Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/cxUr50Ax7PCWjASvYZ7wyczvn-U.roa
File: cxUr50Ax7PCWjASvYZ7wyczvn-U.roa (raw, json)
Hash identifier: Sip/qltVgZqBgz8nX6D/84UpjQVELE1H0ekF7NyB5FU=
Subject key identifier: 73:15:2B:E7:40:31:EC:F0:96:8C:04:AF:61:9E:F0:C9:CC:EF:9F:E5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 137A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cxUr50Ax7PCWjASvYZ7wyczvn-U.roa
Signing time: Mon 02 Jun 2025 01:09:11 +0000
ROA not before: Mon 02 Jun 2025 01:09:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4986 (0x137a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 01:09:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=73152BE74031ECF0968C04AF619EF0C9CCEF9FE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:e9:b9:e0:8c:94:2b:01:e7:c7:e9:20:a4:
66:cf:3a:32:19:23:d3:07:b9:18:fd:00:42:c7:1f:
c7:e8:62:60:0b:9d:7c:e8:02:8c:66:88:af:16:a7:
36:e1:08:dc:08:49:79:21:7f:ce:78:89:61:b7:69:
bf:97:0a:77:15:b7:9b:ee:a9:b6:f8:e3:98:ae:14:
82:ac:2e:96:0d:c9:bf:72:74:2d:2d:47:63:13:c4:
ff:1d:31:a4:55:50:ab:2f:06:fe:1c:4a:ca:61:14:
7c:1f:78:9a:fb:c3:8f:8a:e7:6d:0f:ef:f9:ac:85:
21:a1:0d:25:75:28:30:81:d6:e1:1e:bf:8d:dc:c5:
6d:05:11:78:a5:1b:58:c5:f2:c7:d1:9c:ee:62:b3:
3c:26:3d:bc:75:87:0a:eb:71:a9:59:39:ff:c7:30:
11:a2:f3:76:ae:8d:d7:b6:88:a9:4a:e6:10:1d:59:
2d:c1:dc:73:b6:cf:d6:be:07:d8:6d:ab:3d:f9:af:
69:76:51:75:d0:b7:9c:f4:6f:a7:44:62:17:95:d7:
68:bd:ec:a7:66:de:bd:ce:49:fa:86:84:63:11:a2:
3e:e2:6f:b0:84:29:2d:fc:fb:52:6d:f4:ff:32:93:
9f:99:cf:d5:4c:06:fa:f5:af:85:ea:b3:a7:99:27:
48:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:15:2B:E7:40:31:EC:F0:96:8C:04:AF:61:9E:F0:C9:CC:EF:9F:E5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/cxUr50Ax7PCWjASvYZ7wyczvn-U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:b4:76:f4:37:77:54:84:9b:ec:4e:ba:e8:83:25:ba:e9:98:
80:00:43:06:1e:e4:cc:2f:3f:c4:7d:88:1f:23:22:10:c6:43:
2f:03:78:e9:95:54:3d:87:da:40:db:01:53:3c:09:d6:40:6c:
cf:e3:c0:31:f2:1d:4a:c3:d7:b7:53:23:32:b1:48:bc:ed:6d:
80:35:1e:72:be:51:b1:b6:39:ef:0c:d0:c4:8d:81:c8:3b:19:
0b:03:d3:f4:63:a0:c0:b3:4b:97:e7:e4:23:32:ef:0f:28:37:
4d:55:14:62:a3:e9:bb:8b:1d:85:d9:49:a2:37:ce:6d:74:4c:
07:da:5d:53:a7:b2:f8:af:1a:3a:ec:b5:27:98:cb:bd:7f:59:
29:fc:33:26:63:90:6a:84:fb:9b:80:bc:28:98:91:cf:61:59:
5a:1a:93:18:8b:86:9a:09:6c:18:38:2a:5b:c4:84:0d:bb:89:
4e:64:9d:d1:3f:7c:23:10:52:52:62:ab:06:f7:58:96:6b:89:
18:f8:96:a8:96:b2:54:c7:d5:b6:d0:cd:d9:8a:a2:20:3e:df:
3a:cd:4f:e2:08:20:52:f3:dd:42:38:e2:0b:03:12:40:a9:51:
7e:44:f1:65:8a:64:2d:45:36:03:94:05:34:ab:48:c9:8c:72:
1f:38:4a:52
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIw
MTA5MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDczMTUyQkU3NDAzMUVD
RjA5NjhDMDRBRjYxOUVGMEM5Q0NFRjlGRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVoem54IyUKwHnx+kgpGbPOjIZI9MHuRj9AELHH8foYmALnXzo
AoxmiK8WpzbhCNwISXkhf854iWG3ab+XCncVt5vuqbb445iuFIKsLpYNyb9ydC0t
R2MTxP8dMaRVUKsvBv4cSsphFHwfeJr7w4+K520P7/mshSGhDSV1KDCB1uEev43c
xW0FEXilG1jF8sfRnO5iszwmPbx1hwrrcalZOf/HMBGi83aujde2iKlK5hAdWS3B
3HO2z9a+B9htqz35r2l2UXXQt5z0b6dEYheV12i97Kdm3r3OSfqGhGMRoj7ib7CE
KS38+1Jt9P8yk5+Zz9VMBvr1r4Xqs6eZJ0itAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUcxUr50Ax7PCWjASvYZ7wyczvn+UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9jeFVyNTBBeDdQQ1dqQVN2
WVo3d3ljenZuLVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHC0dvQ3d1SEm+xOuuiDJbrpmIAAQwYe5Mwv
P8R9iB8jIhDGQy8DeOmVVD2H2kDbAVM8CdZAbM/jwDHyHUrD17dTIzKxSLztbYA1
HnK+UbG2Oe8M0MSNgcg7GQsD0/RjoMCzS5fn5CMy7w8oN01VFGKj6buLHYXZSaI3
zm10TAfaXVOnsvivGjrstSeYy71/WSn8MyZjkGqE+5uAvCiYkc9hWVoakxiLhpoJ
bBg4KlvEhA27iU5kndE/fCMQUlJiqwb3WJZriRj4lqiWslTH1bbQzdmKoiA+3zrN
T+IIIFLz3UI44gsDEkCpUX5E8WWKZC1FNgOUBTSrSMmMch84SlI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:18:34 2025 by rpki-client