Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Gtpylld3FIj5jb4clg8ck12laMI.roa
File: Gtpylld3FIj5jb4clg8ck12laMI.roa (raw, json)
Hash identifier: 4SshXzyHqBYz1KbFbnW98UIiGIA3YGHFl0EXCo5MeYo=
Subject key identifier: 1A:DA:72:96:57:77:14:88:F9:8D:BE:1C:96:0F:1C:93:5D:A5:68:C2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BEA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Gtpylld3FIj5jb4clg8ck12laMI.roa
Signing time: Thu 22 May 2025 23:09:07 +0000
ROA not before: Thu 22 May 2025 23:09:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3050 (0xbea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 23:09:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1ADA729657771488F98DBE1C960F1C935DA568C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2f:7f:ca:85:f2:e0:5c:da:0b:2c:21:d0:13:
44:92:36:8f:d9:e6:d9:a5:ac:7d:de:18:15:b2:be:
f9:f4:13:20:37:ae:40:33:2a:18:e7:be:42:0f:5e:
bc:58:95:21:d1:1e:30:3a:11:20:7f:b4:28:23:ca:
19:89:b4:06:cd:97:e3:ef:04:4b:ac:92:15:de:16:
3e:29:0a:52:a4:f8:35:a8:e9:a6:32:42:3d:87:21:
82:43:2e:71:29:d0:33:d7:70:ba:da:09:32:e1:84:
e7:a6:c4:f4:12:62:f0:15:9f:d3:08:21:a9:b5:d1:
04:45:27:b4:16:ee:15:54:2d:fd:d4:1e:d1:20:e5:
6e:bf:83:bf:1c:95:4a:18:40:26:76:3d:4d:e0:54:
53:99:dd:c3:1c:c6:62:96:45:30:cc:cd:8c:23:ee:
91:65:d5:b0:ab:9c:ca:97:23:5c:7c:a8:d3:d9:ac:
aa:d8:48:2d:48:ae:fd:c3:82:50:e6:28:b6:3f:30:
1f:bf:57:0d:d8:ff:0b:01:31:ea:ee:15:38:f9:3f:
11:25:3e:c4:af:c4:7f:17:e6:30:67:e3:9a:4a:3c:
aa:ad:a0:8b:c4:f9:02:6f:91:8a:89:4b:19:25:01:
ea:ca:ad:05:0c:bf:cd:54:35:51:cf:46:e0:93:cb:
28:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DA:72:96:57:77:14:88:F9:8D:BE:1C:96:0F:1C:93:5D:A5:68:C2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Gtpylld3FIj5jb4clg8ck12laMI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:8a:fe:b1:5e:97:1c:b9:7f:d3:57:7d:5c:ea:3e:2c:5a:73:
36:43:b5:3a:68:93:ea:f4:ed:11:c9:d0:f3:2a:fc:57:2c:ca:
22:c5:50:7c:61:89:95:ae:10:c9:13:ab:04:a8:a6:2f:40:9d:
f4:21:0b:79:b8:be:f4:dd:01:83:3f:ab:7b:e9:79:f2:52:4d:
14:87:1c:6f:cb:04:ed:44:56:e2:cd:ec:12:61:10:0b:ba:87:
7b:7c:d6:4c:3f:77:d6:33:36:0d:bd:67:d9:a4:bc:12:a1:56:
0a:eb:8b:f1:e5:e3:8a:a3:69:e5:41:7e:2b:a3:b2:28:8d:1b:
23:79:65:c8:ec:bb:ce:9b:d9:20:0b:46:bc:fd:6e:ac:a1:ed:
d8:51:b8:f7:00:ae:c6:b6:f7:76:2a:4b:2f:88:f0:0c:9d:eb:
e0:d4:40:8a:23:72:07:50:42:e8:85:f9:b1:e7:ee:28:e8:db:
f1:e9:82:bd:80:54:dc:44:a0:d6:85:7d:83:e2:16:63:b7:73:
67:7b:9f:c0:1e:b2:2d:0c:91:f1:28:10:ff:4e:3f:8d:f5:c2:
51:df:d7:3c:78:3b:92:eb:7c:6a:a2:37:a2:fc:f1:db:2e:a2:
4a:4b:fe:d3:e6:af:42:2e:ab:79:16:2c:fd:41:4a:40:c7:b3:
66:06:4c:09
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC+owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIy
MzA5MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFBREE3Mjk2NTc3NzE0
ODhGOThEQkUxQzk2MEYxQzkzNURBNTY4QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKL3/KhfLgXNoLLCHQE0SSNo/Z5tmlrH3eGBWyvvn0EyA3rkAz
KhjnvkIPXrxYlSHRHjA6ESB/tCgjyhmJtAbNl+PvBEuskhXeFj4pClKk+DWo6aYy
Qj2HIYJDLnEp0DPXcLraCTLhhOemxPQSYvAVn9MIIam10QRFJ7QW7hVULf3UHtEg
5W6/g78clUoYQCZ2PU3gVFOZ3cMcxmKWRTDMzYwj7pFl1bCrnMqXI1x8qNPZrKrY
SC1Irv3DglDmKLY/MB+/Vw3Y/wsBMeruFTj5PxElPsSvxH8X5jBn45pKPKqtoIvE
+QJvkYqJSxklAerKrQUMv81UNVHPRuCTyyivAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGtpylld3FIj5jb4clg8ck12laMIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HdHB5bGxkM0ZJajVqYjRj
bGc4Y2sxMmxhTUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHaK/rFelxy5f9NXfVzqPixaczZDtTpok+r0
7RHJ0PMq/FcsyiLFUHxhiZWuEMkTqwSopi9AnfQhC3m4vvTdAYM/q3vpefJSTRSH
HG/LBO1EVuLN7BJhEAu6h3t81kw/d9YzNg29Z9mkvBKhVgrri/Hl44qjaeVBfiuj
siiNGyN5Zcjsu86b2SALRrz9bqyh7dhRuPcArsa293YqSy+I8Ayd6+DUQIojcgdQ
QuiF+bHn7ijo2/Hpgr2AVNxEoNaFfYPiFmO3c2d7n8Aesi0MkfEoEP9OP431wlHf
1zx4O5LrfGqiN6L88dsuokpL/tPmr0Iuq3kWLP1BSkDHs2YGTAk=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:34:20 2025 by rpki-client