Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wPjf-sZKiizcYf9KAtDJPEFceNU.roa
File: wPjf-sZKiizcYf9KAtDJPEFceNU.roa (raw, json)
Hash identifier: IOa2szsnDiQfOznkctdcxonqXz5P9JBQGWwWsKSlhb8=
Subject key identifier: C0:F8:DF:FA:C6:4A:8A:2C:DC:61:FF:4A:02:D0:C9:3C:41:5C:78:D5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2442
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wPjf-sZKiizcYf9KAtDJPEFceNU.roa
Signing time: Tue 24 Jun 2025 21:42:03 +0000
ROA not before: Tue 24 Jun 2025 21:42:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9282 (0x2442)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 24 21:42:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C0F8DFFAC64A8A2CDC61FF4A02D0C93C415C78D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:35:90:8a:75:bf:d3:a3:93:c1:7b:7f:33:93:
84:48:66:e7:16:62:18:7c:0e:09:43:56:01:a1:89:
2a:b8:28:52:c1:2a:d4:05:fd:86:ec:d3:a9:90:ca:
e6:85:89:15:fd:08:53:19:21:2f:e3:f5:7a:aa:af:
a9:7e:84:b1:eb:49:d2:5a:b1:36:e2:58:8a:0c:63:
51:b1:76:c0:2a:b2:69:97:ad:83:fc:5f:1e:7f:a4:
92:db:d4:2a:f3:87:be:59:7e:5f:27:d1:d1:47:b4:
86:33:95:22:a5:1d:04:95:49:c9:f0:b8:ba:a9:e1:
0f:14:87:91:08:9d:ef:f0:53:5a:2e:d4:17:5e:db:
10:d4:09:b4:0d:f9:7a:cc:85:bc:5a:2c:fc:81:db:
d5:b9:c6:a1:d6:60:26:a4:fc:0b:0a:78:dd:80:da:
2b:b7:9b:b6:79:de:02:3a:35:e5:ef:28:43:17:bb:
39:da:c9:1e:8e:29:b1:67:b5:8f:9b:c2:a0:14:dc:
f3:67:b0:fe:c1:94:a6:e7:0d:4b:c4:16:69:ef:64:
c8:5b:fa:06:16:ab:2b:59:8d:55:e4:b7:24:f0:c5:
71:c2:57:db:e3:f7:17:db:55:c4:21:ee:f6:a1:c2:
8e:db:b1:86:4e:65:6e:66:13:53:89:52:a5:4d:60:
03:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F8:DF:FA:C6:4A:8A:2C:DC:61:FF:4A:02:D0:C9:3C:41:5C:78:D5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wPjf-sZKiizcYf9KAtDJPEFceNU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:35:0c:fc:4e:63:7c:48:c3:65:2c:6d:38:ac:43:b5:d9:10:
a1:2b:eb:5a:9c:d3:3b:75:d5:f5:67:4e:22:79:20:8d:62:81:
7c:3a:6f:0a:a0:b1:22:ad:eb:0d:22:7b:39:22:0f:22:78:cf:
02:5b:6b:ad:76:68:b5:13:a2:c4:f7:a9:9f:f1:d3:16:ea:af:
2e:6e:70:2f:00:f2:2a:d3:6f:f6:77:6c:d0:69:67:6a:0d:73:
55:33:df:e9:35:d1:c5:84:9b:d8:49:f7:82:b5:d3:e5:d7:8c:
48:99:6c:83:44:8d:d9:85:da:61:94:99:f2:4a:2a:07:b4:fd:
2b:d1:ea:61:d3:ae:f4:2e:15:5d:2d:eb:d1:3c:e3:32:1b:75:
64:91:06:a4:0f:da:3b:41:a9:ad:40:f1:87:9f:6b:19:3b:99:
56:ac:4b:b6:e9:fd:cc:b0:16:dd:73:8f:1e:2d:9d:10:fa:aa:
ab:4c:5b:c8:59:06:85:9e:06:e6:b0:88:da:42:4a:1e:35:e4:
f7:15:3e:35:59:35:db:7f:2c:55:f4:2b:3c:3a:f7:d8:c7:c6:
f9:ab:7d:5d:92:6a:1a:39:a9:ea:71:94:35:89:06:05:4e:72:
08:89:c0:f2:5b:85:31:48:9d:27:09:72:74:cc:71:94:da:90:
8d:e8:a9:a6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjQy
MTQyMDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwRjhERkZBQzY0QThB
MkNEQzYxRkY0QTAyRDBDOTNDNDE1Qzc4RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeNZCKdb/To5PBe38zk4RIZucWYhh8DglDVgGhiSq4KFLBKtQF
/Ybs06mQyuaFiRX9CFMZIS/j9Xqqr6l+hLHrSdJasTbiWIoMY1GxdsAqsmmXrYP8
Xx5/pJLb1Crzh75Zfl8n0dFHtIYzlSKlHQSVScnwuLqp4Q8Uh5EIne/wU1ou1Bde
2xDUCbQN+XrMhbxaLPyB29W5xqHWYCak/AsKeN2A2iu3m7Z53gI6NeXvKEMXuzna
yR6OKbFntY+bwqAU3PNnsP7BlKbnDUvEFmnvZMhb+gYWqytZjVXktyTwxXHCV9vj
9xfbVcQh7vahwo7bsYZOZW5mE1OJUqVNYAPpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwPjf+sZKiizcYf9KAtDJPEFceNUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93UGpmLXNaS2lpemNZZjlL
QXRESlBFRmNlTlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGo1DPxOY3xIw2UsbTisQ7XZEKEr61qc0zt1
1fVnTiJ5II1igXw6bwqgsSKt6w0iezkiDyJ4zwJba612aLUTosT3qZ/x0xbqry5u
cC8A8irTb/Z3bNBpZ2oNc1Uz3+k10cWEm9hJ94K10+XXjEiZbINEjdmF2mGUmfJK
Kge0/SvR6mHTrvQuFV0t69E84zIbdWSRBqQP2jtBqa1A8Yefaxk7mVasS7bp/cyw
Ft1zjx4tnRD6qqtMW8hZBoWeBuawiNpCSh415PcVPjVZNdt/LFX0Kzw699jHxvmr
fV2Saho5qepxlDWJBgVOcgiJwPJbhTFInScJcnTMcZTakI3oqaY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:33:42 2025 by rpki-client