Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PeDBTzxPaH8p747SpjQLybjs5vg.roa
File: PeDBTzxPaH8p747SpjQLybjs5vg.roa (raw, json)
Hash identifier: hwhzOuaj5bgzamVuDFnudfYbrLfWBgPCf2l7XvlIItk=
Subject key identifier: 3D:E0:C1:4F:3C:4F:68:7F:29:EF:8E:D2:A6:34:0B:C9:B8:EC:E6:F8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D1E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PeDBTzxPaH8p747SpjQLybjs5vg.roa
Signing time: Sat 24 May 2025 13:38:32 +0000
ROA not before: Sat 24 May 2025 13:38:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3358 (0xd1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 13:38:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3DE0C14F3C4F687F29EF8ED2A6340BC9B8ECE6F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d7:d9:09:9a:6f:89:85:d8:3c:13:d4:93:88:
b5:e0:0b:55:57:f3:09:ba:da:e3:f8:61:34:20:2c:
52:70:ee:06:7e:e2:f5:0d:96:ea:2b:49:31:1a:0e:
29:3d:30:4c:d6:66:ba:72:cf:06:d5:6f:61:1b:e9:
ad:4b:55:c8:08:60:16:cb:2b:21:c7:03:f8:ea:e4:
8d:5d:3a:b0:5a:8a:c0:d8:18:85:f8:30:d5:b4:3d:
90:84:19:ac:ec:f5:e7:bb:2b:34:b4:ac:50:83:d8:
91:b2:4d:a5:02:31:51:78:55:0c:7d:2d:c3:96:87:
81:66:b8:0e:c1:f9:87:d4:fe:86:81:00:70:f1:7a:
3e:cc:22:6a:5b:4f:16:9d:95:bb:82:b2:f2:f1:e4:
e1:ad:34:ea:37:2f:c0:a8:b5:34:7f:75:b9:03:62:
9a:ce:2f:65:29:33:73:24:ee:f5:5a:6b:22:2a:26:
8e:21:a4:ce:08:00:d8:72:21:f1:8f:5b:b0:66:b0:
51:85:5d:79:20:30:d9:64:f0:c0:78:f2:ca:db:32:
8f:73:8f:60:99:13:35:e8:01:55:bb:4a:df:19:4a:
80:84:00:cc:cc:1a:ff:9f:97:95:54:76:41:ef:54:
48:e8:a4:c8:f4:3e:11:90:e2:36:04:eb:49:3a:36:
f0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E0:C1:4F:3C:4F:68:7F:29:EF:8E:D2:A6:34:0B:C9:B8:EC:E6:F8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PeDBTzxPaH8p747SpjQLybjs5vg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:43:71:1b:52:4c:db:7f:d7:78:80:e4:f4:2a:cd:25:66:cf:
fa:b5:33:5f:c1:4d:73:c4:34:a1:5e:2e:60:cb:3f:eb:e2:b4:
ca:ef:f8:75:a8:a7:5e:ee:6c:b7:af:a5:ed:88:48:c0:78:01:
f2:ba:8e:85:51:01:eb:d1:60:e3:af:26:ac:99:85:b4:43:2d:
88:52:fd:7c:56:a4:60:2e:42:c9:32:78:c0:70:62:f5:3f:4f:
68:e0:b4:3c:77:63:de:af:17:30:77:58:37:06:f5:0f:d4:5d:
60:46:86:b7:de:a4:a0:79:70:62:5b:0d:5a:43:fe:18:8d:e9:
0f:c6:4c:29:8f:8c:9b:f3:7a:e2:ed:92:11:9b:13:53:5f:3a:
52:d0:28:a7:6e:01:03:83:67:6c:ec:60:80:4c:43:7d:c5:52:
23:da:20:78:11:00:74:1f:99:4a:83:f7:fb:4f:a0:8e:97:a4:
b5:d8:a4:5e:61:7b:5e:d2:65:a3:df:45:d2:38:40:6b:95:69:
30:bb:1d:5d:1b:d2:b9:b8:3a:a9:ff:3c:37:a7:ef:23:31:84:
34:54:41:f6:85:a7:4c:b2:bd:50:c7:2a:75:93:b5:e1:e7:49:
bb:23:87:47:30:8e:db:c7:1f:ec:a7:02:9c:41:fc:91:8c:59:
62:95:7d:40
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
MzM4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNERTBDMTRGM0M0RjY4
N0YyOUVGOEVEMkE2MzQwQkM5QjhFQ0U2RjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA19kJmm+Jhdg8E9STiLXgC1VX8wm62uP4YTQgLFJw7gZ+4vUN
luorSTEaDik9MEzWZrpyzwbVb2Eb6a1LVcgIYBbLKyHHA/jq5I1dOrBaisDYGIX4
MNW0PZCEGazs9ee7KzS0rFCD2JGyTaUCMVF4VQx9LcOWh4FmuA7B+YfU/oaBAHDx
ej7MImpbTxadlbuCsvLx5OGtNOo3L8CotTR/dbkDYprOL2UpM3Mk7vVaayIqJo4h
pM4IANhyIfGPW7BmsFGFXXkgMNlk8MB48srbMo9zj2CZEzXoAVW7St8ZSoCEAMzM
Gv+fl5VUdkHvVEjopMj0PhGQ4jYE60k6NvBtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPeDBTzxPaH8p747SpjQLybjs5vgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QZURCVHp4UGFIOHA3NDdT
cGpRTHlianM1dmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHVDcRtSTNt/13iA5PQqzSVmz/q1M1/BTXPE
NKFeLmDLP+vitMrv+HWop17ubLevpe2ISMB4AfK6joVRAevRYOOvJqyZhbRDLYhS
/XxWpGAuQskyeMBwYvU/T2jgtDx3Y96vFzB3WDcG9Q/UXWBGhrfepKB5cGJbDVpD
/hiN6Q/GTCmPjJvzeuLtkhGbE1NfOlLQKKduAQODZ2zsYIBMQ33FUiPaIHgRAHQf
mUqD9/tPoI6XpLXYpF5he17SZaPfRdI4QGuVaTC7HV0b0rm4Oqn/PDen7yMxhDRU
QfaFp0yyvVDHKnWTteHnSbsjh0cwjtvHH+ynApxB/JGMWWKVfUA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:28:17 2025 by rpki-client