Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BXiUoCaKldKjkaJybhlhAuMBISA.roa
File: BXiUoCaKldKjkaJybhlhAuMBISA.roa (raw, json)
Hash identifier: Vg8hTXU55TOigcjFtXW4yD6G9Y4FxtVq3iN/HLItYbs=
Subject key identifier: 05:78:94:A0:26:8A:95:D2:A3:91:A2:72:6E:19:61:02:E3:01:21:20
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03FA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BXiUoCaKldKjkaJybhlhAuMBISA.roa
Signing time: Mon 12 May 2025 09:08:04 +0000
ROA not before: Mon 12 May 2025 09:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1018 (0x3fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 09:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=057894A0268A95D2A391A2726E196102E3012120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a3:be:d1:1d:45:c6:e6:a5:4b:e1:15:ae:97:
36:9c:ad:93:6e:9b:43:e8:d4:67:d3:2c:1b:a3:50:
4a:d3:aa:a4:3d:a1:70:8d:43:d7:6f:16:cf:ca:df:
af:97:1b:23:60:6b:c2:3b:e2:1a:ed:ed:f8:3f:a8:
f5:6d:66:14:ae:4d:54:a3:6e:a9:dc:f3:9c:48:c1:
1d:25:ad:a4:49:50:cc:e9:a0:7f:af:1b:1c:7d:e1:
d4:bb:97:bb:bc:97:d0:4a:65:5e:d7:0c:f3:92:25:
d6:15:ff:3d:07:2f:40:cb:c6:83:6d:ab:34:b2:9a:
2e:04:99:ba:29:fc:f0:48:2d:ed:f6:8a:05:31:d9:
30:56:8f:55:26:fb:2f:b9:0b:47:2f:3c:1b:fb:75:
62:ec:3d:b7:a8:a3:77:a4:4b:50:80:82:ed:5e:64:
48:03:24:f3:5c:8c:3b:32:f0:7a:46:74:20:cb:40:
47:30:43:79:42:18:68:2e:88:fe:b3:62:fa:10:89:
8f:20:d4:e4:09:1e:3a:1b:9d:26:48:22:8d:ce:79:
37:01:b2:f4:ca:bc:6a:a5:9f:c5:f1:6d:10:12:83:
f2:80:e6:59:db:e5:4b:86:34:bb:39:3d:d3:fd:f4:
13:e7:aa:b5:22:a0:cd:e7:f1:33:2b:82:9a:40:90:
dc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:78:94:A0:26:8A:95:D2:A3:91:A2:72:6E:19:61:02:E3:01:21:20
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BXiUoCaKldKjkaJybhlhAuMBISA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:d5:c2:8c:1d:d8:a0:31:89:ce:4c:69:43:5e:1c:48:b7:d1:
6b:99:eb:d2:31:24:5a:ad:02:c9:86:b4:eb:26:8b:cf:60:d9:
d4:80:a0:8a:bc:db:68:5f:31:c5:d3:70:29:09:c4:dc:35:2b:
a5:d3:55:de:9a:8c:5c:72:de:68:41:30:cf:00:46:b9:3e:19:
c9:b7:1e:04:ac:7a:41:9f:39:d0:99:71:84:4a:8f:97:f3:9a:
73:b7:62:d6:a9:7d:e1:76:80:2c:95:f1:f4:eb:2e:fd:55:18:
7d:1a:c6:e1:39:27:c6:79:f7:6b:22:d3:46:75:bc:5b:63:76:
6a:9e:11:fc:41:96:bc:1b:e5:5a:61:ef:9d:ec:3b:9a:ed:6f:
46:7c:44:08:de:55:84:21:ab:e6:58:e2:09:f7:c7:c1:4f:dd:
da:84:3f:bb:0c:9b:12:01:7c:47:90:72:a4:14:0a:36:f0:d5:
ed:fe:77:e9:6d:8e:a0:cf:d4:8e:6d:99:b2:d3:df:17:34:12:
c7:43:c6:c6:fc:fa:73:6e:10:d8:92:ae:0b:80:20:e9:4d:68:
5b:b2:a2:8c:40:30:64:60:86:60:6d:d5:ea:c6:69:02:07:dc:
96:37:70:95:86:a2:74:3f:67:83:08:0b:4e:7a:83:d7:3e:85:
fa:88:ce:33
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA/owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
OTA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA1Nzg5NEEwMjY4QTk1
RDJBMzkxQTI3MjZFMTk2MTAyRTMwMTIxMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvo77RHUXG5qVL4RWulzacrZNum0Po1GfTLBujUErTqqQ9oXCN
Q9dvFs/K36+XGyNga8I74hrt7fg/qPVtZhSuTVSjbqnc85xIwR0lraRJUMzpoH+v
Gxx94dS7l7u8l9BKZV7XDPOSJdYV/z0HL0DLxoNtqzSymi4Embop/PBILe32igUx
2TBWj1Um+y+5C0cvPBv7dWLsPbeoo3ekS1CAgu1eZEgDJPNcjDsy8HpGdCDLQEcw
Q3lCGGguiP6zYvoQiY8g1OQJHjobnSZIIo3OeTcBsvTKvGqln8XxbRASg/KA5lnb
5UuGNLs5PdP99BPnqrUioM3n8TMrgppAkNwfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBXiUoCaKldKjkaJybhlhAuMBISAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CWGlVb0NhS2xkS2prYUp5
YmhsaEF1TUJJU0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFbVwowd2KAxic5MaUNeHEi30WuZ69IxJFqt
AsmGtOsmi89g2dSAoIq822hfMcXTcCkJxNw1K6XTVd6ajFxy3mhBMM8ARrk+Gcm3
HgSsekGfOdCZcYRKj5fzmnO3YtapfeF2gCyV8fTrLv1VGH0axuE5J8Z592si00Z1
vFtjdmqeEfxBlrwb5Vph753sO5rtb0Z8RAjeVYQhq+ZY4gn3x8FP3dqEP7sMmxIB
fEeQcqQUCjbw1e3+d+ltjqDP1I5tmbLT3xc0EsdDxsb8+nNuENiSrguAIOlNaFuy
ooxAMGRghmBt1erGaQIH3JY3cJWGonQ/Z4MIC056g9c+hfqIzjM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:53:14 2025 by rpki-client