Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8lNOAJRX-xmZjVVzGM8VSjDs8MA.roa
File: 8lNOAJRX-xmZjVVzGM8VSjDs8MA.roa (raw, json)
Hash identifier: 4BPF+HrHgiT2Ic52v+iMbui0RatGwi+sE6R9vfhvaWQ=
Subject key identifier: F2:53:4E:00:94:57:FB:19:99:8D:55:73:18:CF:15:4A:30:EC:F0:C0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 066E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8lNOAJRX-xmZjVVzGM8VSjDs8MA.roa
Signing time: Thu 15 May 2025 15:38:10 +0000
ROA not before: Thu 15 May 2025 15:38:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1646 (0x66e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 15:38:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F2534E009457FB19998D557318CF154A30ECF0C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e7:23:0e:57:a3:47:e5:ac:61:f8:e0:e1:72:
af:39:2c:d4:9a:1b:8e:f4:6f:66:6d:2d:8f:36:65:
36:40:ef:fc:0e:a6:54:9a:c9:e3:d6:57:f4:f8:ed:
d7:1b:56:27:6c:62:b5:9e:35:11:5b:3e:49:3f:4e:
6c:4a:3e:33:a2:19:69:9d:b3:c4:db:90:87:f9:78:
df:5c:02:26:81:82:c7:54:e6:e2:31:30:9f:bc:b3:
d3:2e:6a:f9:a0:64:3d:11:83:31:1b:ed:f8:f4:50:
6e:c3:2d:7b:7f:b1:f3:d6:bf:17:09:11:a1:a9:25:
48:b9:8d:03:d8:fe:45:99:df:71:85:4b:bf:d7:d4:
cc:9e:84:7a:9d:ae:20:3c:02:2f:ed:96:3a:07:f3:
8f:de:41:9c:9b:6a:a2:94:e8:ef:b3:35:4b:d2:75:
b0:3b:fc:b7:cc:10:4e:5d:7e:ce:92:d6:55:55:95:
33:64:c5:bd:32:2c:dc:13:82:ec:52:4b:60:d8:c4:
c9:f5:8f:aa:ca:73:5d:af:e8:52:c2:da:8c:b7:cb:
b7:15:89:0e:08:07:85:30:e7:7c:e1:42:4a:db:38:
a0:6f:ed:7e:74:93:15:68:3e:a3:c0:9e:ec:7f:e5:
ed:45:95:45:20:dc:40:02:d5:05:38:56:11:16:c8:
c6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:53:4E:00:94:57:FB:19:99:8D:55:73:18:CF:15:4A:30:EC:F0:C0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8lNOAJRX-xmZjVVzGM8VSjDs8MA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:a7:bf:19:3a:1d:74:cc:37:81:e0:e1:5a:3a:c7:90:19:ab:
e5:93:f0:6a:95:79:77:44:71:97:e3:34:28:3b:0c:45:69:ae:
2c:c5:57:5a:83:c2:ac:2a:52:e6:b1:30:ab:17:9a:33:50:c1:
a9:73:3b:ef:ca:3b:2f:26:15:f0:69:a5:19:5f:f1:03:cf:f3:
55:b0:d2:07:9d:89:43:63:2f:f5:1d:75:fb:39:70:ad:8f:3a:
42:bc:62:b0:4f:28:70:6c:07:21:ac:01:9e:f2:f3:49:8b:02:
86:67:04:f4:09:e2:e1:0a:ee:d4:09:df:f4:f3:42:04:1f:b0:
d2:47:bf:41:53:b1:1a:3e:6a:e3:95:8a:58:4c:9c:e4:94:22:
eb:60:28:ce:f9:17:0b:02:05:ff:f5:b5:2f:7b:f9:0a:9e:22:
8f:e5:7d:0c:81:ef:35:dc:0c:c9:f6:62:a4:c3:f0:22:8f:c8:
a0:6b:c2:f7:88:f8:17:28:0e:38:da:d5:be:7c:3c:66:c0:67:
6c:b0:a2:3c:15:58:4a:4f:90:42:5a:68:fb:c5:a9:da:b8:ce:
4a:44:c8:14:c9:67:ad:70:1e:5a:71:fd:af:78:54:50:64:de:
d8:61:c6:50:ba:f8:be:76:6c:50:b5:2f:2b:9a:2e:50:0a:23:
b1:ac:16:ca
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBm4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
NTM4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYyNTM0RTAwOTQ1N0ZC
MTk5OThENTU3MzE4Q0YxNTRBMzBFQ0YwQzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa5yMOV6NH5axh+ODhcq85LNSaG470b2ZtLY82ZTZA7/wOplSa
yePWV/T47dcbVidsYrWeNRFbPkk/TmxKPjOiGWmds8TbkIf5eN9cAiaBgsdU5uIx
MJ+8s9MuavmgZD0RgzEb7fj0UG7DLXt/sfPWvxcJEaGpJUi5jQPY/kWZ33GFS7/X
1MyehHqdriA8Ai/tljoH84/eQZybaqKU6O+zNUvSdbA7/LfMEE5dfs6S1lVVlTNk
xb0yLNwTguxSS2DYxMn1j6rKc12v6FLC2oy3y7cViQ4IB4Uw53zhQkrbOKBv7X50
kxVoPqPAnux/5e1FlUUg3EAC1QU4VhEWyMaBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8lNOAJRX+xmZjVVzGM8VSjDs8MAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84bE5PQUpSWC14bVpqVlZ6
R004VlNqRHM4TUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKKnvxk6HXTMN4Hg4Vo6x5AZq+WT8GqVeXdE
cZfjNCg7DEVprizFV1qDwqwqUuaxMKsXmjNQwalzO+/KOy8mFfBppRlf8QPP81Ww
0gediUNjL/Uddfs5cK2POkK8YrBPKHBsByGsAZ7y80mLAoZnBPQJ4uEK7tQJ3/Tz
QgQfsNJHv0FTsRo+auOVilhMnOSUIutgKM75FwsCBf/1tS97+QqeIo/lfQyB7zXc
DMn2YqTD8CKPyKBrwveI+BcoDjja1b58PGbAZ2ywojwVWEpPkEJaaPvFqdq4zkpE
yBTJZ61wHlpx/a94VFBk3thhxlC6+L52bFC1LyuaLlAKI7GsFso=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:59:03 2025 by rpki-client