Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dbsKq8GCPk6gmtrqchLGzlVSJ8I.roa
File: dbsKq8GCPk6gmtrqchLGzlVSJ8I.roa (raw, json)
Hash identifier: PsSVuWV04D5GN7WfPSsN8NwjD6yueWlhbHHi5dUcKRo=
Subject key identifier: 75:BB:0A:AB:C1:82:3E:4E:A0:9A:DA:EA:72:12:C6:CE:55:52:27:C2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01EE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dbsKq8GCPk6gmtrqchLGzlVSJ8I.roa
Signing time: Fri 09 May 2025 15:37:46 +0000
ROA not before: Fri 09 May 2025 15:37:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 494 (0x1ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 15:37:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=75BB0AABC1823E4EA09ADAEA7212C6CE555227C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:dd:63:61:55:65:a4:00:72:26:11:e1:7d:f3:
1f:d0:de:17:3b:a7:6a:fa:21:4d:1b:e8:7c:37:69:
e3:08:5e:0b:25:5f:99:c8:fb:27:18:5d:69:03:d3:
9e:d0:3d:a4:d1:03:79:20:42:79:6f:c6:67:6a:56:
38:28:58:ac:02:6a:2c:24:99:a5:d2:02:c2:76:19:
32:39:7b:cb:82:7f:ae:ce:3a:5c:c6:91:94:39:ed:
bf:03:c2:f2:e4:b8:46:5c:54:ff:04:4d:ed:a2:47:
5f:b5:51:6d:cd:9b:b0:31:0b:c8:c7:3d:84:c1:7b:
d0:61:45:65:5f:53:b8:0e:26:ae:93:91:a0:d4:7c:
6b:ad:ff:59:2b:16:d6:fc:5b:05:aa:78:9b:34:94:
c9:d2:e1:00:3a:fd:15:c6:d6:43:05:10:c2:97:60:
62:85:46:04:a0:2d:2e:a3:7b:d0:f1:f0:b7:9a:34:
ea:a2:77:d7:54:64:1b:26:c4:38:7b:fa:57:29:05:
9d:60:53:e1:e5:6c:31:93:d4:0c:75:b0:af:65:64:
35:08:1c:a7:01:0c:d0:f2:e1:89:95:f4:ed:eb:c8:
65:e3:5c:3a:b6:a0:0f:13:b3:bd:fc:a3:f5:e1:bf:
ca:a3:a7:32:65:af:12:28:b9:b2:1b:69:80:19:02:
ae:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BB:0A:AB:C1:82:3E:4E:A0:9A:DA:EA:72:12:C6:CE:55:52:27:C2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dbsKq8GCPk6gmtrqchLGzlVSJ8I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:54:67:0b:5b:c9:d7:ed:d3:2a:c7:04:48:eb:04:92:bf:60:
57:e6:4e:0d:b6:25:50:21:19:55:ee:3a:79:b8:75:81:30:24:
57:f7:de:18:36:76:fc:34:7c:8a:ea:3b:b3:60:45:20:fb:1d:
d5:a3:b9:a0:27:84:86:73:b8:be:59:2e:ff:20:f4:a9:85:19:
e2:4b:b8:92:d8:8f:18:b0:ae:84:70:9c:5a:78:2b:ab:93:a6:
e1:ef:92:59:0a:5a:8c:8d:07:9e:f7:b3:de:f5:12:a5:e6:6a:
1e:74:c2:58:80:ca:e6:ae:eb:0a:bb:3d:50:61:03:a9:70:8b:
57:2a:5f:7c:0a:97:4a:10:6d:1c:d3:5d:48:e6:ba:e6:78:ee:
5a:a2:95:71:c1:79:e8:00:5d:af:58:91:fc:ee:8e:6e:74:8e:
0a:51:08:ed:b5:af:1d:04:9b:b7:15:6f:4e:02:bf:26:1f:72:
ef:9b:4a:91:1d:b2:ac:93:fc:9d:36:43:98:59:ac:06:ee:02:
b4:77:4d:c2:cd:b3:62:42:21:c5:ed:22:a6:b2:04:df:af:fe:
ef:08:c3:c2:ea:92:0f:00:79:c8:39:2f:fd:0c:50:66:31:d2:
5e:e1:4c:85:7f:91:24:38:54:e2:ed:c3:e4:32:6c:8f:4d:1c:
3f:f0:4f:85
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
NTM3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc1QkIwQUFCQzE4MjNF
NEVBMDlBREFFQTcyMTJDNkNFNTU1MjI3QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr3WNhVWWkAHImEeF98x/Q3hc7p2r6IU0b6Hw3aeMIXgslX5nI
+ycYXWkD057QPaTRA3kgQnlvxmdqVjgoWKwCaiwkmaXSAsJ2GTI5e8uCf67OOlzG
kZQ57b8DwvLkuEZcVP8ETe2iR1+1UW3Nm7AxC8jHPYTBe9BhRWVfU7gOJq6TkaDU
fGut/1krFtb8WwWqeJs0lMnS4QA6/RXG1kMFEMKXYGKFRgSgLS6je9Dx8LeaNOqi
d9dUZBsmxDh7+lcpBZ1gU+HlbDGT1Ax1sK9lZDUIHKcBDNDy4YmV9O3ryGXjXDq2
oA8Ts738o/Xhv8qjpzJlrxIoubIbaYAZAq7DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdbsKq8GCPk6gmtrqchLGzlVSJ8IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kYnNLcThHQ1BrNmdtdHJx
Y2hMR3psVlNKOEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHxUZwtbydft0yrHBEjrBJK/YFfmTg22JVAh
GVXuOnm4dYEwJFf33hg2dvw0fIrqO7NgRSD7HdWjuaAnhIZzuL5ZLv8g9KmFGeJL
uJLYjxiwroRwnFp4K6uTpuHvklkKWoyNB573s971EqXmah50wliAyuau6wq7PVBh
A6lwi1cqX3wKl0oQbRzTXUjmuuZ47lqilXHBeegAXa9Ykfzujm50jgpRCO21rx0E
m7cVb04CvyYfcu+bSpEdsqyT/J02Q5hZrAbuArR3TcLNs2JCIcXtIqayBN+v/u8I
w8Lqkg8Aecg5L/0MUGYx0l7hTIV/kSQ4VOLtw+QybI9NHD/wT4U=
-----END CERTIFICATE-----
Generated at Sat Jun 21 22:59:32 2025 by rpki-client