Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/x7lRSYDmgMGZQ5FJRatr07816pQ.roa
File: x7lRSYDmgMGZQ5FJRatr07816pQ.roa (raw, json)
Hash identifier: UQg8WM/f7aMHb7Js+VQ4xgA6pb4wyHUHF2XY8KPM4VY=
Subject key identifier: C7:B9:51:49:80:E6:80:C1:99:43:91:49:45:AB:6B:D3:BF:35:EA:94
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1842
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x7lRSYDmgMGZQ5FJRatr07816pQ.roa
Signing time: Sun 08 Jun 2025 10:09:35 +0000
ROA not before: Sun 08 Jun 2025 10:09:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6210 (0x1842)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 8 10:09:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C7B9514980E680C19943914945AB6BD3BF35EA94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:a8:8d:02:28:80:55:75:de:a2:37:93:48:
81:a4:7d:e5:5a:42:91:1a:4b:21:6d:3e:19:55:55:
b6:54:3c:fe:5a:ac:49:c1:86:41:db:b9:bf:a1:d4:
f3:e4:76:ff:8d:8b:d6:fc:c3:3d:18:1b:31:13:bd:
12:61:c1:aa:4a:05:e7:6c:e8:2f:89:fc:bb:f1:e8:
50:79:ed:70:39:6b:19:ec:49:09:bd:52:cf:08:6c:
7f:c0:6c:d0:64:70:50:9e:42:ba:a4:bb:58:c1:3e:
70:f1:2a:3f:f0:14:9c:ef:68:43:ea:3b:c8:79:6b:
bd:c2:52:62:17:0c:b0:a8:b0:31:9f:41:71:d5:34:
c9:cf:4b:95:10:41:43:5f:b1:36:97:d5:bc:d5:40:
10:24:ea:04:e7:f7:03:52:9a:1f:dc:d0:54:83:30:
47:94:20:0f:64:56:f1:24:4b:b3:bf:e7:83:e4:ae:
b1:b7:bb:5b:77:1d:7a:c3:b3:72:ef:12:5f:2d:74:
35:c7:33:12:87:11:a0:4b:b2:17:a0:d6:9b:ae:bf:
98:a8:01:7f:a0:3d:f8:b3:1b:99:2b:aa:d4:5a:98:
d9:38:e7:59:82:53:40:ac:fe:0a:48:4f:fd:70:cb:
61:6a:40:c7:ca:e2:67:a5:b5:b5:14:50:5f:76:8f:
66:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B9:51:49:80:E6:80:C1:99:43:91:49:45:AB:6B:D3:BF:35:EA:94
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x7lRSYDmgMGZQ5FJRatr07816pQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:25:a1:85:a6:31:85:f6:03:e8:c3:30:6c:c1:4b:a8:cd:bd:
3d:9c:ec:b9:bd:03:ed:4f:b5:a9:66:8d:16:0b:c0:6b:2e:35:
d9:22:3d:ec:09:a4:cf:e3:2c:48:31:18:d0:32:f3:94:b7:55:
56:ef:d2:1e:1b:b8:d9:fa:d3:c7:82:77:fd:6e:aa:29:49:25:
3a:aa:b0:fa:05:53:fb:75:b0:ac:8d:8c:ef:81:f4:52:8e:24:
2f:e1:b8:f8:fb:42:eb:0f:bb:e9:61:45:20:7f:f9:13:27:a6:
e9:a5:fd:98:52:a8:a8:12:d6:82:d6:d7:bf:1d:8e:f9:a7:dc:
c6:61:57:63:8e:b9:35:04:23:91:56:83:b4:02:84:fc:a8:fd:
50:18:bf:8d:87:05:6e:1b:14:7c:98:22:39:b8:fd:be:c1:e7:
a3:cc:72:0a:45:10:f8:eb:33:18:b5:41:98:4f:d7:38:4c:27:
af:50:38:cd:d0:5a:4d:0b:75:0a:fa:4b:2c:5c:86:f9:c7:27:
47:ba:ed:fd:1a:f6:6f:74:41:24:54:a4:e7:b8:27:fa:5f:58:
d7:86:30:98:61:9d:26:c0:e1:a4:00:a7:e7:6a:47:0b:dc:ee:
4c:a1:9b:8c:e1:4a:5d:13:bc:b3:68:96:c0:1f:b9:a4:30:95:
26:de:d0:72
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGEIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDgx
MDA5MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM3Qjk1MTQ5ODBFNjgw
QzE5OTQzOTE0OTQ1QUI2QkQzQkYzNUVBOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr46iNAiiAVXXeojeTSIGkfeVaQpEaSyFtPhlVVbZUPP5arEnB
hkHbub+h1PPkdv+Ni9b8wz0YGzETvRJhwapKBeds6C+J/Lvx6FB57XA5axnsSQm9
Us8IbH/AbNBkcFCeQrqku1jBPnDxKj/wFJzvaEPqO8h5a73CUmIXDLCosDGfQXHV
NMnPS5UQQUNfsTaX1bzVQBAk6gTn9wNSmh/c0FSDMEeUIA9kVvEkS7O/54PkrrG3
u1t3HXrDs3LvEl8tdDXHMxKHEaBLsheg1puuv5ioAX+gPfizG5krqtRamNk451mC
U0Cs/gpIT/1wy2FqQMfK4meltbUUUF92j2Y9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUx7lRSYDmgMGZQ5FJRatr07816pQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94N2xSU1lEbWdNR1pRNUZK
UmF0cjA3ODE2cFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAsloYWmMYX2A+jDMGzBS6jNvT2c7Lm9A+1P
talmjRYLwGsuNdkiPewJpM/jLEgxGNAy85S3VVbv0h4buNn608eCd/1uqilJJTqq
sPoFU/t1sKyNjO+B9FKOJC/huPj7QusPu+lhRSB/+RMnpuml/ZhSqKgS1oLW178d
jvmn3MZhV2OOuTUEI5FWg7QChPyo/VAYv42HBW4bFHyYIjm4/b7B56PMcgpFEPjr
Mxi1QZhP1zhMJ69QOM3QWk0LdQr6SyxchvnHJ0e67f0a9m90QSRUpOe4J/pfWNeG
MJhhnSbA4aQAp+dqRwvc7kyhm4zhSl0TvLNolsAfuaQwlSbe0HI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:54:53 2025 by rpki-client