Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Dxn0zVDdzsO0xeb36Ox-EiU5Yps.roa
File: Dxn0zVDdzsO0xeb36Ox-EiU5Yps.roa (raw, json)
Hash identifier: rRTaqQnNgKWmtT/2HBWaqukYrCQuKyL8FG2UtyBhlAM=
Subject key identifier: 0F:19:F4:CD:50:DD:CE:C3:B4:C5:E6:F7:E8:EC:7E:12:25:39:62:9B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0ED6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Dxn0zVDdzsO0xeb36Ox-EiU5Yps.roa
Signing time: Mon 26 May 2025 20:38:45 +0000
ROA not before: Mon 26 May 2025 20:38:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3798 (0xed6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 20:38:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0F19F4CD50DDCEC3B4C5E6F7E8EC7E122539629B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e0:35:48:2f:00:53:cb:54:73:c4:15:e8:98:
19:20:0f:a6:e3:46:0a:f7:3c:13:2a:a9:8f:eb:ae:
d1:22:25:7b:02:8e:57:a0:aa:5b:0b:90:f5:1f:94:
d5:9b:02:86:10:50:34:6f:17:9b:20:67:5d:c0:67:
bf:c4:6b:2f:08:31:86:08:17:63:c1:d9:79:fd:6f:
47:23:2e:7d:ab:9f:5a:c5:e7:3d:14:98:f7:21:50:
8c:b6:b2:1b:db:38:61:2b:9d:bf:59:25:33:f7:70:
38:83:82:b9:59:83:3f:d2:12:96:73:e3:cf:45:f8:
9d:a3:4a:de:48:6a:cb:57:de:e3:fe:86:29:0f:65:
56:bb:e9:46:34:70:46:83:ae:b7:89:45:53:ee:05:
e3:2e:2a:e5:c5:0b:ca:45:8e:a8:d8:d7:28:9d:a5:
cb:54:c2:58:e4:3d:e0:da:a5:5c:c5:80:4b:2c:da:
f7:16:46:8a:04:87:ca:f8:5c:6d:fd:b8:53:f0:f7:
60:67:64:4f:57:cb:d5:c7:a2:7d:62:8b:54:51:74:
28:13:ae:08:eb:56:8e:49:4c:ac:59:5b:2c:29:5e:
f6:df:46:af:b5:5a:94:d7:d4:e7:60:08:97:f3:55:
de:fa:8b:5c:11:dc:cf:6b:ad:e3:27:f9:c3:1a:dd:
c2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:19:F4:CD:50:DD:CE:C3:B4:C5:E6:F7:E8:EC:7E:12:25:39:62:9B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Dxn0zVDdzsO0xeb36Ox-EiU5Yps.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:6c:d0:4f:d6:02:b2:85:a0:02:98:18:42:bc:42:97:60:66:
aa:21:c7:d2:a4:2f:fe:f0:ae:fa:50:d7:8f:73:09:a2:6e:a4:
03:15:57:12:cb:29:1f:b3:8b:1f:ea:63:f5:65:52:36:91:6f:
90:56:2c:e2:59:42:2d:af:78:23:af:f9:fd:b5:8e:e7:ea:a8:
df:b0:ac:b8:32:db:06:9c:81:3a:cb:7c:aa:ab:fa:c6:6a:cb:
5b:e9:0a:ed:1f:50:41:4f:9f:a5:67:96:e9:16:f6:a3:46:98:
9e:2b:39:c8:9f:4c:13:09:dc:4d:bc:10:6e:50:a8:ad:c1:33:
b6:c5:08:1e:e0:74:d1:49:c1:72:e0:5a:40:e9:fe:a5:0d:99:
2e:4a:1e:9d:db:91:15:2b:a5:08:02:55:1f:95:89:27:7e:97:
49:ad:83:43:dd:47:1e:65:c1:e9:8f:ed:19:45:b4:7c:ab:a9:
0e:57:c1:7f:5e:28:83:b2:42:79:c0:fd:3b:61:1a:be:4f:31:
46:6e:3c:f6:c3:6b:32:ee:3b:04:d9:2c:ce:ed:6e:cc:d2:81:
55:bb:3c:64:aa:58:2f:2b:1d:31:b8:40:0e:f2:c4:0f:50:8f:
97:63:64:00:88:df:e6:29:15:dc:f9:97:3a:7d:2f:4f:50:90:
d4:67:07:13
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYy
MDM4NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBGMTlGNENENTBERENF
QzNCNEM1RTZGN0U4RUM3RTEyMjUzOTYyOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe4DVILwBTy1RzxBXomBkgD6bjRgr3PBMqqY/rrtEiJXsCjleg
qlsLkPUflNWbAoYQUDRvF5sgZ13AZ7/Eay8IMYYIF2PB2Xn9b0cjLn2rn1rF5z0U
mPchUIy2shvbOGErnb9ZJTP3cDiDgrlZgz/SEpZz489F+J2jSt5IastX3uP+hikP
ZVa76UY0cEaDrreJRVPuBeMuKuXFC8pFjqjY1yidpctUwljkPeDapVzFgEss2vcW
RooEh8r4XG39uFPw92BnZE9Xy9XHon1ii1RRdCgTrgjrVo5JTKxZWywpXvbfRq+1
WpTX1OdgCJfzVd76i1wR3M9rreMn+cMa3cL9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDxn0zVDdzsO0xeb36Ox+EiU5YpswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EeG4welZEZHpzTzB4ZWIz
Nk94LUVpVTVZcHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGds0E/WArKFoAKYGEK8QpdgZqohx9KkL/7w
rvpQ149zCaJupAMVVxLLKR+zix/qY/VlUjaRb5BWLOJZQi2veCOv+f21jufqqN+w
rLgy2wacgTrLfKqr+sZqy1vpCu0fUEFPn6VnlukW9qNGmJ4rOcifTBMJ3E28EG5Q
qK3BM7bFCB7gdNFJwXLgWkDp/qUNmS5KHp3bkRUrpQgCVR+ViSd+l0mtg0PdRx5l
wemP7RlFtHyrqQ5XwX9eKIOyQnnA/TthGr5PMUZuPPbDazLuOwTZLM7tbszSgVW7
PGSqWC8rHTG4QA7yxA9Qj5djZACI3+YpFdz5lzp9L09QkNRnBxM=
-----END CERTIFICATE-----
Generated at Sun Jun 22 10:59:34 2025 by rpki-client