Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uFcHH_qoaDwOGmMsrs4WweAE_ow.roa
File: uFcHH_qoaDwOGmMsrs4WweAE_ow.roa (raw, json)
Hash identifier: Ki1JaBSlfE0Z1OODE9wFViAMy3PTX1OgR3gdsmYJM88=
Subject key identifier: B8:57:07:1F:FA:A8:68:3C:0E:1A:63:2C:AE:CE:16:C1:E0:04:FE:8C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 216E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uFcHH_qoaDwOGmMsrs4WweAE_ow.roa
Signing time: Sat 21 Jun 2025 03:11:50 +0000
ROA not before: Sat 21 Jun 2025 03:11:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8558 (0x216e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 03:11:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B857071FFAA8683C0E1A632CAECE16C1E004FE8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3b:3d:dd:94:40:18:15:ab:9f:49:ca:4e:d2:
81:a0:c3:e5:62:f9:25:9e:9d:39:ed:11:df:d8:7d:
d2:c1:98:00:5c:ce:af:01:fd:02:e2:2f:c6:64:75:
42:5a:d7:7b:3a:d7:81:db:45:db:0d:7c:84:ba:03:
64:d0:72:e0:72:4a:98:3a:b5:47:57:9a:72:2f:29:
5e:04:03:fe:09:c1:0a:cd:9a:6b:91:36:25:e1:0c:
6f:6c:6a:c1:dd:7a:19:9f:a0:a8:40:ff:bd:a6:77:
8e:c1:9c:27:57:16:02:5e:7a:3a:2a:59:7b:77:23:
0b:5a:24:70:1e:c2:41:d4:0f:37:59:df:62:04:98:
e7:c2:2e:d3:45:9a:d2:7c:bd:27:22:9e:e6:0b:ca:
79:4b:58:d3:68:dc:79:7c:5b:6b:c7:5d:63:80:c0:
5f:1e:4c:83:b2:47:4f:da:e7:5d:a6:2c:58:9b:3b:
ca:c2:7e:6f:c3:6b:a7:c2:58:11:20:07:8b:aa:29:
22:b7:f0:1b:24:b9:eb:21:6c:4a:fd:2a:a6:bf:33:
2d:2a:f9:0e:8c:cc:97:d0:64:78:0c:34:da:88:1c:
8c:bd:85:49:8e:d9:1e:cf:a5:ec:fb:aa:b8:b1:be:
ac:3b:00:c6:ae:4b:76:5c:fd:50:c7:16:61:76:c7:
cd:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:57:07:1F:FA:A8:68:3C:0E:1A:63:2C:AE:CE:16:C1:E0:04:FE:8C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uFcHH_qoaDwOGmMsrs4WweAE_ow.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:f9:0c:52:1c:bc:7c:5e:2c:33:1e:2a:3a:75:52:fb:62:dc:
0f:5e:46:41:96:54:32:f8:8a:7c:02:c4:cd:f9:ea:bf:3d:f7:
b1:d5:07:b1:96:5d:86:28:d6:29:81:7b:55:ae:69:d7:dd:05:
09:42:25:6d:77:da:0f:78:d6:67:c5:01:bb:bc:43:ac:f2:d2:
24:5a:ff:02:4f:58:68:43:18:db:66:ce:e6:d9:15:c4:f6:09:
93:1f:4c:0e:55:c4:86:a7:f5:12:17:17:0b:c1:c9:88:f1:ef:
86:dc:c4:7b:3f:e8:bd:07:e2:09:60:0b:a9:6b:26:e2:f0:5b:
c4:c6:04:d2:1e:46:24:37:0c:85:86:86:a2:a0:72:e0:e2:0c:
e9:59:fd:da:64:82:3b:8b:f5:4d:06:22:80:75:ce:8c:92:ef:
91:b0:32:04:13:3a:04:31:c5:19:db:6e:5f:97:59:b0:37:88:
f4:48:9b:f3:b0:fe:45:e1:4f:e8:14:bd:3d:4a:ae:6d:81:cb:
a6:84:36:4e:53:fe:37:03:bf:7c:36:b3:87:40:ac:5a:ff:21:
27:d3:1d:57:23:8d:24:d6:61:1a:32:25:90:23:67:79:f2:49:
a8:0a:6d:5e:b0:58:4c:b1:83:59:ab:4f:8d:3d:e4:e6:6e:35:
16:f2:85:3a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEw
MzExNTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI4NTcwNzFGRkFBODY4
M0MwRTFBNjMyQ0FFQ0UxNkMxRTAwNEZFOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHOz3dlEAYFaufScpO0oGgw+Vi+SWenTntEd/YfdLBmABczq8B
/QLiL8ZkdUJa13s614HbRdsNfIS6A2TQcuBySpg6tUdXmnIvKV4EA/4JwQrNmmuR
NiXhDG9sasHdehmfoKhA/72md47BnCdXFgJeejoqWXt3IwtaJHAewkHUDzdZ32IE
mOfCLtNFmtJ8vScinuYLynlLWNNo3Hl8W2vHXWOAwF8eTIOyR0/a512mLFibO8rC
fm/Da6fCWBEgB4uqKSK38BskueshbEr9Kqa/My0q+Q6MzJfQZHgMNNqIHIy9hUmO
2R7Ppez7qrixvqw7AMauS3Zc/VDHFmF2x805AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuFcHH/qoaDwOGmMsrs4WweAE/owwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91RmNISF9xb2FEd09HbU1z
cnM0V3dlQUVfb3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFz5DFIcvHxeLDMeKjp1Uvti3A9eRkGWVDL4
inwCxM356r8997HVB7GWXYYo1imBe1WuadfdBQlCJW132g941mfFAbu8Q6zy0iRa
/wJPWGhDGNtmzubZFcT2CZMfTA5VxIan9RIXFwvByYjx74bcxHs/6L0H4glgC6lr
JuLwW8TGBNIeRiQ3DIWGhqKgcuDiDOlZ/dpkgjuL9U0GIoB1zoyS75GwMgQTOgQx
xRnbbl+XWbA3iPRIm/Ow/kXhT+gUvT1Krm2By6aENk5T/jcDv3w2s4dArFr/ISfT
HVcjjSTWYRoyJZAjZ3nySagKbV6wWEyxg1mrT4095OZuNRbyhTo=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:36:59 2025 by rpki-client