Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/NFZDm5Eivkki8Yq4M_UmOKLhnKg.roa
File: NFZDm5Eivkki8Yq4M_UmOKLhnKg.roa (raw, json)
Hash identifier: CW/8tHT2UyQTLAzlHyrRP8oP90rpN2atGLIABRsSDcg=
Subject key identifier: 34:56:43:9B:91:22:BE:49:22:F1:8A:B8:33:F5:26:38:A2:E1:9C:A8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BCA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NFZDm5Eivkki8Yq4M_UmOKLhnKg.roa
Signing time: Thu 22 May 2025 19:08:25 +0000
ROA not before: Thu 22 May 2025 19:08:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3018 (0xbca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 19:08:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3456439B9122BE4922F18AB833F52638A2E19CA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:8b:2a:de:25:fd:3f:9c:0e:9a:b0:cf:07:
af:14:e8:3e:99:f6:93:6e:ca:00:c4:fc:31:e1:90:
8a:af:0b:7b:8e:6b:ea:e8:af:7a:90:df:47:ef:ef:
e2:5b:ab:f6:15:cf:c7:3c:14:4a:08:ef:4a:5e:79:
23:a4:69:79:28:fb:af:5a:f8:f3:cd:91:19:71:4a:
d8:4f:b2:b9:78:b9:6d:59:c9:41:65:72:03:e5:1f:
18:e1:02:13:77:45:99:67:83:a3:86:df:04:b8:98:
75:c1:ad:d2:6b:7f:5d:54:38:c4:8d:9f:67:f2:f0:
7f:40:00:e1:38:c6:0e:fa:b9:df:73:45:16:12:27:
05:7f:c7:13:13:ea:21:80:c5:4a:ad:63:fb:e6:ed:
d7:27:b7:89:ad:e2:35:85:98:0d:41:44:5c:7b:47:
ad:29:d8:a1:11:37:24:0e:b0:95:dd:1e:18:96:33:
17:e9:c8:e4:5e:b7:d0:1f:b1:9d:9e:39:c6:17:77:
a0:d3:37:55:ff:42:b4:fa:77:3e:63:c7:79:fb:b3:
ea:c9:54:06:27:99:7a:78:a8:95:e1:d0:95:d8:73:
3c:1f:56:f7:74:6d:d2:59:1f:bf:e4:d3:3e:7a:21:
ce:6e:47:d8:68:4c:73:bd:85:0b:21:5d:11:0c:92:
1d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:56:43:9B:91:22:BE:49:22:F1:8A:B8:33:F5:26:38:A2:E1:9C:A8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NFZDm5Eivkki8Yq4M_UmOKLhnKg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:e4:77:2d:a1:00:e4:b8:57:7b:96:b2:a5:e3:db:e3:fe:ae:
75:c6:0a:47:4e:3f:13:88:a7:ec:e6:e5:07:6c:66:5d:d1:8f:
03:a5:98:87:c1:61:c1:71:27:c1:b3:c9:3b:55:81:b5:a0:cd:
b9:bc:12:ae:fe:cf:3d:45:72:6a:f5:3e:b5:63:14:e5:0e:fd:
18:1e:aa:8e:b9:d9:90:12:e2:7d:e3:aa:90:5a:82:72:bd:d5:
63:6a:3f:93:43:54:9d:dd:1a:5d:c6:67:6f:02:1a:12:90:e9:
c2:b0:7f:43:cd:2c:41:c5:2b:dd:3c:cc:13:ff:93:8e:10:30:
29:e1:af:f0:ee:03:52:12:c1:5f:71:73:8a:a1:4c:5c:96:37:
ca:4c:31:0b:87:02:8b:4a:01:4a:04:f4:d1:25:86:4e:45:32:
6b:22:e8:45:34:52:74:a6:12:d6:d2:3f:3d:41:17:ba:b4:20:
08:53:c0:f9:50:83:01:6d:97:66:35:c9:c1:b7:7d:8a:71:bd:
ce:da:0d:f4:61:d7:ca:79:e7:c1:04:34:e4:91:7d:b7:be:9f:
6d:69:c9:40:9f:1f:7c:0b:33:b4:92:d2:62:13:5d:eb:94:c4:
17:6e:af:5e:0a:d1:85:7d:8f:e9:78:55:ef:1d:14:b5:ff:df:
62:19:a7:76
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
OTA4MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM0NTY0MzlCOTEyMkJF
NDkyMkYxOEFCODMzRjUyNjM4QTJFMTlDQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfyYsq3iX9P5wOmrDPB68U6D6Z9pNuygDE/DHhkIqvC3uOa+ro
r3qQ30fv7+Jbq/YVz8c8FEoI70peeSOkaXko+69a+PPNkRlxSthPsrl4uW1ZyUFl
cgPlHxjhAhN3RZlng6OG3wS4mHXBrdJrf11UOMSNn2fy8H9AAOE4xg76ud9zRRYS
JwV/xxMT6iGAxUqtY/vm7dcnt4mt4jWFmA1BRFx7R60p2KERNyQOsJXdHhiWMxfp
yORet9AfsZ2eOcYXd6DTN1X/QrT6dz5jx3n7s+rJVAYnmXp4qJXh0JXYczwfVvd0
bdJZH7/k0z56Ic5uR9hoTHO9hQshXREMkh3DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNFZDm5Eivkki8Yq4M/UmOKLhnKgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ORlpEbTVFaXZra2k4WXE0
TV9VbU9LTGhuS2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFrkdy2hAOS4V3uWsqXj2+P+rnXGCkdOPxOI
p+zm5QdsZl3RjwOlmIfBYcFxJ8GzyTtVgbWgzbm8Eq7+zz1Fcmr1PrVjFOUO/Rge
qo652ZAS4n3jqpBagnK91WNqP5NDVJ3dGl3GZ28CGhKQ6cKwf0PNLEHFK908zBP/
k44QMCnhr/DuA1ISwV9xc4qhTFyWN8pMMQuHAotKAUoE9NElhk5FMmsi6EU0UnSm
EtbSPz1BF7q0IAhTwPlQgwFtl2Y1ycG3fYpxvc7aDfRh18p558EENOSRfbe+n21p
yUCfH3wLM7SS0mITXeuUxBdur14K0YV9j+l4Ve8dFLX/32IZp3Y=
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:47:49 2025 by rpki-client