Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VGTz1HIchPGU1z4w5F7BCFg2EHw.roa
File: VGTz1HIchPGU1z4w5F7BCFg2EHw.roa (raw, json)
Hash identifier: fvYAyfulls+MHSJO9b3tKnc3t64P8lVZY5+8QsA82KQ=
Subject key identifier: 54:64:F3:D4:72:1C:84:F1:94:D7:3E:30:E4:5E:C1:08:58:36:10:7C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08FA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VGTz1HIchPGU1z4w5F7BCFg2EHw.roa
Signing time: Mon 19 May 2025 01:08:09 +0000
ROA not before: Mon 19 May 2025 01:08:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298 (0x8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 01:08:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5464F3D4721C84F194D73E30E45EC1085836107C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:df:18:f0:d4:60:0e:86:1e:36:86:7d:d3:ea:
d0:34:23:ae:6a:c0:c7:88:37:70:99:77:1c:33:50:
06:e3:3e:bb:22:47:8c:fc:7b:44:0a:4f:87:a9:d7:
f9:6a:96:74:76:38:12:a3:75:3f:26:c1:b6:6a:c8:
dd:ae:c4:fa:79:c0:ee:57:d8:ff:a5:80:8d:e7:e3:
11:79:d3:ed:f6:13:34:cb:75:6a:22:5f:50:ec:25:
cf:40:65:06:c4:68:87:f1:32:b0:9e:c8:95:99:dd:
81:62:c8:71:91:ee:85:bd:2d:c8:39:b4:8a:1c:b8:
72:ac:b2:79:54:ca:ea:bb:72:79:a2:cf:ef:fb:aa:
ec:d1:14:59:14:c2:08:ca:62:a8:fd:4e:5a:b8:c3:
96:32:8b:03:de:3b:e6:47:9d:75:92:7e:4e:a1:ac:
97:f7:49:ff:0b:47:1b:a7:99:5d:b1:e7:2a:69:4f:
93:0a:2e:10:6e:99:a1:2e:89:63:8e:75:1a:94:33:
29:26:a6:71:c9:a7:69:48:05:18:6c:56:b8:83:71:
df:1b:d8:92:13:9a:eb:a8:a8:a1:ad:7c:02:21:af:
48:da:43:54:99:7d:07:cf:01:52:ef:9f:25:43:fd:
49:8e:ef:48:aa:03:f9:84:de:4f:91:60:c6:a7:c8:
6a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:64:F3:D4:72:1C:84:F1:94:D7:3E:30:E4:5E:C1:08:58:36:10:7C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VGTz1HIchPGU1z4w5F7BCFg2EHw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:c6:3e:39:46:12:e1:7b:5f:b1:e3:e5:ea:eb:26:ed:8c:17:
19:a3:c2:40:fc:e9:0a:02:83:80:0b:5c:bd:50:c9:3b:a8:bf:
e2:b1:d2:62:e8:3c:3c:7a:20:e6:df:92:df:ed:6b:6e:6d:f2:
dd:11:e3:c6:1f:82:93:e1:d4:9e:e4:67:eb:8d:61:78:6f:6f:
d5:d2:d9:86:66:51:27:aa:b9:35:c6:14:fa:8a:ca:41:d4:e4:
c7:27:6d:02:40:00:23:e1:50:88:91:e5:97:26:e0:54:41:61:
ce:e4:28:26:59:90:8a:92:eb:43:3b:2d:bf:3e:3b:fd:c3:9f:
19:ca:6c:b1:44:73:d8:a4:71:98:23:03:79:58:f5:3a:6f:a4:
65:08:b3:8c:93:f3:9f:ab:f3:4a:2c:87:89:16:d5:f0:b4:d8:
ff:7a:d9:89:fa:ad:07:b5:8c:e3:3e:87:d7:a8:f7:40:98:50:
9c:bc:cf:ec:d9:16:75:0f:75:21:d8:15:93:02:f7:fc:6e:72:
46:d4:4a:3b:9e:12:ae:c3:43:37:73:21:e2:e4:75:38:ce:7b:
17:87:4d:c7:90:32:65:f5:a2:19:1c:59:15:2c:21:b7:87:1b:
c5:ff:ab:33:db:d1:db:6f:52:c6:09:59:9f:f4:b8:05:8b:0d:
8c:9a:44:8e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkw
MTA4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0NjRGM0Q0NzIxQzg0
RjE5NEQ3M0UzMEU0NUVDMTA4NTgzNjEwN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC73xjw1GAOhh42hn3T6tA0I65qwMeIN3CZdxwzUAbjPrsiR4z8
e0QKT4ep1/lqlnR2OBKjdT8mwbZqyN2uxPp5wO5X2P+lgI3n4xF50+32EzTLdWoi
X1DsJc9AZQbEaIfxMrCeyJWZ3YFiyHGR7oW9Lcg5tIocuHKssnlUyuq7cnmiz+/7
quzRFFkUwgjKYqj9Tlq4w5YyiwPeO+ZHnXWSfk6hrJf3Sf8LRxunmV2x5yppT5MK
LhBumaEuiWOOdRqUMykmpnHJp2lIBRhsVriDcd8b2JITmuuoqKGtfAIhr0jaQ1SZ
fQfPAVLvnyVD/UmO70iqA/mE3k+RYManyGoNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVGTz1HIchPGU1z4w5F7BCFg2EHwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WR1R6MUhJY2hQR1UxejR3
NUY3QkNGZzJFSHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGvGPjlGEuF7X7Hj5errJu2MFxmjwkD86QoC
g4ALXL1QyTuov+Kx0mLoPDx6IObfkt/ta25t8t0R48YfgpPh1J7kZ+uNYXhvb9XS
2YZmUSequTXGFPqKykHU5McnbQJAACPhUIiR5Zcm4FRBYc7kKCZZkIqS60M7Lb8+
O/3DnxnKbLFEc9ikcZgjA3lY9TpvpGUIs4yT85+r80osh4kW1fC02P962Yn6rQe1
jOM+h9eo90CYUJy8z+zZFnUPdSHYFZMC9/xuckbUSjueEq7DQzdzIeLkdTjOexeH
TceQMmX1ohkcWRUsIbeHG8X/qzPb0dtvUsYJWZ/0uAWLDYyaRI4=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:15:27 2025 by rpki-client