UrRLLdqKX7U3wsyIYbRFMHys/ha9J9g2NfMKCYAjGO6CNvq
NyGmdN3pkQ1ONeTtDyBkYxm7N+MZBgGC07mRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqjOnw1EC/zr3OfdrM+FnOVhSzUEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xak9udzFFQ196cjNPZmRy
TS1Gbk9WaFN6VUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEyeyHlP9u4EUinon1Uk6gEQvn0co53Sb1az
dUxCYpHFKT4duR1DflS/gm+GA/Q7S/UujmYMwY8MGQEFdfYKy9Ts8kBboKylmiIE
wGNX9crWskgd8/6Gy+a8ihqri+BnVoxr5jfWvBlm3XExYqWnXP58zyp/x9JdWSqV
QYXMKn4yCmG5c3qt8mmTdtLWMuaz/r8BUhYjggVAn2ROISScBFUmshTRBEzVw5CE
HwX/k7WTV516NuuE2sEp7gZ7OA65qC7Bv07w80iDwON2kE5AKpwq7sN3VNbK6ZH8
0g9pjJVs+IsPfyYhLQm8iR7R380+CILeXl5DbwSuh7Vg2zrNZgI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:05 2025 by rpki-client