Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wO0fr2F9kyV4WO6wjepBpf7SoPU.roa
File: wO0fr2F9kyV4WO6wjepBpf7SoPU.roa (raw, json)
Hash identifier: PldenHsBgRkDbzHWl4u7vrb2pn/kgZgpfseL00e65qY=
Subject key identifier: C0:ED:1F:AF:61:7D:93:25:78:58:EE:B0:8D:EA:41:A5:FE:D2:A0:F5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2156
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wO0fr2F9kyV4WO6wjepBpf7SoPU.roa
Signing time: Sat 21 Jun 2025 00:11:44 +0000
ROA not before: Sat 21 Jun 2025 00:11:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8534 (0x2156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 00:11:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C0ED1FAF617D93257858EEB08DEA41A5FED2A0F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7a:d0:0f:8b:5d:20:c8:5a:28:4d:97:85:ea:
79:18:c4:ef:2f:a7:40:5f:ce:ff:69:43:e4:72:85:
84:c4:77:9e:0b:a2:06:f9:74:a9:58:70:65:87:8e:
a0:c3:e2:0c:e7:f2:d2:6e:b5:47:fc:ff:29:f9:84:
b9:e6:df:cb:4a:21:92:a8:80:e0:52:aa:dc:39:a5:
f8:4f:10:8a:94:41:1c:0c:42:8a:42:f3:f8:b2:b2:
84:72:15:41:cc:35:0f:8b:c3:9c:f5:ca:96:97:b4:
d1:cd:3f:57:33:66:d4:7b:17:7c:f7:af:2d:c2:58:
08:87:ba:c4:bb:71:23:5a:3f:e6:10:b3:58:d4:e6:
ac:ae:2f:25:a2:5b:4d:8e:21:2c:14:d3:3b:8c:d9:
62:6e:5c:e1:33:84:60:28:21:21:1d:23:53:74:34:
a5:3c:90:1f:08:28:85:80:c6:10:99:08:ce:5f:90:
5c:bd:54:d6:40:41:ab:9f:22:76:88:76:7e:29:5d:
8a:57:64:54:b5:24:0e:84:04:3f:c9:b5:05:02:2e:
26:b8:d6:58:66:dc:30:ce:99:df:3b:0d:65:e8:e5:
30:8d:dc:aa:15:44:1a:bd:92:b0:92:a1:3b:85:05:
40:32:aa:04:f3:9f:53:2c:68:f7:e6:da:81:83:ed:
7b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:ED:1F:AF:61:7D:93:25:78:58:EE:B0:8D:EA:41:A5:FE:D2:A0:F5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wO0fr2F9kyV4WO6wjepBpf7SoPU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:07:7a:e0:63:9e:ec:6a:80:41:e2:c3:05:42:ab:6c:51:d5:
d9:3b:22:1a:26:a4:8b:ca:c6:bb:eb:a7:d8:dd:23:1e:3b:0b:
73:2f:d9:8c:c7:00:e1:04:35:3a:5f:f2:5e:84:1d:98:33:ca:
d3:c5:db:f9:f6:99:91:7e:ab:50:48:10:f3:60:ca:a5:53:96:
d6:41:58:2f:40:7c:70:23:cf:64:61:07:27:c6:5e:b8:c9:75:
7f:29:8c:e9:f5:9a:91:6c:db:8d:4f:94:0d:22:59:e2:18:a2:
d3:d4:8b:c2:f5:e4:e1:9e:e2:cd:cb:28:75:e4:b0:68:d0:07:
73:ad:b1:f5:34:ec:b2:7d:5b:db:39:dc:30:81:97:69:80:20:
65:fb:e2:a2:d0:e8:3c:89:12:a8:94:3e:46:96:55:e0:ae:44:
f8:53:b6:f8:1f:22:cd:1c:1a:ab:22:36:e3:cb:6a:fc:e1:04:
b0:14:e7:88:e9:9c:45:28:f1:c1:db:fb:0a:04:57:6a:7a:a3:
2d:4b:e1:53:ce:39:19:87:61:0a:b2:ee:3e:50:b6:c3:07:f1:
d7:fc:f3:9b:ad:30:4e:67:63:5c:5e:ff:08:c3:7c:bc:00:49:
97:f4:27:72:96:80:17:a8:0a:63:a7:2c:95:36:c9:9d:a2:de:
db:0d:a8:eb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEw
MDExNDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwRUQxRkFGNjE3RDkz
MjU3ODU4RUVCMDhERUE0MUE1RkVEMkEwRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSetAPi10gyFooTZeF6nkYxO8vp0Bfzv9pQ+RyhYTEd54Logb5
dKlYcGWHjqDD4gzn8tJutUf8/yn5hLnm38tKIZKogOBSqtw5pfhPEIqUQRwMQopC
8/iysoRyFUHMNQ+Lw5z1ypaXtNHNP1czZtR7F3z3ry3CWAiHusS7cSNaP+YQs1jU
5qyuLyWiW02OISwU0zuM2WJuXOEzhGAoISEdI1N0NKU8kB8IKIWAxhCZCM5fkFy9
VNZAQaufInaIdn4pXYpXZFS1JA6EBD/JtQUCLia41lhm3DDOmd87DWXo5TCN3KoV
RBq9krCSoTuFBUAyqgTzn1MsaPfm2oGD7Xs1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwO0fr2F9kyV4WO6wjepBpf7SoPUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93TzBmcjJGOWt5VjRXTzZ3
amVwQnBmN1NvUFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADgHeuBjnuxqgEHiwwVCq2xR1dk7IhompIvK
xrvrp9jdIx47C3Mv2YzHAOEENTpf8l6EHZgzytPF2/n2mZF+q1BIEPNgyqVTltZB
WC9AfHAjz2RhByfGXrjJdX8pjOn1mpFs241PlA0iWeIYotPUi8L15OGe4s3LKHXk
sGjQB3OtsfU07LJ9W9s53DCBl2mAIGX74qLQ6DyJEqiUPkaWVeCuRPhTtvgfIs0c
GqsiNuPLavzhBLAU54jpnEUo8cHb+woEV2p6oy1L4VPOORmHYQqy7j5QtsMH8df8
85utME5nY1xe/wjDfLwASZf0J3KWgBeoCmOnLJU2yZ2i3tsNqOs=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:43:09 2025 by rpki-client