Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/reCWZ95a21e5MqNiKV3Un1midUY.roa
File: reCWZ95a21e5MqNiKV3Un1midUY.roa (raw, json)
Hash identifier: KYxzwk7KiL69/yQkF7jW+E/Td4/Lij98/UvoUT/xREk=
Subject key identifier: AD:E0:96:67:DE:5A:DB:57:B9:32:A3:62:29:5D:D4:9F:59:A2:75:46
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EAE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/reCWZ95a21e5MqNiKV3Un1midUY.roa
Signing time: Mon 16 Jun 2025 23:40:03 +0000
ROA not before: Mon 16 Jun 2025 23:40:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7854 (0x1eae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 23:40:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=ADE09667DE5ADB57B932A362295DD49F59A27546
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:61:a8:d1:82:33:a9:39:cb:ef:f2:14:4b:0d:
69:e7:ba:69:94:34:a5:3f:d1:39:68:fa:e9:21:7c:
57:26:0e:3a:f3:20:c1:9c:40:ad:90:b6:fb:a7:77:
42:de:6b:44:63:93:bc:e2:c0:41:42:57:eb:d9:78:
35:9d:6c:4a:53:81:e3:70:61:11:85:fc:ba:9d:54:
bf:e5:6f:bf:90:5d:e0:80:4c:47:21:a0:ab:79:e7:
3f:47:aa:26:81:1f:c2:26:11:3b:b0:f7:4e:5d:9b:
01:9a:de:4b:37:1e:e6:34:e2:a6:c2:fd:c5:e9:00:
cb:24:bf:69:39:75:df:79:bc:c6:a1:31:b2:5d:49:
e3:20:07:f3:c8:47:23:ee:8f:5c:25:74:2f:14:33:
1f:d0:9f:ff:97:0a:aa:cc:a4:9c:90:a3:54:db:fa:
bc:4d:a0:0a:1e:68:60:46:60:c5:1f:cc:cb:ce:90:
f6:aa:df:4b:12:09:8c:08:b1:40:ce:07:81:64:f2:
cf:af:95:40:0c:f2:7e:9b:5d:35:56:c0:d2:8c:af:
37:95:eb:cc:74:94:8a:0f:30:74:12:b0:b1:75:85:
68:cd:5f:aa:25:c1:79:f6:80:70:29:2f:f3:01:e2:
1f:e2:b9:24:31:e8:56:44:a1:a1:97:32:2e:3d:0b:
12:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E0:96:67:DE:5A:DB:57:B9:32:A3:62:29:5D:D4:9F:59:A2:75:46
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/reCWZ95a21e5MqNiKV3Un1midUY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:5f:b5:5e:f0:f3:e7:b3:be:6c:2e:3a:5b:bd:f0:1a:73:09:
08:0e:de:36:20:5b:24:57:cc:53:cb:25:c7:1b:8f:04:f2:25:
4e:fe:50:eb:17:cf:6a:79:39:38:b7:1f:82:8f:90:c9:4b:ec:
d9:de:82:d4:ad:41:41:e7:3e:cc:09:9e:b8:25:24:5f:47:5a:
ec:83:cb:7f:75:28:06:60:27:37:09:07:fb:f1:e6:60:9e:7d:
8d:45:87:8e:c0:59:eb:99:bd:1e:83:ea:fb:40:42:35:06:ac:
69:29:b9:07:c9:c6:63:8e:48:2a:af:f3:4c:df:e8:2b:70:85:
8a:2e:8c:35:ac:98:99:c8:8d:83:3d:bd:4e:c4:b2:2f:d6:df:
01:2c:83:53:76:ce:aa:5e:27:75:d3:b4:69:0a:09:54:23:cd:
f3:65:88:bb:a6:a0:14:f4:64:a0:13:8b:67:dc:43:21:9f:db:
f2:80:18:81:4e:f8:38:1e:59:ac:bf:55:fe:28:a3:00:59:c2:
bd:72:85:4d:3d:96:ac:da:43:d6:70:0a:9a:4e:d7:58:ad:0a:
5b:6b:7a:b0:85:b2:87:04:32:10:3e:b3:ec:a1:9d:c0:49:80:
85:bd:96:5a:c7:88:28:d1:5d:a7:5f:b1:4a:10:a1:a1:50:3b:
8e:09:a6:12
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYy
MzQwMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFERTA5NjY3REU1QURC
NTdCOTMyQTM2MjI5NURENDlGNTlBMjc1NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoYajRgjOpOcvv8hRLDWnnummUNKU/0Tlo+ukhfFcmDjrzIMGc
QK2Qtvund0Lea0Rjk7ziwEFCV+vZeDWdbEpTgeNwYRGF/LqdVL/lb7+QXeCATEch
oKt55z9HqiaBH8ImETuw905dmwGa3ks3HuY04qbC/cXpAMskv2k5dd95vMahMbJd
SeMgB/PIRyPuj1wldC8UMx/Qn/+XCqrMpJyQo1Tb+rxNoAoeaGBGYMUfzMvOkPaq
30sSCYwIsUDOB4Fk8s+vlUAM8n6bXTVWwNKMrzeV68x0lIoPMHQSsLF1hWjNX6ol
wXn2gHApL/MB4h/iuSQx6FZEoaGXMi49CxJDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUreCWZ95a21e5MqNiKV3Un1midUYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yZUNXWjk1YTIxZTVNcU5p
S1YzVW4xbWlkVVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABtftV7w8+ezvmwuOlu98BpzCQgO3jYgWyRX
zFPLJccbjwTyJU7+UOsXz2p5OTi3H4KPkMlL7NnegtStQUHnPswJnrglJF9HWuyD
y391KAZgJzcJB/vx5mCefY1Fh47AWeuZvR6D6vtAQjUGrGkpuQfJxmOOSCqv80zf
6CtwhYoujDWsmJnIjYM9vU7Esi/W3wEsg1N2zqpeJ3XTtGkKCVQjzfNliLumoBT0
ZKATi2fcQyGf2/KAGIFO+DgeWay/Vf4oowBZwr1yhU09lqzaQ9ZwCppO11itCltr
erCFsocEMhA+s+yhncBJgIW9llrHiCjRXadfsUoQoaFQO44JphI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:45:42 2025 by rpki-client