Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hswkWGSg86Y7kXGV-J51KMBqMNU.roa
File: hswkWGSg86Y7kXGV-J51KMBqMNU.roa (raw, json)
Hash identifier: O235KAn9sDFPey3hisZyqvneh7NnDmKbo8Ql8nAuwMg=
Subject key identifier: 86:CC:24:58:64:A0:F3:A6:3B:91:71:95:F8:9E:75:28:C0:6A:30:D5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06EA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hswkWGSg86Y7kXGV-J51KMBqMNU.roa
Signing time: Fri 16 May 2025 07:08:04 +0000
ROA not before: Fri 16 May 2025 07:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1770 (0x6ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 07:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86CC245864A0F3A63B917195F89E7528C06A30D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d5:2a:6e:e5:8c:77:d4:04:08:a3:24:f4:03:
2e:24:14:9e:01:a0:d1:64:d7:b1:53:95:c8:84:ce:
5a:04:43:e0:11:72:d2:72:cc:e4:81:ee:c3:6e:03:
d0:3f:2c:01:99:88:b6:64:bf:27:e6:25:d3:6f:cf:
a5:7e:ba:49:98:42:9f:a0:1e:ad:b9:e0:a8:4a:2e:
2d:13:7a:93:37:a0:aa:37:15:66:e2:6d:a8:9b:76:
2e:96:0e:93:54:34:4d:dd:10:c9:8e:3a:54:31:1c:
19:32:8d:c8:6b:c1:97:e4:c3:d8:6d:77:7e:9f:ce:
6a:dd:46:cb:fe:20:f4:12:ed:59:b7:cc:2a:d7:b1:
79:0a:d1:b3:a0:18:cb:0e:f7:91:b8:ed:93:57:2d:
a3:30:bb:ca:d0:78:9b:49:69:54:46:8b:69:d9:63:
59:60:01:84:ac:26:81:df:af:56:f6:c6:b6:0a:56:
18:1e:d5:46:41:2d:de:c2:8a:69:55:75:f0:af:a4:
1f:8f:71:3d:fb:cc:b1:e4:68:d9:71:2d:7b:8b:5a:
e0:0f:7f:e7:5b:fb:0b:d8:74:f7:24:90:37:04:d9:
84:c2:52:f3:7b:db:c5:06:5e:48:d9:16:bc:83:a3:
a7:d6:2e:2d:00:4f:72:2c:74:2b:bf:67:6a:ed:ed:
b8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CC:24:58:64:A0:F3:A6:3B:91:71:95:F8:9E:75:28:C0:6A:30:D5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hswkWGSg86Y7kXGV-J51KMBqMNU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:37:11:85:67:be:11:51:d3:e1:a1:c2:36:62:b2:fd:68:14:
9f:af:9e:62:5e:a2:3c:05:71:c3:a7:2b:3c:7e:45:18:7b:3e:
9b:d4:cd:e5:50:c5:2c:5a:2d:fe:a6:ce:51:2f:87:6f:8c:96:
97:a8:cc:2d:37:47:b3:d1:bf:77:08:ec:95:63:01:1d:68:49:
5d:ca:e9:44:90:32:e8:fb:ad:e3:af:e1:bf:c6:5c:81:26:29:
c8:40:f9:55:db:95:d0:93:81:03:7e:e9:94:47:b4:27:25:8f:
56:c9:a4:ea:49:e3:3e:7d:fb:f3:39:9c:f6:d8:12:49:ed:d2:
45:c2:5b:22:22:d7:12:45:b7:53:89:d4:a8:1d:90:e7:69:f6:
67:b9:b1:e9:a3:6d:9f:7d:5e:c6:31:41:12:2c:2e:80:79:76:
58:30:f5:a6:8f:96:6f:93:18:99:5a:1c:48:b1:4f:02:a6:01:
ae:5d:34:b0:7e:71:61:23:61:0c:1c:a2:d4:7f:bc:7d:e2:04:
81:f9:3c:6e:3b:69:2c:1d:5e:97:b4:2a:61:11:68:dc:ab:20:
09:d0:fe:90:36:7d:01:f0:a3:28:05:42:ef:0d:dd:23:85:bf:
4e:fd:91:db:d2:04:40:d6:3f:79:b6:b1:2b:c9:d5:71:5d:5b:
dd:48:f0:10
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
NzA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2Q0MyNDU4NjRBMEYz
QTYzQjkxNzE5NUY4OUU3NTI4QzA2QTMwRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb1Spu5Yx31AQIoyT0Ay4kFJ4BoNFk17FTlciEzloEQ+ARctJy
zOSB7sNuA9A/LAGZiLZkvyfmJdNvz6V+ukmYQp+gHq254KhKLi0TepM3oKo3FWbi
baibdi6WDpNUNE3dEMmOOlQxHBkyjchrwZfkw9htd36fzmrdRsv+IPQS7Vm3zCrX
sXkK0bOgGMsO95G47ZNXLaMwu8rQeJtJaVRGi2nZY1lgAYSsJoHfr1b2xrYKVhge
1UZBLd7CimlVdfCvpB+PcT37zLHkaNlxLXuLWuAPf+db+wvYdPckkDcE2YTCUvN7
28UGXkjZFryDo6fWLi0AT3IsdCu/Z2rt7biNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhswkWGSg86Y7kXGV+J51KMBqMNUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oc3drV0dTZzg2WTdrWEdW
LUo1MUtNQnFNTlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAH83EYVnvhFR0+GhwjZisv1oFJ+vnmJeojwF
ccOnKzx+RRh7PpvUzeVQxSxaLf6mzlEvh2+MlpeozC03R7PRv3cI7JVjAR1oSV3K
6USQMuj7reOv4b/GXIEmKchA+VXbldCTgQN+6ZRHtCclj1bJpOpJ4z59+/M5nPbY
Eknt0kXCWyIi1xJFt1OJ1KgdkOdp9me5semjbZ99XsYxQRIsLoB5dlgw9aaPlm+T
GJlaHEixTwKmAa5dNLB+cWEjYQwcotR/vH3iBIH5PG47aSwdXpe0KmERaNyrIAnQ
/pA2fQHwoygFQu8N3SOFv079kdvSBEDWP3m2sSvJ1XFdW91I8BA=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:38 2025 by rpki-client