Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/d1t2P24cjJ7xuvupX0u0zl-zTz0.roa
File: d1t2P24cjJ7xuvupX0u0zl-zTz0.roa (raw, json)
Hash identifier: +cDGfNhQAvmgj9l07aQ9yXumfbr+EvaGHINf5sAlR7o=
Subject key identifier: 77:5B:76:3F:6E:1C:8C:9E:F1:BA:FB:A9:5F:4B:B4:CE:5F:B3:4F:3D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 083A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/d1t2P24cjJ7xuvupX0u0zl-zTz0.roa
Signing time: Sun 18 May 2025 01:08:08 +0000
ROA not before: Sun 18 May 2025 01:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2106 (0x83a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 01:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=775B763F6E1C8C9EF1BAFBA95F4BB4CE5FB34F3D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d0:f2:c9:95:7a:ea:2c:57:a3:c9:20:86:c5:
8a:1c:71:7b:ba:77:44:21:69:4d:a4:9c:5d:c3:4f:
25:c3:74:d2:74:f2:64:57:47:d2:5d:ca:e2:49:d3:
24:7f:ac:4c:c2:28:70:5f:ac:fb:96:92:e2:72:4e:
bd:89:d4:e7:2b:e0:8b:89:fe:3d:2f:45:52:76:13:
58:a3:70:4f:1a:4b:82:bd:4f:66:02:f5:1c:14:5c:
38:01:a6:43:43:56:f2:bb:ac:48:94:90:f4:c8:e7:
32:d8:a1:45:80:c6:04:70:c9:0f:0d:8c:44:37:0e:
49:76:32:6f:82:70:81:5d:69:ab:c5:ab:87:0a:bc:
4a:72:63:82:d4:db:41:cb:9b:49:21:49:db:fe:a8:
55:4e:71:27:8b:09:03:c8:94:5d:ce:c4:dd:1a:9f:
e8:fa:1b:6e:33:ef:41:51:a0:ad:f6:3a:3e:25:e2:
31:93:7d:39:ba:19:a3:37:7f:41:89:4a:66:74:e1:
1b:1a:8a:20:ba:14:23:d4:75:ef:d9:19:65:af:8b:
fd:43:18:3e:83:4c:e4:76:9e:ae:ef:56:37:c5:f2:
9d:62:f6:f3:26:f1:d6:82:40:08:88:67:4e:7e:3d:
75:3c:60:9a:d1:44:bb:dd:71:1d:db:7e:f4:ec:94:
1e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5B:76:3F:6E:1C:8C:9E:F1:BA:FB:A9:5F:4B:B4:CE:5F:B3:4F:3D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/d1t2P24cjJ7xuvupX0u0zl-zTz0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:3f:cc:23:e4:22:fe:c0:70:0a:65:0b:89:f1:8e:0d:0b:b0:
e9:fb:60:7e:34:3f:33:78:0c:f9:da:3c:01:35:cb:9d:61:40:
a4:52:2d:16:15:66:7e:a6:47:32:6a:6e:ca:8d:67:f7:77:55:
c3:a5:6e:78:cb:91:13:9f:1a:b2:3c:cc:f9:bb:f1:92:98:c3:
5a:6a:7d:2c:46:01:7f:12:f0:c6:cb:ea:04:bd:b1:a2:fa:4d:
93:28:29:b3:37:f2:f2:0f:e8:d5:0a:b5:de:ab:28:5d:5b:b9:
71:07:28:d9:d5:7d:da:6c:a8:e7:05:07:59:f4:68:7d:28:30:
e8:de:f1:e4:aa:47:0a:16:ba:ed:28:e9:70:9e:d9:0d:2e:b7:
11:9b:f2:b9:85:8e:e1:1b:0b:33:53:e5:25:18:17:26:dc:30:
63:37:f9:4f:43:61:0c:f0:4c:36:d8:8b:43:36:a2:03:ec:11:
27:8c:9a:a8:9f:61:35:c1:24:96:0d:15:08:be:76:4a:bf:44:
77:e2:5f:1f:98:a4:49:55:dc:46:62:22:e6:32:b0:b8:cd:28:
c3:c1:3b:36:06:be:17:f1:92:dc:bb:86:5c:e8:95:57:b3:47:
5e:b3:c6:10:8f:e8:50:ae:30:17:5d:18:a0:14:82:b6:02:8d:
08:ec:ed:52
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
MTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc3NUI3NjNGNkUxQzhD
OUVGMUJBRkJBOTVGNEJCNENFNUZCMzRGM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP0PLJlXrqLFejySCGxYoccXu6d0QhaU2knF3DTyXDdNJ08mRX
R9JdyuJJ0yR/rEzCKHBfrPuWkuJyTr2J1Ocr4IuJ/j0vRVJ2E1ijcE8aS4K9T2YC
9RwUXDgBpkNDVvK7rEiUkPTI5zLYoUWAxgRwyQ8NjEQ3Dkl2Mm+CcIFdaavFq4cK
vEpyY4LU20HLm0khSdv+qFVOcSeLCQPIlF3OxN0an+j6G24z70FRoK32Oj4l4jGT
fTm6GaM3f0GJSmZ04RsaiiC6FCPUde/ZGWWvi/1DGD6DTOR2nq7vVjfF8p1i9vMm
8daCQAiIZ05+PXU8YJrRRLvdcR3bfvTslB69AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUd1t2P24cjJ7xuvupX0u0zl+zTz0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kMXQyUDI0Y2pKN3h1dnVw
WDB1MHpsLXpUejAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIA/zCPkIv7AcAplC4nxjg0LsOn7YH40PzN4
DPnaPAE1y51hQKRSLRYVZn6mRzJqbsqNZ/d3VcOlbnjLkROfGrI8zPm78ZKYw1pq
fSxGAX8S8MbL6gS9saL6TZMoKbM38vIP6NUKtd6rKF1buXEHKNnVfdpsqOcFB1n0
aH0oMOje8eSqRwoWuu0o6XCe2Q0utxGb8rmFjuEbCzNT5SUYFybcMGM3+U9DYQzw
TDbYi0M2ogPsESeMmqifYTXBJJYNFQi+dkq/RHfiXx+YpElV3EZiIuYysLjNKMPB
OzYGvhfxkty7hlzolVezR16zxhCP6FCuMBddGKAUgrYCjQjs7VI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 08:19:44 2025 by rpki-client