Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/90a2z7I-5L9R4LR_XgjjfY7J7f0.roa
File: 90a2z7I-5L9R4LR_XgjjfY7J7f0.roa (raw, json)
Hash identifier: lbvmB8a55Q12Fe/NJiz1Yfmu3uawn3F9FIzRc/8ZleA=
Subject key identifier: F7:46:B6:CF:B2:3E:E4:BF:51:E0:B4:7F:5E:08:E3:7D:8E:C9:ED:FD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0216
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/90a2z7I-5L9R4LR_XgjjfY7J7f0.roa
Signing time: Fri 09 May 2025 20:37:49 +0000
ROA not before: Fri 09 May 2025 20:37:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 534 (0x216)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 20:37:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F746B6CFB23EE4BF51E0B47F5E08E37D8EC9EDFD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3b:15:cc:c3:19:28:b8:ce:ec:9d:c6:53:ef:
47:bc:88:af:96:c7:72:82:5d:a5:26:60:fb:79:b7:
cb:0e:f5:99:0a:71:cb:c5:fd:96:78:43:ec:fc:b8:
4e:d1:de:08:2f:b1:54:c7:e2:c2:f0:58:09:8a:e5:
1b:2a:27:12:a9:36:04:a3:80:83:ae:ca:e7:64:d8:
ef:ef:dd:fe:dd:b2:ed:44:e2:05:1b:28:87:38:06:
6a:20:5d:84:6d:fd:dd:08:fb:c5:38:67:4f:da:39:
e5:a6:f6:d4:3b:e9:19:5d:9d:a8:24:62:81:dd:6f:
d0:94:e3:3c:24:ca:d6:b6:8f:35:2b:98:e1:c5:ab:
97:e6:fe:f3:81:4b:52:2a:a6:a8:a2:e6:c4:38:c2:
20:09:8e:ea:66:a2:59:9a:57:70:16:c7:d8:ad:fb:
d8:9e:48:e6:7b:81:f8:99:f0:e1:b2:ab:5f:5f:3f:
64:96:ee:70:32:7f:80:61:49:36:94:5b:bc:be:d4:
21:79:5d:f0:c1:91:fa:2d:68:9c:46:98:21:e0:ac:
ac:f4:27:81:36:27:02:8b:15:2b:3a:b2:27:51:bc:
59:07:05:96:4b:78:93:47:1e:88:4a:b9:e9:8f:66:
82:b1:fd:f2:b5:ff:07:cf:16:52:f3:c1:2c:80:4e:
66:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:46:B6:CF:B2:3E:E4:BF:51:E0:B4:7F:5E:08:E3:7D:8E:C9:ED:FD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/90a2z7I-5L9R4LR_XgjjfY7J7f0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:4b:ab:3e:0e:c1:32:a7:76:ab:5d:4f:ee:b4:da:63:ce:fd:
9c:a6:57:89:58:1b:6a:e3:0a:16:e9:ea:79:57:b9:19:dd:c7:
cc:40:ac:59:81:63:dc:6e:6a:f0:ca:97:3f:de:44:c0:c4:a9:
44:a2:76:02:6d:db:f4:6e:c6:a2:83:5a:31:ac:86:dd:f9:15:
c8:c5:91:4a:0f:89:c7:e3:4a:f2:f7:e4:08:10:00:06:a3:ae:
c3:a1:f9:d2:42:24:fd:c1:29:04:e9:7b:2f:2a:9f:4c:8a:ef:
99:71:88:11:d1:5b:49:8d:06:23:65:f2:fc:88:2a:16:1d:80:
79:a9:f2:b1:6b:01:84:fe:2d:5b:b3:c3:54:6b:9b:a4:88:46:
0d:17:ca:75:98:ce:4a:07:44:fa:a4:51:42:08:67:a9:b2:e6:
a5:07:da:e0:22:fe:4b:41:36:70:a6:f3:7d:b4:e1:e7:96:d1:
10:f3:21:94:aa:a9:83:ae:28:9e:f5:fa:29:54:1f:2b:aa:1f:
a4:e9:80:ef:8d:70:9d:a9:d7:d6:26:a8:bd:6c:34:b5:0e:0d:
46:13:7a:8d:34:83:73:22:08:06:7c:6d:ac:3b:52:fd:24:80:
6b:60:43:47:0b:7c:e7:6e:a2:0a:cf:14:28:94:d2:1e:6a:05:
95:f6:f4:d7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAhYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDky
MDM3NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY3NDZCNkNGQjIzRUU0
QkY1MUUwQjQ3RjVFMDhFMzdEOEVDOUVERkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBOxXMwxkouM7sncZT70e8iK+Wx3KCXaUmYPt5t8sO9ZkKccvF
/ZZ4Q+z8uE7R3ggvsVTH4sLwWAmK5RsqJxKpNgSjgIOuyudk2O/v3f7dsu1E4gUb
KIc4BmogXYRt/d0I+8U4Z0/aOeWm9tQ76RldnagkYoHdb9CU4zwkyta2jzUrmOHF
q5fm/vOBS1Iqpqii5sQ4wiAJjupmolmaV3AWx9it+9ieSOZ7gfiZ8OGyq19fP2SW
7nAyf4BhSTaUW7y+1CF5XfDBkfotaJxGmCHgrKz0J4E2JwKLFSs6sidRvFkHBZZL
eJNHHohKuemPZoKx/fK1/wfPFlLzwSyATmYLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU90a2z7I+5L9R4LR/XgjjfY7J7f0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85MGEyejdJLTVMOVI0TFJf
WGdqamZZN0o3ZjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHdLqz4OwTKndqtdT+602mPO/ZymV4lYG2rj
Chbp6nlXuRndx8xArFmBY9xuavDKlz/eRMDEqUSidgJt2/RuxqKDWjGsht35FcjF
kUoPicfjSvL35AgQAAajrsOh+dJCJP3BKQTpey8qn0yK75lxiBHRW0mNBiNl8vyI
KhYdgHmp8rFrAYT+LVuzw1Rrm6SIRg0XynWYzkoHRPqkUUIIZ6my5qUH2uAi/ktB
NnCm83204eeW0RDzIZSqqYOuKJ71+ilUHyuqH6TpgO+NcJ2p19YmqL1sNLUODUYT
eo00g3MiCAZ8baw7Uv0kgGtgQ0cLfOduogrPFCiU0h5qBZX29Nc=
-----END CERTIFICATE-----
Generated at Sun Jun 22 00:37:18 2025 by rpki-client