Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sSBq6PGac2ltlv08wd53i1ZACS4.roa
File: sSBq6PGac2ltlv08wd53i1ZACS4.roa (raw, json)
Hash identifier: i092tzt7iOLhf7qgu51Tx8xJZY37hl+5jJhKV90uXd4=
Subject key identifier: B1:20:6A:E8:F1:9A:73:69:6D:96:FD:3C:C1:DE:77:8B:56:40:09:2E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1FFE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sSBq6PGac2ltlv08wd53i1ZACS4.roa
Signing time: Wed 18 Jun 2025 18:34:41 +0000
ROA not before: Wed 18 Jun 2025 18:34:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8190 (0x1ffe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 18:34:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B1206AE8F19A73696D96FD3CC1DE778B5640092E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:64:20:7f:14:ef:93:03:ab:20:34:5a:f3:0f:
80:a6:06:1d:7a:69:3d:97:60:92:c3:77:80:2b:01:
f4:74:4a:e9:42:64:f7:75:dc:dc:0d:b9:2d:ac:13:
bb:33:e0:55:d0:32:c5:02:42:7b:da:41:74:14:f9:
1a:89:e6:69:10:da:f8:34:84:58:80:07:96:48:a8:
75:e0:fe:36:e2:0d:0b:a5:5d:17:73:e0:16:0c:29:
ef:cf:8a:1a:62:7d:e2:0c:b7:d3:e4:23:3a:4f:68:
22:86:ea:aa:c5:71:4c:4e:ea:a7:f9:65:26:47:4e:
29:19:84:7a:93:a5:77:7d:df:f7:7d:55:27:d5:cf:
fd:6e:ec:92:13:2a:9f:f7:56:72:4d:0d:6e:4a:cd:
69:bb:ef:a3:a2:08:39:ca:37:ac:66:c0:41:4a:e8:
a1:b2:58:e9:c9:41:11:46:37:64:be:8b:d8:21:cb:
2b:d4:9e:fd:57:7e:21:26:db:3f:1d:83:21:03:4d:
ca:9b:8b:07:e8:a3:76:ec:0d:c0:fa:24:7f:6c:5d:
e3:b0:a8:2f:af:78:59:ee:dc:d2:b9:2f:92:71:81:
8b:f4:07:56:d0:0d:0b:2e:96:bf:6a:10:92:60:77:
84:9f:ea:b3:31:f0:12:98:73:dc:b1:88:57:7a:f9:
02:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:20:6A:E8:F1:9A:73:69:6D:96:FD:3C:C1:DE:77:8B:56:40:09:2E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sSBq6PGac2ltlv08wd53i1ZACS4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:ee:64:3b:8a:04:bb:9a:e0:08:59:a6:f9:66:64:97:90:69:
7b:df:54:5d:43:55:a6:32:19:2d:b1:77:a0:2d:53:85:90:39:
16:2c:10:0b:a4:1c:a4:64:fb:e1:9f:6a:2d:29:dd:55:36:9d:
a1:d0:d6:c2:e0:af:4f:7c:23:72:21:60:08:e2:aa:e3:3b:c8:
b5:0a:4d:9c:ba:8f:af:52:5a:0e:11:35:ec:fc:cd:54:ae:3d:
de:20:e9:a9:7b:15:37:f0:04:a0:44:a1:e4:1c:15:13:66:30:
19:c8:bf:ab:bb:42:f5:56:47:e4:25:7d:51:1b:c2:e6:c4:1f:
05:b7:40:ee:76:6b:82:38:27:36:c9:06:49:23:e5:94:1f:30:
ee:c4:9f:7d:62:b6:1c:74:f8:71:df:0a:c5:c8:7b:60:0c:99:
5a:de:99:7f:2d:5c:db:55:84:39:a4:7c:b5:c1:46:2d:e9:3b:
39:ea:ef:15:40:bf:60:19:6d:a5:d7:a9:32:30:0a:8f:f9:c0:
2b:1b:67:2b:61:83:76:98:3b:a4:b6:d2:b3:03:ff:e2:3b:75:
13:d6:b9:d0:60:e1:8d:60:c7:c0:42:18:67:5c:34:ff:07:02:
01:2c:62:65:7b:c7:62:26:9d:15:17:e7:80:ed:55:49:8d:3b:
fb:75:5a:97
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
ODM0NDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIxMjA2QUU4RjE5QTcz
Njk2RDk2RkQzQ0MxREU3NzhCNTY0MDA5MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHZCB/FO+TA6sgNFrzD4CmBh16aT2XYJLDd4ArAfR0SulCZPd1
3NwNuS2sE7sz4FXQMsUCQnvaQXQU+RqJ5mkQ2vg0hFiAB5ZIqHXg/jbiDQulXRdz
4BYMKe/PihpifeIMt9PkIzpPaCKG6qrFcUxO6qf5ZSZHTikZhHqTpXd93/d9VSfV
z/1u7JITKp/3VnJNDW5KzWm776OiCDnKN6xmwEFK6KGyWOnJQRFGN2S+i9ghyyvU
nv1XfiEm2z8dgyEDTcqbiwfoo3bsDcD6JH9sXeOwqC+veFnu3NK5L5JxgYv0B1bQ
DQsulr9qEJJgd4Sf6rMx8BKYc9yxiFd6+QLHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsSBq6PGac2ltlv08wd53i1ZACS4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zU0JxNlBHYWMybHRsdjA4
d2Q1M2kxWkFDUzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADruZDuKBLua4AhZpvlmZJeQaXvfVF1DVaYy
GS2xd6AtU4WQORYsEAukHKRk++Gfai0p3VU2naHQ1sLgr098I3IhYAjiquM7yLUK
TZy6j69SWg4RNez8zVSuPd4g6al7FTfwBKBEoeQcFRNmMBnIv6u7QvVWR+QlfVEb
wubEHwW3QO52a4I4JzbJBkkj5ZQfMO7En31ithx0+HHfCsXIe2AMmVremX8tXNtV
hDmkfLXBRi3pOznq7xVAv2AZbaXXqTIwCo/5wCsbZythg3aYO6S20rMD/+I7dRPW
udBg4Y1gx8BCGGdcNP8HAgEsYmV7x2ImnRUX54DtVUmNO/t1Wpc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:54:45 2025 by rpki-client