Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-t5I69DSrpyoPKRV1en9dbzknAE.roa
File: -t5I69DSrpyoPKRV1en9dbzknAE.roa (raw, json)
Hash identifier: jFcWjk5MtLsoz5+Ojt0MxcCaBzmq2mjtxbp0Y2n8tX0=
Subject key identifier: FA:DE:48:EB:D0:D2:AE:9C:A8:3C:A4:55:D5:E9:FD:75:BC:E4:9C:01
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 016E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-t5I69DSrpyoPKRV1en9dbzknAE.roa
Signing time: Thu 08 May 2025 23:37:43 +0000
ROA not before: Thu 08 May 2025 23:37:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 366 (0x16e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 23:37:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FADE48EBD0D2AE9CA83CA455D5E9FD75BCE49C01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:44:d0:bb:45:03:3c:78:fe:61:2c:12:57:7c:
35:d5:63:2c:90:46:c4:75:a3:11:e4:73:5f:69:89:
e5:46:8e:d6:76:a4:c2:40:7a:f1:18:cd:4a:85:6f:
54:a2:b2:58:34:36:04:08:8f:3d:80:53:3b:48:bc:
67:26:9f:99:d2:f3:2e:81:f0:73:70:5f:e4:ff:9f:
0b:1b:fb:fd:ba:c4:6b:03:e2:dd:a8:c5:00:9b:01:
a6:f4:c2:4f:61:73:47:ee:35:62:e5:f4:80:ad:b0:
a2:15:67:85:90:52:1d:f6:79:6a:ee:30:0b:18:25:
4a:49:12:44:77:20:d7:19:55:22:70:e8:57:87:15:
89:bd:4b:7b:e4:6b:26:39:33:b1:a8:f4:2a:d1:79:
ce:dd:e2:d7:99:e7:99:98:9b:04:7b:75:92:41:ce:
05:98:1e:a6:c1:e8:9b:de:82:70:91:b9:cd:25:c7:
df:f4:c8:d7:60:12:5b:12:fa:38:db:b1:5f:98:30:
c0:3b:62:d5:b5:24:9a:cb:8b:c1:5f:c5:1d:82:15:
8a:5b:72:5c:82:70:47:e1:75:0a:30:05:43:5a:05:
3a:4f:5f:5c:bf:f2:4a:cd:93:f8:00:37:85:ec:b7:
4a:fe:9d:e1:c2:c7:f0:c3:44:53:45:2d:1c:95:9d:
cf:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:DE:48:EB:D0:D2:AE:9C:A8:3C:A4:55:D5:E9:FD:75:BC:E4:9C:01
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-t5I69DSrpyoPKRV1en9dbzknAE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:8a:5a:76:de:f0:c5:d4:c6:fa:8c:32:5b:bc:b6:18:06:1c:
d5:fb:49:5c:f2:d4:7b:5c:b8:9f:43:45:bd:9b:e8:c1:04:16:
ad:8b:c3:bf:ac:4f:b1:d1:42:21:4a:e4:7b:d9:5c:f4:e7:0c:
97:b3:75:14:40:af:cd:f9:66:44:45:f1:54:7f:c4:6d:92:90:
ec:aa:bb:6e:a4:a3:cd:92:1d:3e:37:9c:e6:47:2a:5d:26:21:
15:c3:f9:47:e2:0e:46:ff:f7:20:4f:a1:eb:d0:cf:a7:58:47:
8d:94:df:71:62:04:74:f3:39:6b:7f:35:b5:f6:16:ac:76:6e:
3f:25:a9:3a:45:47:b7:e2:d0:9d:5d:08:e8:bb:ec:4e:74:1a:
cd:03:d4:8c:73:e0:7d:6a:e2:83:2a:c2:1d:54:5b:39:0b:7b:
9f:3a:e1:02:41:26:57:2b:3d:a6:3a:23:da:9f:9d:b6:38:2e:
5e:c8:32:6c:20:3d:0f:48:51:67:76:e1:c0:94:1e:98:9b:51:
ba:78:2a:a5:5b:7c:e5:cf:57:ee:c1:4f:86:81:24:4c:2d:b0:
53:67:a5:a0:8d:22:78:c5:d4:17:82:fa:70:fb:b9:a6:55:9b:
64:4c:3d:64:35:9c:25:cc:51:91:2f:97:e0:ca:6b:f1:49:50:
88:2a:71:4f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgy
MzM3NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZBREU0OEVCRDBEMkFF
OUNBODNDQTQ1NUQ1RTlGRDc1QkNFNDlDMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsRNC7RQM8eP5hLBJXfDXVYyyQRsR1oxHkc19pieVGjtZ2pMJA
evEYzUqFb1Sislg0NgQIjz2AUztIvGcmn5nS8y6B8HNwX+T/nwsb+/26xGsD4t2o
xQCbAab0wk9hc0fuNWLl9ICtsKIVZ4WQUh32eWruMAsYJUpJEkR3INcZVSJw6FeH
FYm9S3vkayY5M7Go9CrRec7d4teZ55mYmwR7dZJBzgWYHqbB6JvegnCRuc0lx9/0
yNdgElsS+jjbsV+YMMA7YtW1JJrLi8FfxR2CFYpbclyCcEfhdQowBUNaBTpPX1y/
8krNk/gAN4Xst0r+neHCx/DDRFNFLRyVnc/5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+t5I69DSrpyoPKRV1en9dbzknAEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tdDVJNjlEU3JweW9QS1JW
MWVuOWRiemtuQUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADaKWnbe8MXUxvqMMlu8thgGHNX7SVzy1Htc
uJ9DRb2b6MEEFq2Lw7+sT7HRQiFK5HvZXPTnDJezdRRAr835ZkRF8VR/xG2SkOyq
u26ko82SHT43nOZHKl0mIRXD+UfiDkb/9yBPoevQz6dYR42U33FiBHTzOWt/NbX2
Fqx2bj8lqTpFR7fi0J1dCOi77E50Gs0D1Ixz4H1q4oMqwh1UWzkLe5864QJBJlcr
PaY6I9qfnbY4Ll7IMmwgPQ9IUWd24cCUHpibUbp4KqVbfOXPV+7BT4aBJEwtsFNn
paCNInjF1BeC+nD7uaZVm2RMPWQ1nCXMUZEvl+DKa/FJUIgqcU8=
-----END CERTIFICATE-----
Generated at Sat Jun 21 05:52:33 2025 by rpki-client