Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wIbc67K1QuobHXHnxuT3Boj-J3s.roa
File: wIbc67K1QuobHXHnxuT3Boj-J3s.roa (raw, json)
Hash identifier: yDzs1LI/qMjtoBIEsydNKiYCKXadv/sozAPedwAhHwA=
Subject key identifier: C0:86:DC:EB:B2:B5:42:EA:1B:1D:71:E7:C6:E4:F7:06:88:FE:27:7B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 203A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wIbc67K1QuobHXHnxuT3Boj-J3s.roa
Signing time: Thu 19 Jun 2025 05:37:45 +0000
ROA not before: Thu 19 Jun 2025 05:37:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8250 (0x203a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 05:37:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C086DCEBB2B542EA1B1D71E7C6E4F70688FE277B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:97:c0:bb:af:c5:d8:78:10:7c:26:d5:13:28:
36:40:ed:6c:6d:ff:f0:b9:13:c3:c5:5c:82:fc:b7:
39:0a:c3:80:f5:0f:af:89:ad:c8:68:81:51:ce:0d:
de:3e:b8:98:4d:9c:1f:0f:68:75:82:e3:bd:ee:89:
3c:50:ec:e8:1d:7f:4e:60:8b:7c:ca:8f:86:9d:ed:
4a:a3:88:38:34:14:24:10:41:39:5b:6c:f0:20:5f:
9a:31:27:fb:b1:b6:94:ea:68:98:34:e8:85:ea:58:
58:f0:5c:21:a2:2d:31:bb:80:24:90:03:7b:ef:31:
01:48:a3:33:fd:6e:35:2b:c4:fc:5b:c7:2d:76:6d:
e0:df:80:fe:7e:f9:c3:44:8f:cd:c0:7d:35:f6:98:
4b:7a:4c:53:66:7d:7b:da:0f:60:28:d7:01:c1:fd:
2a:ea:fa:8f:0e:b1:35:84:aa:88:30:97:02:54:cc:
28:98:37:96:3c:96:72:60:f7:78:68:9e:5e:c3:6b:
c7:a3:f9:4c:7f:6d:db:92:b4:e4:c7:35:49:6a:ec:
46:7d:30:c6:73:d2:a3:f4:31:05:fe:a1:9c:0d:b8:
a3:a4:b6:a4:ce:d8:54:fb:54:34:a7:66:3e:b2:ca:
e8:aa:86:7d:43:f7:b1:c6:e1:c0:05:97:81:95:6a:
ea:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:86:DC:EB:B2:B5:42:EA:1B:1D:71:E7:C6:E4:F7:06:88:FE:27:7B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wIbc67K1QuobHXHnxuT3Boj-J3s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:cb:06:2e:a8:70:f1:af:6c:9c:90:99:06:01:9f:2e:af:4b:
dd:3f:08:08:4b:b5:bc:d4:b0:e1:42:67:81:4f:c1:a9:75:0e:
9e:1f:6d:cf:58:1a:cd:59:f7:7b:fa:d5:41:63:df:ff:a0:a3:
40:d2:10:08:33:81:19:ce:ce:7d:34:d5:ba:c7:43:14:f9:41:
91:91:fb:0e:71:49:52:4e:21:03:54:90:4c:01:37:1a:6b:4a:
d1:18:de:d9:94:2c:63:5e:7d:9d:3f:54:4e:2b:0b:24:d8:97:
69:bf:b7:b3:33:06:08:82:39:85:88:55:69:8e:e5:b3:5c:9f:
44:14:61:fb:8c:64:bf:40:0b:1a:84:6e:e3:1d:1a:e4:1a:51:
dd:23:78:7f:d6:8e:b3:3f:a3:4c:ab:52:20:66:01:61:92:e1:
b9:3e:89:bd:79:32:62:73:15:1d:b4:06:a4:1d:39:b2:6d:f4:
f9:63:c7:a9:d4:b1:fa:7a:31:d9:da:bc:35:fe:2e:19:0b:f8:
08:f1:9f:2a:87:a5:1a:83:b7:da:b5:9d:87:31:43:0e:7b:94:
03:c4:54:7e:86:04:42:4a:95:6d:c7:1c:73:b5:33:84:e6:a8:
03:b1:ee:51:41:b9:37:55:6f:ec:84:ac:43:c0:d8:ce:03:d1:
38:59:bd:25
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
NTM3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwODZEQ0VCQjJCNTQy
RUExQjFENzFFN0M2RTRGNzA2ODhGRTI3N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbl8C7r8XYeBB8JtUTKDZA7Wxt//C5E8PFXIL8tzkKw4D1D6+J
rchogVHODd4+uJhNnB8PaHWC473uiTxQ7Ogdf05gi3zKj4ad7UqjiDg0FCQQQTlb
bPAgX5oxJ/uxtpTqaJg06IXqWFjwXCGiLTG7gCSQA3vvMQFIozP9bjUrxPxbxy12
beDfgP5++cNEj83AfTX2mEt6TFNmfXvaD2Ao1wHB/Srq+o8OsTWEqogwlwJUzCiY
N5Y8lnJg93honl7Da8ej+Ux/bduStOTHNUlq7EZ9MMZz0qP0MQX+oZwNuKOktqTO
2FT7VDSnZj6yyuiqhn1D97HG4cAFl4GVaurdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwIbc67K1QuobHXHnxuT3Boj+J3swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93SWJjNjdLMVF1b2JIWEhu
eHVUM0Jvai1KM3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIDLBi6ocPGvbJyQmQYBny6vS90/CAhLtbzU
sOFCZ4FPwal1Dp4fbc9YGs1Z93v61UFj3/+go0DSEAgzgRnOzn001brHQxT5QZGR
+w5xSVJOIQNUkEwBNxprStEY3tmULGNefZ0/VE4rCyTYl2m/t7MzBgiCOYWIVWmO
5bNcn0QUYfuMZL9ACxqEbuMdGuQaUd0jeH/WjrM/o0yrUiBmAWGS4bk+ib15MmJz
FR20BqQdObJt9Pljx6nUsfp6MdnavDX+LhkL+AjxnyqHpRqDt9q1nYcxQw57lAPE
VH6GBEJKlW3HHHO1M4TmqAOx7lFBuTdVb+yErEPA2M4D0ThZvSU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:34:56 2025 by rpki-client