Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gsEZwoOi4hCi1X9tN2VXnkhzB_Y.roa
File: gsEZwoOi4hCi1X9tN2VXnkhzB_Y.roa (raw, json)
Hash identifier: iFpmjlqgsMmsLvUy8eN8QDwt+AmN0cEiWaVe0OZWtuM=
Subject key identifier: 82:C1:19:C2:83:A2:E2:10:A2:D5:7F:6D:37:65:57:9E:48:73:07:F6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B5E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gsEZwoOi4hCi1X9tN2VXnkhzB_Y.roa
Signing time: Thu 22 May 2025 05:38:35 +0000
ROA not before: Thu 22 May 2025 05:38:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2910 (0xb5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 05:38:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=82C119C283A2E210A2D57F6D3765579E487307F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ae:75:3d:b8:66:03:59:5c:22:c2:14:cc:2d:
32:42:15:3e:c8:01:1d:fa:4a:40:20:e2:c9:7b:24:
8d:66:0b:d2:5f:43:02:2f:d4:a5:71:ee:7f:af:e4:
04:49:be:92:c4:ff:bf:b4:ee:90:29:94:76:d3:01:
be:37:6a:51:8f:76:5d:ab:f1:b0:a9:e6:7c:11:2c:
34:50:81:13:05:cb:c2:f8:39:16:09:3d:49:2d:4b:
d6:51:3d:bf:2b:2f:fa:56:03:09:8c:c8:01:36:ad:
8b:12:94:63:f0:e0:6c:e9:b0:fc:da:09:51:f9:42:
4d:c1:5d:c6:57:00:b4:51:bd:ae:14:93:84:a5:1b:
20:c5:28:14:e9:12:96:99:4c:8d:aa:4f:51:30:c0:
84:c1:50:26:52:78:a7:b1:84:fc:b2:90:1c:9b:93:
63:1f:fb:d0:ac:b5:0f:1d:f8:1f:c2:62:33:70:ea:
d8:21:ad:72:54:6b:8e:2d:15:95:0e:e7:de:b6:4c:
de:75:94:9c:c6:5b:ad:7c:72:46:dc:97:20:89:c6:
2c:f5:84:08:08:9d:4a:86:0a:eb:20:08:94:a3:9d:
a4:94:c6:f6:98:8e:90:35:5f:b7:ea:30:50:ae:bb:
33:dc:8c:77:e2:c4:74:2f:5c:f4:58:99:4a:b8:28:
ed:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C1:19:C2:83:A2:E2:10:A2:D5:7F:6D:37:65:57:9E:48:73:07:F6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gsEZwoOi4hCi1X9tN2VXnkhzB_Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:17:0f:42:82:e9:ba:4c:eb:fe:ff:e6:2c:42:d6:1c:52:fd:
91:e9:0e:7f:c2:13:8d:e5:e3:4a:ab:5e:6a:e4:5c:4a:83:74:
e4:84:0c:85:9f:ee:35:c8:f3:58:0b:e5:2a:d5:f4:e1:13:e8:
46:8a:79:51:c3:67:bd:68:fe:48:1a:62:cf:58:9e:f0:92:b6:
3d:e8:78:3d:40:2b:a2:6a:98:0d:7f:06:38:81:ed:2b:8d:7d:
27:ba:03:50:1f:89:aa:5e:67:3d:cb:1f:16:68:c1:75:b1:fb:
d8:ed:5e:8e:d0:ce:67:d4:ea:be:60:91:2e:80:62:d0:df:30:
e8:a3:30:7b:0e:37:a5:9d:11:0c:9b:fa:f1:f3:c6:60:e7:c4:
f1:8d:87:04:7c:40:ca:26:d5:1b:e9:30:74:ed:02:99:75:9e:
66:a9:80:7d:ec:2b:5d:de:c4:a7:8e:ef:cc:d7:91:92:c8:75:
e8:38:e4:02:f3:48:0c:51:25:9c:a7:62:77:6a:d3:21:ca:89:
94:fc:d2:80:d8:a0:df:5f:9c:b5:4c:c4:2e:f8:f8:c6:07:60:
98:01:ef:f6:f5:96:bb:27:c0:c9:d7:26:87:32:48:0d:0e:3b:
02:bf:04:70:86:8b:39:b4:94:26:b4:8d:41:d5:8a:c0:5b:8e:
d9:ba:af:93
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC14wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
NTM4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyQzExOUMyODNBMkUy
MTBBMkQ1N0Y2RDM3NjU1NzlFNDg3MzA3RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCprnU9uGYDWVwiwhTMLTJCFT7IAR36SkAg4sl7JI1mC9JfQwIv
1KVx7n+v5ARJvpLE/7+07pAplHbTAb43alGPdl2r8bCp5nwRLDRQgRMFy8L4ORYJ
PUktS9ZRPb8rL/pWAwmMyAE2rYsSlGPw4GzpsPzaCVH5Qk3BXcZXALRRva4Uk4Sl
GyDFKBTpEpaZTI2qT1EwwITBUCZSeKexhPyykBybk2Mf+9CstQ8d+B/CYjNw6tgh
rXJUa44tFZUO5962TN51lJzGW618ckbclyCJxiz1hAgInUqGCusgCJSjnaSUxvaY
jpA1X7fqMFCuuzPcjHfixHQvXPRYmUq4KO0RAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgsEZwoOi4hCi1X9tN2VXnkhzB/YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nc0Vad29PaTRoQ2kxWDl0
TjJWWG5raHpCX1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADkXD0KC6bpM6/7/5ixC1hxS/ZHpDn/CE43l
40qrXmrkXEqDdOSEDIWf7jXI81gL5SrV9OET6EaKeVHDZ71o/kgaYs9YnvCStj3o
eD1AK6JqmA1/BjiB7SuNfSe6A1AfiapeZz3LHxZowXWx+9jtXo7QzmfU6r5gkS6A
YtDfMOijMHsON6WdEQyb+vHzxmDnxPGNhwR8QMom1RvpMHTtApl1nmapgH3sK13e
xKeO78zXkZLIdeg45ALzSAxRJZynYndq0yHKiZT80oDYoN9fnLVMxC74+MYHYJgB
7/b1lrsnwMnXJocySA0OOwK/BHCGizm0lCa0jUHVisBbjtm6r5M=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:11:48 2025 by rpki-client