Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/M3_xRF1m3iq07VD6ptQZK6TClR8.roa
File: M3_xRF1m3iq07VD6ptQZK6TClR8.roa (raw, json)
Hash identifier: w5N6LRU5a66tw/7wZj9a1gYfEiCGJy0/ujRQ38awFd8=
Subject key identifier: 33:7F:F1:44:5D:66:DE:2A:B4:ED:50:FA:A6:D4:19:2B:A4:C2:95:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DBE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M3_xRF1m3iq07VD6ptQZK6TClR8.roa
Signing time: Sun 25 May 2025 09:39:17 +0000
ROA not before: Sun 25 May 2025 09:39:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3518 (0xdbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 09:39:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=337FF1445D66DE2AB4ED50FAA6D4192BA4C2951F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4c:49:2d:25:f6:2a:31:c8:78:1a:c7:0c:d7:
08:2c:3d:25:bd:9c:6a:7f:e1:5c:d9:95:7f:d0:2d:
bb:3a:78:b4:cb:60:54:96:2e:0c:cf:4b:de:fa:d6:
5a:85:b6:60:8f:6a:55:f1:7f:5a:a9:49:53:79:a5:
40:41:54:bc:9e:3c:82:af:58:72:52:c9:0c:69:72:
3c:93:c7:3e:7c:cd:6f:93:59:1a:aa:e4:b7:d9:42:
ae:75:d0:56:04:50:e7:1e:33:b9:11:da:1a:db:58:
17:5f:99:d3:9a:99:d2:24:43:30:e3:c0:69:fe:fe:
5e:5f:61:98:bf:86:2f:d5:09:b7:eb:7b:19:8e:96:
d7:50:25:73:ce:2f:45:68:ea:e3:1d:95:c3:c7:6f:
ed:49:dc:3f:02:13:46:9c:12:41:86:a7:56:be:90:
d0:8e:29:4c:38:ae:98:2c:21:e1:ec:6b:2c:3a:92:
b4:4f:6d:28:d5:22:5a:58:85:16:73:03:17:15:fe:
78:8f:9c:94:bf:f3:db:4d:55:31:44:07:ae:01:c4:
6e:c1:95:a4:c3:bf:f9:04:e7:f6:89:fa:72:14:51:
ce:28:d6:d7:d3:90:af:00:93:94:77:3f:67:5f:fb:
53:5b:84:f1:93:cb:9e:61:08:e9:cb:cc:1d:8b:9b:
ef:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:7F:F1:44:5D:66:DE:2A:B4:ED:50:FA:A6:D4:19:2B:A4:C2:95:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M3_xRF1m3iq07VD6ptQZK6TClR8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:96:a7:67:9a:d1:d0:d2:21:90:e0:70:29:2c:e2:8b:4f:38:
e0:95:b8:22:68:e0:b8:9c:30:19:3b:40:8a:fc:9c:92:ed:9a:
d0:25:f5:0b:7b:16:93:da:60:42:31:95:9e:8d:ad:1f:be:21:
b7:f9:14:89:5c:15:d9:1e:f9:05:b8:e3:42:d9:28:23:b0:5d:
89:e5:32:18:eb:5d:12:5e:62:37:1e:70:66:69:eb:2c:c1:57:
d3:b8:f4:7b:72:34:23:bd:8d:2e:0f:40:f9:f7:0c:3b:9d:4a:
3a:dd:0d:0c:db:45:a1:93:c0:92:28:b9:14:ee:5d:02:b0:2c:
fc:54:01:62:0f:d4:1c:2f:18:18:aa:99:f2:9f:ce:8d:77:b8:
26:2a:1c:d7:1f:57:f0:46:07:d8:c0:69:d6:15:c3:39:97:b8:
23:00:d1:e0:73:19:4d:4c:e5:fe:7c:73:40:b1:d4:fd:38:e2:
fa:7a:83:4d:ed:24:fa:1b:52:13:c3:bb:b0:4d:5d:15:41:f8:
da:31:6a:ae:80:10:bd:4d:ab:67:74:9c:38:5e:7d:d6:a3:ca:
5e:45:f1:25:a5:e5:1f:d6:47:b4:d4:30:f5:3f:fc:e9:18:7b:
82:cd:82:93:1e:4a:3a:42:09:98:0e:50:06:1c:22:37:84:b6:
24:b0:f2:fe
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
OTM5MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMzN0ZGMTQ0NUQ2NkRF
MkFCNEVENTBGQUE2RDQxOTJCQTRDMjk1MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4TEktJfYqMch4GscM1wgsPSW9nGp/4VzZlX/QLbs6eLTLYFSW
LgzPS9761lqFtmCPalXxf1qpSVN5pUBBVLyePIKvWHJSyQxpcjyTxz58zW+TWRqq
5LfZQq510FYEUOceM7kR2hrbWBdfmdOamdIkQzDjwGn+/l5fYZi/hi/VCbfrexmO
ltdQJXPOL0Vo6uMdlcPHb+1J3D8CE0acEkGGp1a+kNCOKUw4rpgsIeHsayw6krRP
bSjVIlpYhRZzAxcV/niPnJS/89tNVTFEB64BxG7BlaTDv/kE5/aJ+nIUUc4o1tfT
kK8Ak5R3P2df+1NbhPGTy55hCOnLzB2Lm+/DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUM3/xRF1m3iq07VD6ptQZK6TClR8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NM194UkYxbTNpcTA3VkQ2
cHRRWks2VENsUjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFmWp2ea0dDSIZDgcCks4otPOOCVuCJo4Lic
MBk7QIr8nJLtmtAl9Qt7FpPaYEIxlZ6NrR++Ibf5FIlcFdke+QW440LZKCOwXYnl
MhjrXRJeYjcecGZp6yzBV9O49HtyNCO9jS4PQPn3DDudSjrdDQzbRaGTwJIouRTu
XQKwLPxUAWIP1BwvGBiqmfKfzo13uCYqHNcfV/BGB9jAadYVwzmXuCMA0eBzGU1M
5f58c0Cx1P044vp6g03tJPobUhPDu7BNXRVB+Noxaq6AEL1Nq2d0nDhefdajyl5F
8SWl5R/WR7TUMPU//OkYe4LNgpMeSjpCCZgOUAYcIjeEtiSw8v4=
-----END CERTIFICATE-----
Generated at Sat Jun 21 03:54:14 2025 by rpki-client