Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PhBlZKkt7fiYOHNt9qVq1zm_nMc.roa
File: PhBlZKkt7fiYOHNt9qVq1zm_nMc.roa (raw, json)
Hash identifier: 87nA+3wyPsAq+LDiWlOFAyjrfqj0yzQY7zBr+FMHhoI=
Subject key identifier: 3E:10:65:64:A9:2D:ED:F8:98:38:73:6D:F6:A5:6A:D7:39:BF:9C:C7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0A8A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PhBlZKkt7fiYOHNt9qVq1zm_nMc.roa
Signing time: Wed 21 May 2025 03:08:23 +0000
ROA not before: Wed 21 May 2025 03:08:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2698 (0xa8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 03:08:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3E106564A92DEDF89838736DF6A56AD739BF9CC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bc:31:05:6c:a9:99:cd:49:ab:f2:6f:e0:ac:
95:ac:cc:da:32:3a:84:56:27:40:96:d6:0c:3d:08:
50:e8:08:66:3c:b7:a7:c3:1d:ba:ba:8c:ed:7b:bc:
52:23:b0:7d:43:6d:37:c5:be:9f:e7:00:4e:d8:32:
62:b8:b5:1d:bb:b0:7c:50:86:99:47:34:6f:fa:fe:
42:1e:1d:09:cc:61:56:59:e6:95:43:01:84:95:fe:
6b:0f:79:c8:ca:6e:7e:14:62:ce:42:88:63:d4:a3:
fc:37:62:be:b9:50:ee:7c:a9:26:f9:84:95:1b:84:
66:66:ba:6d:a1:9f:8c:0d:52:c4:3e:57:30:9d:78:
e7:44:af:fa:a8:9f:4a:a4:0d:96:d6:a1:4e:51:a6:
29:ae:0c:30:e5:c2:5c:96:f0:db:2f:65:b1:1d:65:
b0:f0:7b:3c:0a:68:60:af:c9:a2:56:0e:83:f4:2b:
4f:de:4e:18:fd:5a:b8:ed:aa:2a:8b:d1:d4:23:ea:
3b:17:3b:29:c4:24:f5:58:a3:eb:ea:19:a2:f4:4f:
b2:25:1a:99:75:04:42:e1:b0:95:71:b0:46:66:c1:
8f:32:b2:c8:fb:7a:01:38:b3:0d:26:2d:e3:b0:59:
2e:79:f2:97:6b:ec:6e:dd:e3:a8:13:aa:05:82:ca:
c1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:10:65:64:A9:2D:ED:F8:98:38:73:6D:F6:A5:6A:D7:39:BF:9C:C7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PhBlZKkt7fiYOHNt9qVq1zm_nMc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:05:b9:56:38:75:9a:4c:d4:ac:4b:46:67:99:1f:2b:df:10:
0e:d9:e8:bc:30:8a:40:36:a7:d6:0a:4f:7d:f2:af:0d:60:f6:
b6:4a:f9:0b:b0:93:a3:f6:b2:2c:26:70:d4:69:2e:3c:42:43:
a9:9c:19:ed:47:72:0d:cc:19:67:ee:ca:67:01:58:0e:4e:d5:
ec:cf:d2:4f:67:b7:ba:d2:35:fc:92:e9:2a:e1:1f:db:00:b3:
dd:3d:3a:3f:56:7e:77:49:f6:e1:19:ed:97:62:ce:fa:77:6d:
aa:e2:21:32:5f:1b:17:46:c7:76:ed:bf:4c:72:5f:2f:36:b8:
94:a4:57:82:28:c2:80:75:09:78:13:6d:58:f6:14:29:4a:b6:
1c:5d:20:42:02:1c:25:0c:92:3a:b1:43:c3:7d:f4:05:09:2e:
e9:eb:2d:ac:1a:d8:08:49:05:b9:38:4e:b9:7f:d2:3c:84:b6:
6b:05:58:a9:18:30:fb:61:f2:d1:fc:c3:ac:4b:45:2e:c5:45:
e1:b1:ed:f3:67:27:ac:bc:f9:b8:69:a5:43:1b:50:ec:1c:53:
22:a6:b1:bb:7d:c7:dd:81:60:bb:bc:e5:7f:7b:6c:9b:dd:5b:
6f:c5:07:8c:c9:60:8c:f9:0b:d5:d5:6e:0e:54:a4:42:ba:6b:
55:41:89:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
MzA4MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNFMTA2NTY0QTkyREVE
Rjg5ODM4NzM2REY2QTU2QUQ3MzlCRjlDQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdvDEFbKmZzUmr8m/grJWszNoyOoRWJ0CW1gw9CFDoCGY8t6fD
Hbq6jO17vFIjsH1DbTfFvp/nAE7YMmK4tR27sHxQhplHNG/6/kIeHQnMYVZZ5pVD
AYSV/msPecjKbn4UYs5CiGPUo/w3Yr65UO58qSb5hJUbhGZmum2hn4wNUsQ+VzCd
eOdEr/qon0qkDZbWoU5RpimuDDDlwlyW8NsvZbEdZbDwezwKaGCvyaJWDoP0K0/e
Thj9WrjtqiqL0dQj6jsXOynEJPVYo+vqGaL0T7IlGpl1BELhsJVxsEZmwY8yssj7
egE4sw0mLeOwWS558pdr7G7d46gTqgWCysGhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPhBlZKkt7fiYOHNt9qVq1zm/nMcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QaEJsWktrdDdmaVlPSE50
OXFWcTF6bV9uTWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIAFuVY4dZpM1KxLRmeZHyvfEA7Z6LwwikA2
p9YKT33yrw1g9rZK+Quwk6P2siwmcNRpLjxCQ6mcGe1Hcg3MGWfuymcBWA5O1ezP
0k9nt7rSNfyS6SrhH9sAs909Oj9WfndJ9uEZ7Zdizvp3bariITJfGxdGx3btv0xy
Xy82uJSkV4IowoB1CXgTbVj2FClKthxdIEICHCUMkjqxQ8N99AUJLunrLawa2AhJ
Bbk4Trl/0jyEtmsFWKkYMPth8tH8w6xLRS7FReGx7fNnJ6y8+bhppUMbUOwcUyKm
sbt9x92BYLu85X97bJvdW2/FB4zJYIz5C9XVbg5UpEK6a1VBiWA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 18:11:30 2025 by rpki-client