Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RvygLq2Z9fJNARWz3EIqAHNZSKI.roa
File: RvygLq2Z9fJNARWz3EIqAHNZSKI.roa (raw, json)
Hash identifier: 4H/cpSDXHuutlx4dr4v3AnjPWGJDkpq2M8tZdjzka3E=
Subject key identifier: 46:FC:A0:2E:AD:99:F5:F2:4D:01:15:B3:DC:42:2A:00:73:59:48:A2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0746
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RvygLq2Z9fJNARWz3EIqAHNZSKI.roa
Signing time: Fri 16 May 2025 18:38:04 +0000
ROA not before: Fri 16 May 2025 18:38:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1862 (0x746)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 18:38:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=46FCA02EAD99F5F24D0115B3DC422A00735948A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3f:70:77:8f:20:ed:3f:04:c5:fb:bb:1d:3f:
62:9e:86:8b:74:f8:cc:4c:2b:cd:14:79:a8:e6:69:
53:b6:18:ac:b3:11:ce:fa:71:c1:03:6b:e0:8b:fe:
78:0f:74:0b:49:d1:ac:28:5c:0a:7c:23:2d:10:35:
04:24:b5:1e:5d:0f:76:dd:24:a8:53:30:e4:82:ee:
26:bf:03:54:a2:61:44:14:21:ad:e8:88:f7:67:da:
7b:d2:7d:1d:b3:d5:41:b6:f4:86:4d:09:85:12:8b:
c5:92:31:0e:8b:6f:6f:47:6a:7d:b0:1f:e3:99:c9:
7d:0f:61:c3:58:81:fd:9e:b1:b5:98:ee:94:0c:0a:
14:65:95:69:37:d0:c8:14:5b:10:cd:88:a2:8a:e6:
4e:6f:f8:47:0c:ba:12:58:8d:7b:79:a9:7b:38:f6:
0e:46:c9:bf:25:f4:22:c3:70:57:a6:c7:88:44:88:
cf:32:1c:05:7f:12:37:37:6b:68:2f:de:f5:fa:f2:
c0:72:32:30:7e:cc:d7:c0:59:fe:fd:6e:f9:94:18:
9a:6d:42:f6:9c:61:f4:db:0a:cd:a4:39:62:38:1c:
b9:02:62:2e:f6:57:30:4c:d4:93:ca:fd:9e:e5:6a:
03:3c:d4:91:c8:fb:91:94:52:fb:26:bb:03:37:6d:
30:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:FC:A0:2E:AD:99:F5:F2:4D:01:15:B3:DC:42:2A:00:73:59:48:A2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RvygLq2Z9fJNARWz3EIqAHNZSKI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:2a:56:63:ac:f1:ae:8e:58:6c:ad:60:34:5a:0b:9f:17:90:
34:39:35:39:f8:b3:43:a1:c3:ad:2d:70:d6:de:91:41:3d:06:
12:bb:31:18:84:8f:39:78:d0:1e:62:c7:98:12:d0:c8:9d:46:
91:73:e5:e8:d7:eb:b7:dc:7c:69:d0:ea:b2:04:f1:b4:20:58:
c0:cc:ff:a4:2a:97:a7:7b:b8:b1:c5:c0:73:52:a2:79:5e:18:
fc:74:00:c6:10:7c:38:77:92:bd:3c:99:f5:f9:26:92:54:e4:
40:e1:38:30:65:53:52:85:14:b6:c3:dc:9f:e8:5a:9d:d7:6a:
46:7f:8f:f3:fe:be:45:d5:36:bb:20:3b:bc:72:5c:12:6b:14:
9e:0e:65:04:d2:ee:64:29:10:45:e7:16:bf:9a:80:8f:69:52:
42:3c:d3:7d:ef:7f:f2:73:7d:a6:be:8c:e8:1a:31:77:d9:45:
cf:75:68:6b:cc:b1:f6:4a:91:3f:38:27:62:d5:8b:7e:aa:5e:
9d:19:da:56:40:88:3d:db:7c:1f:20:41:5e:4f:e9:27:30:08:
e6:28:3e:8e:36:33:7d:87:92:52:7b:ba:95:d6:91:1b:be:8b:
4a:fe:d8:a1:d4:95:ac:37:89:85:58:40:2d:33:45:36:60:82:
b6:ff:23:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
ODM4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ2RkNBMDJFQUQ5OUY1
RjI0RDAxMTVCM0RDNDIyQTAwNzM1OTQ4QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBP3B3jyDtPwTF+7sdP2Kehot0+MxMK80UeajmaVO2GKyzEc76
ccEDa+CL/ngPdAtJ0awoXAp8Iy0QNQQktR5dD3bdJKhTMOSC7ia/A1SiYUQUIa3o
iPdn2nvSfR2z1UG29IZNCYUSi8WSMQ6Lb29Han2wH+OZyX0PYcNYgf2esbWY7pQM
ChRllWk30MgUWxDNiKKK5k5v+EcMuhJYjXt5qXs49g5Gyb8l9CLDcFemx4hEiM8y
HAV/Ejc3a2gv3vX68sByMjB+zNfAWf79bvmUGJptQvacYfTbCs2kOWI4HLkCYi72
VzBM1JPK/Z7lagM81JHI+5GUUvsmuwM3bTD5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURvygLq2Z9fJNARWz3EIqAHNZSKIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SdnlnTHEyWjlmSk5BUld6
M0VJcUFITlpTS0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABQqVmOs8a6OWGytYDRaC58XkDQ5NTn4s0Oh
w60tcNbekUE9BhK7MRiEjzl40B5ix5gS0MidRpFz5ejX67fcfGnQ6rIE8bQgWMDM
/6Qql6d7uLHFwHNSonleGPx0AMYQfDh3kr08mfX5JpJU5EDhODBlU1KFFLbD3J/o
Wp3XakZ/j/P+vkXVNrsgO7xyXBJrFJ4OZQTS7mQpEEXnFr+agI9pUkI8033vf/Jz
faa+jOgaMXfZRc91aGvMsfZKkT84J2LVi36qXp0Z2lZAiD3bfB8gQV5P6ScwCOYo
Po42M32HklJ7upXWkRu+i0r+2KHUlaw3iYVYQC0zRTZggrb/I6E=
-----END CERTIFICATE-----
Generated at Sun Jun 22 13:32:58 2025 by rpki-client