Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/x4Egh6DaDn0z3cluye8JRgA8pTA.roa
File: x4Egh6DaDn0z3cluye8JRgA8pTA.roa (raw, json)
Hash identifier: iWQ2KuESqPfyb42CQdc4ZaIXWdN0baBg1l1JgMGo3rQ=
Subject key identifier: C7:81:20:87:A0:DA:0E:7D:33:DD:C9:6E:C9:EF:09:46:00:3C:A5:30
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2366
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x4Egh6DaDn0z3cluye8JRgA8pTA.roa
Signing time: Mon 23 Jun 2025 18:12:04 +0000
ROA not before: Mon 23 Jun 2025 18:12:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9062 (0x2366)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 18:12:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C7812087A0DA0E7D33DDC96EC9EF0946003CA530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:19:51:47:34:e2:b5:0c:5a:3b:c6:32:d6:ad:
8b:46:56:2d:63:dd:27:18:8f:c0:9e:77:a1:4b:c4:
70:a7:da:bc:49:df:3f:20:25:0d:70:15:a0:43:b4:
91:7e:43:6d:bd:5d:9b:c4:1a:a3:f9:aa:83:1c:95:
d1:97:54:0f:0f:9f:36:b4:c8:54:23:5d:cf:b9:bd:
d5:fc:29:6d:4a:0f:20:71:66:9e:71:d8:1c:e3:9c:
25:39:18:cb:f1:d9:6d:d5:2a:1f:59:1b:ea:c7:6d:
73:45:0e:be:e1:cb:f5:10:f1:3b:80:a6:08:06:d7:
1e:41:83:62:d4:bb:c8:96:ff:6a:ec:22:c4:53:8e:
04:fa:0e:2f:fa:12:a9:ea:be:b4:45:4d:da:38:75:
9f:7e:ba:96:99:aa:d4:c0:aa:91:79:b7:b1:d8:79:
4b:b3:6b:8a:52:3e:a2:5e:bb:01:95:e6:c4:78:85:
44:9e:f0:2f:e4:97:4a:4f:83:ad:aa:d5:d5:fd:a9:
e3:b4:16:22:a6:8e:5b:33:29:6c:dd:e8:be:6d:de:
d0:60:25:0b:96:8a:92:19:83:54:a4:73:b8:dd:c0:
f9:ad:88:68:e4:80:0d:9f:5c:6d:12:f1:63:7f:c5:
50:d9:42:75:06:33:fa:da:52:09:53:c8:53:a2:4f:
82:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:81:20:87:A0:DA:0E:7D:33:DD:C9:6E:C9:EF:09:46:00:3C:A5:30
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x4Egh6DaDn0z3cluye8JRgA8pTA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:a8:4b:d0:76:31:ca:c4:36:19:e5:10:d0:5f:b5:a4:64:2f:
17:85:fd:cb:71:be:d7:e2:93:28:2b:55:f2:ff:ca:d8:08:d6:
e0:9f:a7:5c:e2:b8:97:b2:2d:3d:62:2e:1b:a6:94:28:97:70:
8c:4c:42:4d:6c:09:44:82:ca:9d:95:ec:7c:20:5a:f7:54:dc:
ae:7c:96:c6:6b:f8:eb:f0:57:9f:26:7c:38:eb:25:5c:65:00:
35:a7:f5:ac:03:b5:ea:35:8a:6e:cb:a6:46:27:70:06:bb:93:
f1:e6:74:1e:85:36:74:db:e6:aa:9c:1c:4d:74:17:dd:34:77:
14:e1:ad:d5:01:2d:19:d0:42:d3:b5:46:7d:4f:08:d1:f3:fe:
63:95:c9:ce:6f:a8:52:8d:39:27:cc:0e:2f:18:12:48:9f:8b:
62:2a:19:c0:8c:41:5d:3b:8e:58:18:95:cf:b9:a7:fb:cc:10:
30:49:5d:4b:9e:c7:cc:27:19:40:d7:ad:d3:6c:04:0f:66:4f:
95:67:ad:8f:d9:38:7a:d7:90:2e:74:c9:fa:c5:6a:c2:d2:14:
30:f7:74:ea:e0:24:f4:f9:cf:b1:5f:10:8c:27:f7:d7:97:07:
5e:01:bd:eb:59:0b:cc:a6:9b:50:3b:ce:9f:0c:0f:36:60:5b:
33:23:d7:70
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMx
ODEyMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM3ODEyMDg3QTBEQTBF
N0QzM0REQzk2RUM5RUYwOTQ2MDAzQ0E1MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/GVFHNOK1DFo7xjLWrYtGVi1j3ScYj8Ced6FLxHCn2rxJ3z8g
JQ1wFaBDtJF+Q229XZvEGqP5qoMcldGXVA8Pnza0yFQjXc+5vdX8KW1KDyBxZp5x
2BzjnCU5GMvx2W3VKh9ZG+rHbXNFDr7hy/UQ8TuApggG1x5Bg2LUu8iW/2rsIsRT
jgT6Di/6EqnqvrRFTdo4dZ9+upaZqtTAqpF5t7HYeUuza4pSPqJeuwGV5sR4hUSe
8C/kl0pPg62q1dX9qeO0FiKmjlszKWzd6L5t3tBgJQuWipIZg1Skc7jdwPmtiGjk
gA2fXG0S8WN/xVDZQnUGM/raUglTyFOiT4ItAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUx4Egh6DaDn0z3cluye8JRgA8pTAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94NEVnaDZEYURuMHozY2x1
eWU4SlJnQThwVEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJuoS9B2McrENhnlENBftaRkLxeF/ctxvtfi
kygrVfL/ytgI1uCfp1ziuJeyLT1iLhumlCiXcIxMQk1sCUSCyp2V7HwgWvdU3K58
lsZr+OvwV58mfDjrJVxlADWn9awDteo1im7LpkYncAa7k/HmdB6FNnTb5qqcHE10
F900dxThrdUBLRnQQtO1Rn1PCNHz/mOVyc5vqFKNOSfMDi8YEkifi2IqGcCMQV07
jlgYlc+5p/vMEDBJXUuex8wnGUDXrdNsBA9mT5VnrY/ZOHrXkC50yfrFasLSFDD3
dOrgJPT5z7FfEIwn99eXB14BvetZC8ymm1A7zp8MDzZgWzMj13A=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:37:07 2025 by rpki-client