Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wqzgl3dfnUFc2-OsDXbeUpC3HEQ.roa
File: wqzgl3dfnUFc2-OsDXbeUpC3HEQ.roa (raw, json)
Hash identifier: UAMnQ83JV/ae4n15RZKOqMknv4scYqaLThN90A003XE=
Subject key identifier: C2:AC:E0:97:77:5F:9D:41:5C:DB:E3:AC:0D:76:DE:52:90:B7:1C:44
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2492
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wqzgl3dfnUFc2-OsDXbeUpC3HEQ.roa
Signing time: Wed 25 Jun 2025 07:43:00 +0000
ROA not before: Wed 25 Jun 2025 07:43:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9362 (0x2492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 25 07:43:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C2ACE097775F9D415CDBE3AC0D76DE5290B71C44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:bf:0a:0f:bf:68:67:e9:7f:3f:1a:9a:d9:1a:
2d:cc:fe:78:f2:0b:71:01:ce:e7:86:33:f9:b0:34:
9e:56:c6:31:76:51:aa:e7:ab:1e:e7:c9:95:82:c0:
41:39:4a:48:24:c8:d0:73:cb:9f:29:e8:25:e5:63:
35:e7:2f:68:99:c9:8e:a0:3b:92:71:06:0e:e0:65:
69:f3:67:f7:5c:7e:ce:62:74:2d:19:56:85:38:e8:
4a:a5:35:23:f5:47:d1:88:bd:19:e0:d9:25:82:fb:
1f:cd:72:03:fd:2d:27:f6:94:2a:ac:35:91:f0:fd:
b1:69:d6:8d:81:61:47:48:b0:7f:f1:cd:c8:6f:08:
aa:ae:e4:77:7e:0a:70:29:e4:64:cf:c5:2c:e4:e9:
45:54:cb:6b:75:24:da:04:d9:b3:78:59:ea:52:fc:
da:5f:6b:f8:33:6b:a6:27:93:dc:25:1b:70:99:63:
31:71:1e:08:39:df:83:2e:e8:51:90:1b:bc:38:c1:
fe:ef:14:9c:8c:24:57:80:4d:a3:ab:42:f5:46:47:
d8:36:8b:23:66:13:a8:c5:d7:89:84:16:7c:eb:d7:
cf:d3:3a:7a:cd:55:ba:b5:d4:60:c6:46:74:9a:0b:
09:2d:76:b7:c1:71:0f:0d:15:09:3f:d5:a9:df:35:
e3:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AC:E0:97:77:5F:9D:41:5C:DB:E3:AC:0D:76:DE:52:90:B7:1C:44
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wqzgl3dfnUFc2-OsDXbeUpC3HEQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:f2:d4:eb:bb:20:f5:37:3d:84:c4:89:49:ff:18:54:43:d8:
b0:27:8e:3b:4b:4c:2b:b2:d4:af:96:7c:c5:78:35:e4:4f:5f:
11:96:40:ae:0f:6d:b7:a4:8b:c2:e4:b7:33:cc:45:d3:72:17:
d6:9b:ab:8d:47:a8:32:4f:8e:e9:c2:df:95:8a:53:11:29:ed:
68:01:80:ed:0d:0d:7f:16:ee:dc:b1:82:dc:8b:77:d8:6c:22:
1f:9a:35:2d:23:7a:b6:90:58:78:01:db:80:70:ea:fa:54:44:
e5:65:d3:ed:7f:09:62:ba:83:f8:3a:ad:22:73:fd:ac:3e:f8:
d5:53:6e:c5:10:31:6f:1a:63:dd:94:f9:36:0b:d4:62:78:fe:
10:8e:71:9b:14:3c:70:a2:8e:f6:f4:5e:38:53:23:e8:0f:f3:
d4:95:ab:ba:98:a4:aa:bf:33:0a:7e:dd:38:da:7e:71:ba:51:
a4:63:ab:ad:ec:34:12:77:7f:9e:3f:b5:a6:93:87:1d:01:ec:
e3:bd:eb:1a:66:11:bf:70:35:86:4e:51:b3:53:e6:5a:50:f9:
d8:25:38:dd:c3:fd:ad:b4:01:45:74:60:51:e4:1f:73:87:19:
7c:31:68:99:7c:ac:4e:be:53:fc:e3:cf:5f:30:b5:92:29:d2:
78:9b:6e:67
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICJJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjUw
NzQzMDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMyQUNFMDk3Nzc1RjlE
NDE1Q0RCRTNBQzBENzZERTUyOTBCNzFDNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOvwoPv2hn6X8/GprZGi3M/njyC3EBzueGM/mwNJ5WxjF2Uarn
qx7nyZWCwEE5SkgkyNBzy58p6CXlYzXnL2iZyY6gO5JxBg7gZWnzZ/dcfs5idC0Z
VoU46EqlNSP1R9GIvRng2SWC+x/NcgP9LSf2lCqsNZHw/bFp1o2BYUdIsH/xzchv
CKqu5Hd+CnAp5GTPxSzk6UVUy2t1JNoE2bN4WepS/Npfa/gza6Ynk9wlG3CZYzFx
Hgg534Mu6FGQG7w4wf7vFJyMJFeATaOrQvVGR9g2iyNmE6jF14mEFnzr18/TOnrN
Vbq11GDGRnSaCwktdrfBcQ8NFQk/1anfNeOzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwqzgl3dfnUFc2+OsDXbeUpC3HEQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93cXpnbDNkZm5VRmMyLU9z
RFhiZVVwQzNIRVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHTy1Ou7IPU3PYTEiUn/GFRD2LAnjjtLTCuy
1K+WfMV4NeRPXxGWQK4Pbbeki8LktzPMRdNyF9abq41HqDJPjunC35WKUxEp7WgB
gO0NDX8W7tyxgtyLd9hsIh+aNS0jeraQWHgB24Bw6vpUROVl0+1/CWK6g/g6rSJz
/aw++NVTbsUQMW8aY92U+TYL1GJ4/hCOcZsUPHCijvb0XjhTI+gP89SVq7qYpKq/
Mwp+3TjafnG6UaRjq63sNBJ3f54/taaThx0B7OO96xpmEb9wNYZOUbNT5lpQ+dgl
ON3D/a20AUV0YFHkH3OHGXwxaJl8rE6+U/zjz18wtZIp0nibbmc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:54:49 2025 by rpki-client