Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/5_nvqTjmMUe9yW5BJI6TPH_KK5U.roa
File: 5_nvqTjmMUe9yW5BJI6TPH_KK5U.roa (raw, json)
Hash identifier: 1KIOVdQaqFXIO2hBOFkrFo9VVfFKxCY3FBMi66iKkXY=
Subject key identifier: E7:F9:EF:A9:38:E6:31:47:BD:C9:6E:41:24:8E:93:3C:7F:CA:2B:95
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 057A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5_nvqTjmMUe9yW5BJI6TPH_KK5U.roa
Signing time: Wed 14 May 2025 09:08:03 +0000
ROA not before: Wed 14 May 2025 09:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1402 (0x57a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 09:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E7F9EFA938E63147BDC96E41248E933C7FCA2B95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e1:7f:6f:16:67:c5:d4:b4:f7:e9:a8:fc:90:
ba:94:3a:dc:5d:97:d7:c1:83:a6:b4:d0:5b:70:93:
2f:e4:b5:09:34:12:58:ee:2a:d3:bc:86:85:eb:e0:
64:c5:e6:9a:d2:92:67:26:b8:45:b8:6d:9b:be:a3:
88:d6:87:bc:34:16:aa:f7:1b:76:15:d7:05:6b:e7:
54:26:00:2c:1c:0b:8e:9d:de:cf:c4:8d:6e:e2:6c:
7a:4d:ae:bd:65:48:79:3a:9b:03:58:4a:aa:12:68:
e1:7f:c9:0a:0f:ec:e1:4d:af:de:82:9e:88:00:e8:
0a:89:83:33:fe:11:18:e8:cb:a9:97:31:8a:f1:06:
a0:6e:db:9b:5c:d3:64:75:02:fb:d7:9c:e9:38:5b:
c2:db:cf:fd:82:91:6e:7d:47:d0:d9:88:b2:23:ad:
00:0e:4c:3b:d4:22:4a:8d:19:da:d7:80:4a:65:79:
e0:70:4e:a1:ec:ed:91:e4:b2:83:0a:f8:a8:e7:b9:
43:cc:dd:e5:01:bf:c7:aa:77:e0:8f:9c:c0:62:18:
a0:bf:c3:4f:a2:d4:61:8c:9f:63:18:39:d3:01:52:
df:da:5f:15:c1:0f:9e:6c:eb:c1:08:88:29:c7:ab:
eb:36:3a:78:d7:01:96:dc:23:24:0a:19:01:3a:74:
b1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:F9:EF:A9:38:E6:31:47:BD:C9:6E:41:24:8E:93:3C:7F:CA:2B:95
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/5_nvqTjmMUe9yW5BJI6TPH_KK5U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:2f:fd:cf:35:fd:e2:91:9f:c1:54:5e:5b:95:d5:b1:99:18:
bc:d6:25:79:c3:94:c6:c0:2a:55:16:c2:7d:fe:cc:c9:71:51:
c2:3b:60:ce:41:8f:c2:2e:54:33:a8:21:75:d8:a8:80:4c:97:
ab:80:89:e2:e2:85:ac:3a:7e:09:7e:1e:83:0f:1b:7a:ac:62:
4c:c2:d5:ac:51:3b:22:ca:f7:b1:aa:23:ff:92:a9:f0:49:d6:
dc:ab:fc:ff:b9:8a:66:9c:02:3c:7f:f8:07:5e:4e:5a:41:09:
26:94:d5:25:ca:e2:c9:53:4f:52:79:b4:c6:7f:c4:50:69:df:
ad:8b:e7:8f:ea:5b:18:d4:c4:35:7b:95:74:4f:c6:6a:31:fc:
0c:22:10:55:74:66:d7:0e:05:12:6d:60:07:6e:47:82:d1:dc:
19:8e:64:e5:df:1b:13:b7:5c:72:59:07:73:7a:35:98:9f:29:
6e:95:99:46:d8:21:44:0c:fb:ad:fd:d0:70:e1:e9:01:94:43:
f9:7a:90:fd:ce:f3:0a:25:02:01:85:13:b0:24:8b:0f:1c:83:
5b:0b:9e:ab:0e:aa:a9:c4:77:6f:f2:c9:f8:1d:53:59:7d:19:
77:ed:3e:01:ef:44:01:8a:9a:69:4b:d1:41:ae:7a:42:4c:a5:
82:09:ee:01
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
OTA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEU3RjlFRkE5MzhFNjMx
NDdCREM5NkU0MTI0OEU5MzNDN0ZDQTJCOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDd4X9vFmfF1LT36aj8kLqUOtxdl9fBg6a00Ftwky/ktQk0Elju
KtO8hoXr4GTF5prSkmcmuEW4bZu+o4jWh7w0Fqr3G3YV1wVr51QmACwcC46d3s/E
jW7ibHpNrr1lSHk6mwNYSqoSaOF/yQoP7OFNr96CnogA6AqJgzP+ERjoy6mXMYrx
BqBu25tc02R1AvvXnOk4W8Lbz/2CkW59R9DZiLIjrQAOTDvUIkqNGdrXgEpleeBw
TqHs7ZHksoMK+KjnuUPM3eUBv8eqd+CPnMBiGKC/w0+i1GGMn2MYOdMBUt/aXxXB
D55s68EIiCnHq+s2OnjXAZbcIyQKGQE6dLELAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU5/nvqTjmMUe9yW5BJI6TPH/KK5UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni81X252cVRqbU1VZTl5VzVC
Skk2VFBIX0tLNVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFov/c81/eKRn8FUXluV1bGZGLzWJXnDlMbA
KlUWwn3+zMlxUcI7YM5Bj8IuVDOoIXXYqIBMl6uAieLihaw6fgl+HoMPG3qsYkzC
1axROyLK97GqI/+SqfBJ1tyr/P+5imacAjx/+AdeTlpBCSaU1SXK4slTT1J5tMZ/
xFBp362L54/qWxjUxDV7lXRPxmox/AwiEFV0ZtcOBRJtYAduR4LR3BmOZOXfGxO3
XHJZB3N6NZifKW6VmUbYIUQM+6390HDh6QGUQ/l6kP3O8wolAgGFE7Akiw8cg1sL
nqsOqqnEd2/yyfgdU1l9GXftPgHvRAGKmmlL0UGuekJMpYIJ7gE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:55:17 2025 by rpki-client