Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KtvwAWgt9aLU2nF10nQzrzkSWsE.roa
File: KtvwAWgt9aLU2nF10nQzrzkSWsE.roa (raw, json)
Hash identifier: tipMw2ax5cPTQYNcgGp8zNdoHEYko3OiIo83AiI49X0=
Subject key identifier: 2A:DB:F0:01:68:2D:F5:A2:D4:DA:71:75:D2:74:33:AF:39:12:5A:C1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D16
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KtvwAWgt9aLU2nF10nQzrzkSWsE.roa
Signing time: Sat 24 May 2025 12:38:33 +0000
ROA not before: Sat 24 May 2025 12:38:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3350 (0xd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 12:38:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2ADBF001682DF5A2D4DA7175D27433AF39125AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:3c:24:d4:18:81:8f:d0:48:cc:78:27:28:
5c:11:80:30:4b:9f:98:47:0e:1e:05:82:68:c1:60:
8d:8d:66:aa:63:aa:e6:cf:a4:d5:b7:cf:8b:01:a6:
31:40:0d:24:5d:cb:ea:2d:0e:c0:93:c8:db:73:5b:
44:48:ca:ba:1a:d6:a7:aa:ff:e6:ca:91:76:ea:19:
7c:e8:d7:b9:1b:71:04:31:43:b9:9e:85:ea:f7:fe:
18:4b:92:7b:1a:e1:a0:e0:07:cf:e6:66:88:5f:fc:
93:c0:ea:8d:e7:de:fe:49:34:21:5e:ab:e4:3e:09:
e4:9d:e6:0a:5c:ce:40:4e:5e:c5:c1:a3:07:fb:a9:
74:e8:37:88:5d:c7:65:20:df:6a:f3:8f:90:b2:25:
c6:3c:1b:8f:6a:d3:38:99:17:de:95:2e:c5:4e:c5:
9d:27:32:08:cf:45:95:e8:9a:c3:9b:57:a4:9c:4e:
e4:70:30:9a:78:32:4c:99:f0:7d:e3:e7:b6:47:c7:
bf:3b:2d:57:7a:db:0e:41:0c:33:d5:b7:d2:34:36:
31:ed:f1:e8:07:de:33:ca:6d:c6:aa:8e:df:84:1f:
87:6f:18:e4:b5:6f:8d:6a:a5:c3:dc:b8:95:2a:28:
96:72:54:93:7e:be:6d:b5:5f:a4:e2:b8:69:e9:fd:
ab:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DB:F0:01:68:2D:F5:A2:D4:DA:71:75:D2:74:33:AF:39:12:5A:C1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KtvwAWgt9aLU2nF10nQzrzkSWsE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:9b:de:23:cd:8a:92:d4:21:2d:0b:e4:05:95:18:b7:95:8d:
61:ca:59:44:27:c5:8c:4f:a6:63:24:bf:2c:ea:d5:6b:3d:e7:
1f:4e:7e:27:47:7e:44:68:39:c8:32:68:ae:76:f1:3b:b6:76:
ae:16:9a:38:d9:23:41:5f:35:95:77:3f:6e:40:c9:54:75:17:
98:a8:92:01:19:90:fa:16:f1:3d:a5:0a:f0:a8:a6:9c:c4:fe:
39:b9:26:1a:53:38:af:23:ad:de:94:b2:b4:07:fa:f7:91:cc:
59:57:61:fd:ee:be:88:4d:6b:2f:3b:05:a6:b6:27:ab:a4:6d:
d3:58:6f:e6:a7:48:e2:77:99:54:65:8d:3c:c8:f4:ee:13:a7:
4c:28:49:f0:be:61:a9:5e:dd:52:4d:07:81:7e:27:e7:d2:49:
fd:74:b3:6b:52:f9:ea:54:ee:cc:c5:ee:41:71:5b:45:4a:6b:
59:35:5b:24:7f:9c:cf:11:9f:53:08:60:96:4b:0f:4a:b8:d7:
67:3f:a1:6d:7f:d2:e2:76:e7:2e:33:9b:5e:f6:f7:1a:1b:ac:
32:2f:31:7a:45:cc:22:dc:45:76:f3:01:29:bd:75:32:5b:13:
1e:d1:4f:a9:9d:dc:8a:4b:d9:16:d4:94:b3:4a:46:eb:0e:5d:
78:63:f9:d8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
MjM4MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJBREJGMDAxNjgyREY1
QTJENERBNzE3NUQyNzQzM0FGMzkxMjVBQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzozwk1BiBj9BIzHgnKFwRgDBLn5hHDh4FgmjBYI2NZqpjqubP
pNW3z4sBpjFADSRdy+otDsCTyNtzW0RIyroa1qeq/+bKkXbqGXzo17kbcQQxQ7me
her3/hhLknsa4aDgB8/mZohf/JPA6o3n3v5JNCFeq+Q+CeSd5gpczkBOXsXBowf7
qXToN4hdx2Ug32rzj5CyJcY8G49q0ziZF96VLsVOxZ0nMgjPRZXomsObV6ScTuRw
MJp4MkyZ8H3j57ZHx787LVd62w5BDDPVt9I0NjHt8egH3jPKbcaqjt+EH4dvGOS1
b41qpcPcuJUqKJZyVJN+vm21X6TiuGnp/auVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKtvwAWgt9aLU2nF10nQzrzkSWsEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LdHZ3QVdndDlhTFUybkYx
MG5RenJ6a1NXc0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFmb3iPNipLUIS0L5AWVGLeVjWHKWUQnxYxP
pmMkvyzq1Ws95x9OfidHfkRoOcgyaK528Tu2dq4WmjjZI0FfNZV3P25AyVR1F5io
kgEZkPoW8T2lCvCoppzE/jm5JhpTOK8jrd6UsrQH+veRzFlXYf3uvohNay87Baa2
J6ukbdNYb+anSOJ3mVRljTzI9O4Tp0woSfC+Yale3VJNB4F+J+fSSf10s2tS+epU
7szF7kFxW0VKa1k1WyR/nM8Rn1MIYJZLD0q412c/oW1/0uJ25y4zm1729xobrDIv
MXpFzCLcRXbzASm9dTJbEx7RT6md3IpL2RbUlLNKRusOXXhj+dg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 17:48:33 2025 by rpki-client