Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CRHhI8H_Ca457NvZclTWl7hv2cM.roa
File: CRHhI8H_Ca457NvZclTWl7hv2cM.roa (raw, json)
Hash identifier: YvW1/iS34fAyQgGsqyoH39xqMr8KJDK0ht6L24qJksA=
Subject key identifier: 09:11:E1:23:C1:FF:09:AE:39:EC:DB:D9:72:54:D6:97:B8:6F:D9:C3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 091E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CRHhI8H_Ca457NvZclTWl7hv2cM.roa
Signing time: Mon 19 May 2025 05:38:09 +0000
ROA not before: Mon 19 May 2025 05:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2334 (0x91e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 05:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0911E123C1FF09AE39ECDBD97254D697B86FD9C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:82:fe:a0:96:3e:ee:d6:eb:47:3b:92:05:db:
f5:b2:16:d1:b2:fd:8d:fb:1f:90:50:b2:ca:54:17:
dd:23:18:0f:8f:7e:99:08:f2:35:d1:c8:96:31:b8:
3d:44:53:3f:4a:c1:6b:ad:f0:85:bb:1d:32:eb:c4:
1d:01:c2:d8:44:7e:52:c9:8f:06:f1:73:eb:2b:da:
00:37:9a:b8:16:2b:39:8c:21:9b:ad:52:cf:18:6d:
fa:de:51:d0:f1:aa:25:18:f1:8b:bd:93:be:34:9b:
72:cb:9e:a2:bf:7d:d9:49:28:02:2a:72:32:80:11:
3a:66:f6:9d:28:45:68:23:1d:b8:71:8b:60:5e:ac:
34:b0:c9:f7:59:85:34:0f:9d:75:7d:32:43:0c:94:
51:85:07:b6:20:41:48:45:bd:40:23:32:61:e8:2c:
3a:f7:d2:ce:35:07:76:49:b8:58:eb:ab:0f:9e:54:
f2:a6:0a:50:c9:3a:af:8f:e8:7b:e0:6d:1f:56:08:
84:36:b2:b8:c6:79:87:32:1e:ba:db:11:2f:29:88:
3a:45:a3:d3:ec:31:37:6c:52:bf:eb:95:02:0f:75:
f6:d4:68:71:69:31:71:cd:2d:e5:4c:bf:80:84:a0:
b9:16:4a:2a:a1:ae:01:cd:b7:6e:6c:76:d0:7e:48:
fb:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:11:E1:23:C1:FF:09:AE:39:EC:DB:D9:72:54:D6:97:B8:6F:D9:C3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CRHhI8H_Ca457NvZclTWl7hv2cM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:c8:b1:af:24:99:77:e8:69:d8:20:bf:6b:bc:c3:ae:6a:13:
31:40:ec:e4:3c:8c:49:a3:64:02:e6:53:da:12:20:b5:e0:7b:
23:de:1a:cb:12:e3:bd:51:43:53:dd:4f:64:d0:7c:77:f8:c7:
80:be:1d:c5:d3:3a:08:3c:d0:3f:d8:1c:5b:2a:32:66:6d:49:
8f:57:e0:73:e5:ec:52:ca:88:21:44:ae:97:f0:23:74:6d:9a:
c8:f4:2c:f3:58:e5:b1:30:cf:83:bb:ff:9a:f9:9e:1a:24:94:
0a:02:0c:14:6b:5d:af:67:8d:b7:75:f5:19:00:95:5a:68:4f:
71:24:f8:07:d2:14:d5:db:ff:6a:85:3e:7b:17:d9:29:cc:2f:
50:7d:90:20:26:54:48:88:6a:01:f4:64:4c:be:0b:e7:e4:e8:
51:51:6a:a6:41:38:c1:b0:41:17:6b:26:4c:01:f6:4a:3a:bf:
71:ac:86:23:ff:ff:04:73:f3:10:cf:40:4c:d9:0d:e8:07:06:
64:4a:0e:01:4c:af:15:b5:7b:9e:aa:6d:eb:4b:61:3e:43:aa:
d9:0c:2a:4d:bd:b9:f2:7e:04:fb:ad:fa:d7:3d:04:43:2b:c7:
7c:1b:24:32:1e:4e:52:de:c7:d4:ba:bf:e8:27:ed:06:6c:76:
cb:6e:fb:15
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkw
NTM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA5MTFFMTIzQzFGRjA5
QUUzOUVDREJEOTcyNTRENjk3Qjg2RkQ5QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNgv6glj7u1utHO5IF2/WyFtGy/Y37H5BQsspUF90jGA+PfpkI
8jXRyJYxuD1EUz9KwWut8IW7HTLrxB0BwthEflLJjwbxc+sr2gA3mrgWKzmMIZut
Us8YbfreUdDxqiUY8Yu9k740m3LLnqK/fdlJKAIqcjKAETpm9p0oRWgjHbhxi2Be
rDSwyfdZhTQPnXV9MkMMlFGFB7YgQUhFvUAjMmHoLDr30s41B3ZJuFjrqw+eVPKm
ClDJOq+P6HvgbR9WCIQ2srjGeYcyHrrbES8piDpFo9PsMTdsUr/rlQIPdfbUaHFp
MXHNLeVMv4CEoLkWSiqhrgHNt25sdtB+SPv1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCRHhI8H/Ca457NvZclTWl7hv2cMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DUkhoSThIX0NhNDU3TnZa
Y2xUV2w3aHYyY00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGHIsa8kmXfoadggv2u8w65qEzFA7OQ8jEmj
ZALmU9oSILXgeyPeGssS471RQ1PdT2TQfHf4x4C+HcXTOgg80D/YHFsqMmZtSY9X
4HPl7FLKiCFErpfwI3Rtmsj0LPNY5bEwz4O7/5r5nhoklAoCDBRrXa9njbd19RkA
lVpoT3Ek+AfSFNXb/2qFPnsX2SnML1B9kCAmVEiIagH0ZEy+C+fk6FFRaqZBOMGw
QRdrJkwB9ko6v3GshiP//wRz8xDPQEzZDegHBmRKDgFMrxW1e56qbetLYT5DqtkM
Kk29ufJ+BPut+tc9BEMrx3wbJDIeTlLex9S6v+gn7QZsdstu+xU=
-----END CERTIFICATE-----
Generated at Sun Jun 22 08:59:03 2025 by rpki-client