Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rGMu7kEyBUpnmquU8xDq0hIc07o.roa
File: rGMu7kEyBUpnmquU8xDq0hIc07o.roa (raw, json)
Hash identifier: yRHdJmLBhyu+hjJ4Tg2Ueg4nmPv9znAmF6H8p/E1owc=
Subject key identifier: AC:63:2E:EE:41:32:05:4A:67:9A:AB:94:F3:10:EA:D2:12:1C:D3:BA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1326
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rGMu7kEyBUpnmquU8xDq0hIc07o.roa
Signing time: Sun 01 Jun 2025 14:39:09 +0000
ROA not before: Sun 01 Jun 2025 14:39:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4902 (0x1326)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 14:39:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AC632EEE4132054A679AAB94F310EAD2121CD3BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:dd:09:a3:96:75:55:66:21:64:98:85:d8:7d:
e9:d8:f8:2d:27:fa:5c:6d:95:ea:a1:41:06:4d:d8:
dc:10:63:2a:78:46:b7:86:8f:64:2d:62:75:30:18:
f7:4b:c5:5e:1e:0c:b2:ef:8e:3d:cf:e2:b3:1d:dd:
d1:55:5c:fd:79:6e:44:5c:37:ef:50:e1:94:83:20:
98:9a:68:e0:d6:09:2f:6b:92:62:2a:f1:5b:99:01:
94:24:f3:de:a8:22:c6:18:b6:de:86:53:a6:58:10:
6d:77:42:c1:a7:1a:81:55:49:2f:e6:e1:b4:16:ea:
2f:13:8a:08:12:e7:99:23:5a:34:d6:a8:8a:a5:e1:
6f:7c:92:63:16:f9:1e:8e:aa:c7:1b:ad:a1:2c:94:
bb:c9:30:4e:b3:7e:c4:fb:6a:fc:6f:4f:9d:d6:15:
8e:69:a2:09:a0:d9:20:a0:51:1f:58:b6:f0:7f:01:
d6:5e:b2:e1:85:4e:47:5c:90:d3:30:b6:0e:4c:f0:
1d:58:71:58:9a:ff:b4:f7:d6:85:61:57:bf:f6:b2:
56:42:5f:73:ca:6d:4b:de:54:09:3a:a1:84:71:0a:
42:b1:43:e9:e9:f9:e4:16:ae:7b:ff:34:aa:b5:f9:
87:a4:ed:81:81:f5:3d:1f:d3:29:7e:d7:52:db:3b:
1a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:63:2E:EE:41:32:05:4A:67:9A:AB:94:F3:10:EA:D2:12:1C:D3:BA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rGMu7kEyBUpnmquU8xDq0hIc07o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:6c:12:1d:b6:66:c1:c8:77:49:e2:55:e7:9f:4e:e8:c2:5a:
57:84:3d:0f:22:f1:45:89:b7:90:ee:38:4c:d8:70:b2:8d:12:
6a:00:d0:eb:69:87:3c:48:17:11:10:b8:fd:c8:19:be:97:74:
b5:b8:a6:d8:97:35:5f:c7:d4:dd:e2:54:3d:72:a3:b4:6c:fa:
b4:0a:31:27:60:e6:92:14:1b:30:0d:a9:a7:ea:c7:78:e3:e9:
a8:8c:c4:70:19:f1:5c:02:8d:94:d0:9f:dd:58:46:e0:a0:4e:
41:37:e8:b4:1d:d1:37:ab:9b:8a:a3:7b:e7:2d:12:6a:dd:63:
94:75:9e:26:4e:48:67:fc:b6:7d:b1:1c:70:51:a0:3f:f5:f7:
cc:bf:81:05:ee:28:39:c0:bd:a9:b6:92:ad:48:f4:ef:8f:38:
db:68:53:df:b9:c2:4a:d6:40:fc:0c:17:b2:a1:51:a7:b3:8c:
d9:8f:55:3e:33:5b:55:87:03:2a:f2:16:ea:0f:b0:0b:7b:d4:
cc:75:73:5b:fd:ab:89:9a:99:9b:1d:45:28:48:da:c7:ba:28:
cb:b9:7a:2f:b0:21:84:cb:5f:4e:be:96:2a:e2:44:ab:af:1c:
cc:b3:11:d8:5f:49:03:b5:5e:48:50:5d:e7:0e:a5:d8:1e:a5:
af:c6:7d:a6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEx
NDM5MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFDNjMyRUVFNDEzMjA1
NEE2NzlBQUI5NEYzMTBFQUQyMTIxQ0QzQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp3QmjlnVVZiFkmIXYfenY+C0n+lxtleqhQQZN2NwQYyp4RreG
j2QtYnUwGPdLxV4eDLLvjj3P4rMd3dFVXP15bkRcN+9Q4ZSDIJiaaODWCS9rkmIq
8VuZAZQk896oIsYYtt6GU6ZYEG13QsGnGoFVSS/m4bQW6i8TiggS55kjWjTWqIql
4W98kmMW+R6OqscbraEslLvJME6zfsT7avxvT53WFY5pogmg2SCgUR9YtvB/AdZe
suGFTkdckNMwtg5M8B1YcVia/7T31oVhV7/2slZCX3PKbUveVAk6oYRxCkKxQ+np
+eQWrnv/NKq1+Yek7YGB9T0f0yl+11LbOxpVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrGMu7kEyBUpnmquU8xDq0hIc07owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yR011N2tFeUJVcG5tcXVV
OHhEcTBoSWMwN28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJpsEh22ZsHId0niVeefTujCWleEPQ8i8UWJ
t5DuOEzYcLKNEmoA0OtphzxIFxEQuP3IGb6XdLW4ptiXNV/H1N3iVD1yo7Rs+rQK
MSdg5pIUGzANqafqx3jj6aiMxHAZ8VwCjZTQn91YRuCgTkE36LQd0Term4qje+ct
EmrdY5R1niZOSGf8tn2xHHBRoD/198y/gQXuKDnAvam2kq1I9O+PONtoU9+5wkrW
QPwMF7KhUaezjNmPVT4zW1WHAyryFuoPsAt71Mx1c1v9q4mamZsdRShI2se6KMu5
ei+wIYTLX06+liriRKuvHMyzEdhfSQO1XkhQXecOpdgepa/GfaY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:23:17 2025 by rpki-client