Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sgjjkwdWzG1wmlInUofQN2gQdhA.roa
File: sgjjkwdWzG1wmlInUofQN2gQdhA.roa (raw, json)
Hash identifier: uB+r7BbGcwLKcTovqlDQJEMiaCMxImGyfRYuY2Z90k8=
Subject key identifier: B2:08:E3:93:07:56:CC:6D:70:9A:52:27:52:87:D0:37:68:10:76:10
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EA2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sgjjkwdWzG1wmlInUofQN2gQdhA.roa
Signing time: Mon 16 Jun 2025 22:13:13 +0000
ROA not before: Mon 16 Jun 2025 22:13:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7842 (0x1ea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 22:13:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B208E3930756CC6D709A52275287D03768107610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:55:b4:3e:ee:8e:ba:a4:4c:b8:ed:21:ea:0e:
03:4b:83:d0:4b:dd:b3:c5:d2:00:3d:71:26:a7:6e:
fc:aa:ff:04:f3:af:8d:58:bb:b7:72:28:4f:b4:c2:
5d:2c:f8:73:bd:24:fa:05:ac:0d:f9:ac:48:61:de:
70:0f:82:56:7d:e9:1b:1f:ae:54:db:e5:a1:e3:c3:
0f:a3:8e:d6:e2:3b:ff:9e:4b:c8:82:7a:b8:39:89:
08:95:b9:01:31:9b:a6:ff:2d:17:89:4d:e1:64:7e:
ff:2a:88:fc:b2:b1:33:d1:e5:34:ad:9d:7e:ef:8b:
d7:76:d0:0c:5e:81:12:5b:11:da:25:56:62:70:e4:
c9:c7:70:76:0a:83:01:c1:23:bb:62:b3:98:65:f4:
cd:0c:8e:bd:02:27:56:a6:54:b2:6f:71:92:0d:72:
bd:64:1a:3b:48:66:2e:c1:a0:f9:cf:dd:da:42:86:
1d:92:d9:f9:4a:2c:e3:cc:76:42:dc:7d:42:f0:2e:
fa:78:48:40:de:2c:68:97:82:6f:e3:96:8e:34:fd:
d9:a4:16:62:f2:3b:c1:d8:7e:55:75:8e:0e:fa:df:
77:df:2d:84:f2:d3:4c:e8:e1:91:06:cd:f6:27:49:
a0:61:9f:cb:9f:1b:78:6e:82:eb:c4:03:64:8e:83:
ef:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:08:E3:93:07:56:CC:6D:70:9A:52:27:52:87:D0:37:68:10:76:10
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sgjjkwdWzG1wmlInUofQN2gQdhA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:c2:92:96:0b:b7:25:07:4b:df:72:1a:87:9f:b3:fe:51:b1:
5a:26:f3:4c:4c:0a:50:9e:14:fe:f4:73:8c:29:6b:55:9f:45:
f2:83:0f:53:84:73:cd:c5:63:8f:87:85:9c:50:0d:e9:e2:ff:
bb:62:3d:64:f2:c9:37:1e:09:e4:06:ee:a7:d5:9d:0f:fa:b4:
78:c1:42:0b:26:b3:59:e5:87:26:85:05:e5:b3:b5:89:41:78:
c1:5c:73:ed:25:f7:9c:19:9e:c4:1c:af:e0:94:7d:ba:13:ce:
4d:08:00:28:35:75:54:92:98:44:f5:49:f3:5d:70:d5:9d:85:
57:b2:6f:d6:3a:d2:d1:55:b0:81:5d:d9:d4:41:a0:22:7f:f4:
e0:5b:1c:c5:c5:93:8b:07:1e:a2:8f:92:f6:50:e2:c6:58:f0:
a5:b5:88:95:79:1b:30:4f:f6:ca:d1:ff:e1:18:bb:94:79:c6:
8d:b9:10:0c:bf:7c:01:ba:ea:40:e4:92:bc:67:75:e3:00:9b:
37:9c:b7:27:59:b2:b7:64:72:56:bb:13:0d:9f:dd:a8:95:ef:
fe:5a:59:97:65:40:11:4a:c1:a9:0d:61:fb:54:a4:1b:cc:58:
36:08:6b:92:e5:1b:4c:04:9e:cb:91:8a:b7:b1:18:46:0e:e1:
69:43:9e:03
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYy
MjEzMTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyMDhFMzkzMDc1NkND
NkQ3MDlBNTIyNzUyODdEMDM3NjgxMDc2MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFVbQ+7o66pEy47SHqDgNLg9BL3bPF0gA9cSanbvyq/wTzr41Y
u7dyKE+0wl0s+HO9JPoFrA35rEhh3nAPglZ96RsfrlTb5aHjww+jjtbiO/+eS8iC
erg5iQiVuQExm6b/LReJTeFkfv8qiPyysTPR5TStnX7vi9d20AxegRJbEdolVmJw
5MnHcHYKgwHBI7tis5hl9M0Mjr0CJ1amVLJvcZINcr1kGjtIZi7BoPnP3dpChh2S
2flKLOPMdkLcfULwLvp4SEDeLGiXgm/jlo40/dmkFmLyO8HYflV1jg7633ffLYTy
00zo4ZEGzfYnSaBhn8ufG3huguvEA2SOg+87AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsgjjkwdWzG1wmlInUofQN2gQdhAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zZ2pqa3dkV3pHMXdtbElu
VW9mUU4yZ1FkaEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABPCkpYLtyUHS99yGoefs/5RsVom80xMClCe
FP70c4wpa1WfRfKDD1OEc83FY4+HhZxQDeni/7tiPWTyyTceCeQG7qfVnQ/6tHjB
Qgsms1nlhyaFBeWztYlBeMFcc+0l95wZnsQcr+CUfboTzk0IACg1dVSSmET1SfNd
cNWdhVeyb9Y60tFVsIFd2dRBoCJ/9OBbHMXFk4sHHqKPkvZQ4sZY8KW1iJV5GzBP
9srR/+EYu5R5xo25EAy/fAG66kDkkrxndeMAmzectydZsrdkcla7Ew2f3aiV7/5a
WZdlQBFKwakNYftUpBvMWDYIa5LlG0wEnsuRirexGEYO4WlDngM=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:39:06 2025 by rpki-client