Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/twwDAnvy1hjQJQECZyHxaew3uiU.roa
File: twwDAnvy1hjQJQECZyHxaew3uiU.roa (raw, json)
Hash identifier: B5BNchm3YuHukJ+oKKayz1VhTM25ukpgnBoe+eFSmsI=
Subject key identifier: B7:0C:03:02:7B:F2:D6:18:D0:25:01:02:67:21:F1:69:EC:37:BA:25
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F9A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/twwDAnvy1hjQJQECZyHxaew3uiU.roa
Signing time: Wed 18 Jun 2025 05:19:39 +0000
ROA not before: Wed 18 Jun 2025 05:19:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8090 (0x1f9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 05:19:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B70C03027BF2D618D02501026721F169EC37BA25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a6:8a:6c:99:88:ca:0d:9a:3b:0e:4f:fb:7d:
8c:cc:60:b5:c7:48:c6:23:b3:f6:10:6d:1d:04:66:
89:7b:69:59:70:d5:1b:5d:80:e9:f8:42:f2:d2:95:
b8:1e:64:81:f4:95:31:47:53:1d:3c:fa:f8:4d:23:
6c:e6:5c:e8:5a:5c:c2:3e:0e:42:13:e5:81:34:48:
ea:91:05:58:af:f5:b3:04:8d:28:84:a7:33:48:de:
4c:70:05:6a:a7:e7:88:39:b1:08:60:73:1a:94:f3:
24:71:53:07:9b:61:f1:4b:8e:bc:17:1a:57:b4:58:
49:0d:e0:9c:67:bd:20:77:a7:cb:f5:87:98:79:63:
21:b9:3a:f2:a7:50:9f:27:84:4c:80:e1:bb:24:d5:
a7:59:15:da:ed:1a:19:a4:3b:db:ff:be:c6:65:48:
2c:59:3d:44:dc:fb:da:03:07:33:8b:90:c1:f4:91:
67:70:d8:cf:ce:9a:c4:2b:c4:5d:1a:89:10:04:67:
1b:38:29:53:bd:30:a2:45:92:dd:5b:c8:42:9a:4a:
31:27:68:10:12:ea:8e:32:dd:e9:b0:b0:ad:d0:0e:
3b:21:93:92:90:2e:48:07:a0:e8:44:d4:6e:df:08:
19:39:ff:0d:9a:1d:79:a5:80:cb:63:bc:3d:e2:9b:
3c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0C:03:02:7B:F2:D6:18:D0:25:01:02:67:21:F1:69:EC:37:BA:25
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/twwDAnvy1hjQJQECZyHxaew3uiU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:b7:4b:43:84:05:47:ff:e8:10:6b:8a:57:ee:10:f1:a9:1e:
18:cb:1d:7c:99:fb:9d:b5:93:fe:b8:1f:67:52:80:be:49:9b:
5f:3d:19:c1:63:58:ad:0f:22:4c:c4:4d:fa:b2:9c:fe:81:62:
99:24:bd:a1:7f:19:5d:e3:55:db:d7:81:11:bf:86:de:36:eb:
83:b2:c5:a6:26:af:d4:e7:24:66:55:0a:f4:b0:cd:fa:34:5c:
ab:40:5b:10:19:c4:94:ec:73:33:4a:2e:db:cf:89:25:d9:02:
89:c0:b9:ee:f5:dd:de:7d:36:f8:31:5c:d3:ea:b8:35:79:b0:
86:e9:10:fa:2d:b5:14:6b:f9:2c:dd:9f:4e:bf:77:b6:19:db:
86:3c:9e:cb:94:27:d6:cd:ef:76:a2:2a:a9:7d:d9:e9:18:74:
49:80:cf:d5:32:9c:58:3a:01:82:dd:04:4b:ad:5f:ec:f1:52:
54:a1:24:3e:b4:a4:e7:2b:9f:9e:2d:95:f8:e0:7f:1b:db:d8:
7e:56:06:12:36:47:e4:e1:83:15:c4:69:11:a3:14:b5:8f:06:
28:cd:ed:9c:1e:bc:76:2d:44:53:2f:f7:e3:e6:e4:a5:48:7f:
92:f6:a6:67:d8:7a:e5:d3:9a:11:e0:16:27:a0:0a:ba:40:c3:
6a:fa:ab:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH5owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgw
NTE5MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI3MEMwMzAyN0JGMkQ2
MThEMDI1MDEwMjY3MjFGMTY5RUMzN0JBMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzpopsmYjKDZo7Dk/7fYzMYLXHSMYjs/YQbR0EZol7aVlw1Rtd
gOn4QvLSlbgeZIH0lTFHUx08+vhNI2zmXOhaXMI+DkIT5YE0SOqRBViv9bMEjSiE
pzNI3kxwBWqn54g5sQhgcxqU8yRxUwebYfFLjrwXGle0WEkN4JxnvSB3p8v1h5h5
YyG5OvKnUJ8nhEyA4bsk1adZFdrtGhmkO9v/vsZlSCxZPUTc+9oDBzOLkMH0kWdw
2M/OmsQrxF0aiRAEZxs4KVO9MKJFkt1byEKaSjEnaBAS6o4y3emwsK3QDjshk5KQ
LkgHoOhE1G7fCBk5/w2aHXmlgMtjvD3imzxrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtwwDAnvy1hjQJQECZyHxaew3uiUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90d3dEQW52eTFoalFKUUVD
WnlIeGFldzN1aVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE+3S0OEBUf/6BBrilfuEPGpHhjLHXyZ+521
k/64H2dSgL5Jm189GcFjWK0PIkzETfqynP6BYpkkvaF/GV3jVdvXgRG/ht4264Oy
xaYmr9TnJGZVCvSwzfo0XKtAWxAZxJTsczNKLtvPiSXZAonAue713d59NvgxXNPq
uDV5sIbpEPottRRr+Szdn06/d7YZ24Y8nsuUJ9bN73aiKql92ekYdEmAz9UynFg6
AYLdBEutX+zxUlShJD60pOcrn54tlfjgfxvb2H5WBhI2R+ThgxXEaRGjFLWPBijN
7ZwevHYtRFMv9+Pm5KVIf5L2pmfYeuXTmhHgFiegCrpAw2r6qzA=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:41:59 2025 by rpki-client