Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zCPaYv6dXAG0YaLXKOIOYOvI0MY.roa
File: zCPaYv6dXAG0YaLXKOIOYOvI0MY.roa (raw, json)
Hash identifier: yZEToIAQcSWuMX/E0MckC7rt0Z2y0Wkw0rzRr95ts0g=
Subject key identifier: CC:23:DA:62:FE:9D:5C:01:B4:61:A2:D7:28:E2:0E:60:EB:C8:D0:C6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0EEA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zCPaYv6dXAG0YaLXKOIOYOvI0MY.roa
Signing time: Mon 26 May 2025 23:08:47 +0000
ROA not before: Mon 26 May 2025 23:08:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3818 (0xeea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 23:08:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CC23DA62FE9D5C01B461A2D728E20E60EBC8D0C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:71:df:ed:ec:fc:4c:3b:14:6f:cf:3a:56:df:
42:fa:42:6f:82:81:6a:bf:40:6c:08:b5:c1:b9:1a:
86:68:8c:4d:0a:e8:57:5b:7b:95:ae:83:68:0c:fd:
61:f8:ac:ba:e1:ea:b8:71:b8:86:5f:ae:e4:20:2e:
5b:4c:64:9f:22:63:b6:64:0a:ed:2b:37:31:6b:95:
45:a1:6b:a0:5e:00:d3:bd:c1:80:b5:0f:7b:c0:91:
61:1c:26:64:ed:5f:b4:f5:97:70:67:c5:9b:22:05:
5f:a3:03:db:cc:10:26:fb:b0:d7:83:ed:75:c4:87:
ed:ae:1e:ee:b4:dc:5c:c2:a8:6b:ed:ed:cf:02:24:
6d:83:e6:93:e2:55:42:cb:3e:ad:31:31:d7:fc:3a:
0b:c0:21:44:30:74:28:03:d5:53:10:d4:a8:c8:f6:
c6:3c:46:b7:e9:6f:45:48:b8:ca:a3:7b:ef:4c:ef:
7d:85:d1:21:92:96:9c:46:2f:bd:6c:b4:d4:19:80:
6a:0b:10:24:c0:ca:bf:1f:79:30:f1:db:2f:67:e9:
60:51:fa:04:06:59:69:43:8b:7a:d4:89:e1:a2:3c:
e8:c5:81:83:9a:a0:76:03:5e:ca:9c:ab:87:9c:c0:
66:a2:e6:a4:30:bf:3a:64:5f:e0:76:90:98:bd:78:
8b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:23:DA:62:FE:9D:5C:01:B4:61:A2:D7:28:E2:0E:60:EB:C8:D0:C6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zCPaYv6dXAG0YaLXKOIOYOvI0MY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:96:41:09:a5:00:0b:51:1e:c5:01:90:18:5c:ce:49:42:2e:
cd:d3:7a:b3:c3:77:b8:55:81:47:31:40:82:8c:ca:e1:88:e6:
19:f4:4d:94:86:6e:fa:8f:e1:eb:c1:1b:2c:c6:97:26:99:f2:
a4:51:c7:13:55:90:41:e9:36:b9:eb:bc:8b:c9:9c:33:60:15:
43:34:43:5d:8b:7c:e1:62:8f:ff:9c:05:82:c5:c5:c0:c0:e6:
00:ed:e4:37:a1:dd:f4:80:66:60:a1:15:3c:19:e8:c6:19:a7:
aa:00:1e:b5:81:78:48:a6:da:27:82:aa:73:bb:0a:1c:0c:e2:
fd:db:61:24:ae:92:99:60:57:6a:59:ce:b6:c5:4e:1a:b2:88:
0e:09:6c:48:6f:3b:d8:ba:25:19:01:0e:74:1c:7e:ee:df:49:
f1:e8:e7:0f:1d:fc:64:0a:49:0c:e3:dc:7b:eb:67:bd:2b:aa:
91:79:ba:b9:3c:b5:d8:84:5c:b7:c6:c4:dd:ec:30:ad:25:dd:
64:8f:4e:01:b6:ac:a7:97:a0:b3:71:2b:8a:e5:56:20:89:8f:
02:a5:37:2c:08:b0:6e:cc:c8:0f:42:59:d1:ba:58:66:f0:38:
5a:9a:0c:59:3a:33:16:a1:d1:97:25:b0:b8:ae:27:25:a0:36:
f8:90:c9:11
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYy
MzA4NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENDMjNEQTYyRkU5RDVD
MDFCNDYxQTJENzI4RTIwRTYwRUJDOEQwQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDccd/t7PxMOxRvzzpW30L6Qm+CgWq/QGwItcG5GoZojE0K6Fdb
e5Wug2gM/WH4rLrh6rhxuIZfruQgLltMZJ8iY7ZkCu0rNzFrlUWha6BeANO9wYC1
D3vAkWEcJmTtX7T1l3BnxZsiBV+jA9vMECb7sNeD7XXEh+2uHu603FzCqGvt7c8C
JG2D5pPiVULLPq0xMdf8OgvAIUQwdCgD1VMQ1KjI9sY8Rrfpb0VIuMqje+9M732F
0SGSlpxGL71stNQZgGoLECTAyr8feTDx2y9n6WBR+gQGWWlDi3rUieGiPOjFgYOa
oHYDXsqcq4ecwGai5qQwvzpkX+B2kJi9eIuxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzCPaYv6dXAG0YaLXKOIOYOvI0MYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96Q1BhWXY2ZFhBRzBZYUxY
S09JT1lPdkkwTVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADOWQQmlAAtRHsUBkBhczklCLs3TerPDd7hV
gUcxQIKMyuGI5hn0TZSGbvqP4evBGyzGlyaZ8qRRxxNVkEHpNrnrvIvJnDNgFUM0
Q12LfOFij/+cBYLFxcDA5gDt5Deh3fSAZmChFTwZ6MYZp6oAHrWBeEim2ieCqnO7
ChwM4v3bYSSukplgV2pZzrbFThqyiA4JbEhvO9i6JRkBDnQcfu7fSfHo5w8d/GQK
SQzj3HvrZ70rqpF5urk8tdiEXLfGxN3sMK0l3WSPTgG2rKeXoLNxK4rlViCJjwKl
NywIsG7MyA9CWdG6WGbwOFqaDFk6Mxah0ZclsLiuJyWgNviQyRE=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:07:52 2025 by rpki-client