Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kU6dNiO2OaOwatiBZ7ma1qbKTp8.roa
File: kU6dNiO2OaOwatiBZ7ma1qbKTp8.roa (raw, json)
Hash identifier: /fwn6G3FHW/C2GDqGHa3TWkdJYvmTVkI0Cqe8YgKVTo=
Subject key identifier: 91:4E:9D:36:23:B6:39:A3:B0:6A:D8:81:67:B9:9A:D6:A6:CA:4E:9F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0AEA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kU6dNiO2OaOwatiBZ7ma1qbKTp8.roa
Signing time: Wed 21 May 2025 15:08:34 +0000
ROA not before: Wed 21 May 2025 15:08:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2794 (0xaea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 15:08:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=914E9D3623B639A3B06AD88167B99AD6A6CA4E9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ec:cb:ea:5c:54:99:8a:2f:c8:e0:00:00:83:
44:09:9c:ee:3f:d5:25:5e:3f:5a:23:92:71:16:0e:
d3:17:ea:e9:20:70:67:9d:9d:46:3f:a3:13:34:e8:
3a:65:ea:85:27:d5:4e:dc:83:78:90:56:52:50:da:
39:d6:07:b4:21:25:f7:3d:72:c4:5b:34:26:26:f2:
f0:2f:59:45:11:6a:88:9a:6c:29:01:51:d2:d5:69:
05:5b:f6:08:9a:16:55:f5:72:bb:71:a8:7c:41:8e:
f4:51:50:d4:37:c6:ad:b6:a3:20:fd:a0:c8:7a:09:
a5:04:bc:73:6d:59:0a:7f:2c:ba:4b:f8:96:d2:0c:
07:25:ae:6e:8c:b7:e5:f7:d0:d0:d4:f5:64:9a:50:
83:b9:df:f4:54:e0:00:2d:9f:67:a6:c4:03:e9:53:
9a:46:37:ea:e3:0d:40:02:3a:05:7e:62:5d:23:55:
9a:92:00:47:74:7f:99:3d:e8:22:c4:46:ca:1f:10:
48:b5:f5:88:76:96:39:d2:2d:cd:34:cb:42:07:c9:
da:ff:8a:cc:96:6b:d5:1e:3d:bd:04:75:c3:03:ca:
b7:78:07:e0:cd:81:50:ac:06:99:c5:02:6a:02:e0:
7a:bb:f7:00:74:1b:0f:04:52:6c:f1:59:9f:72:77:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4E:9D:36:23:B6:39:A3:B0:6A:D8:81:67:B9:9A:D6:A6:CA:4E:9F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kU6dNiO2OaOwatiBZ7ma1qbKTp8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:6d:a1:91:1b:07:cb:1e:40:8a:bf:84:9e:e0:42:73:e0:72:
86:a8:d3:09:4b:4d:d1:9a:2f:b3:d6:2c:9f:9a:48:2f:e4:d9:
d0:0c:a1:42:8a:aa:91:5e:9f:95:eb:d8:a8:31:9f:70:93:5e:
9c:6b:94:ac:88:f7:47:db:0a:09:0e:c3:7f:83:93:9d:a1:1a:
0d:73:ec:28:8b:7e:27:f5:fa:c3:a1:f6:de:09:3c:62:b9:f9:
14:f8:d6:2e:42:12:cc:ee:08:83:31:38:80:1f:35:54:f2:d7:
dd:98:1c:ae:54:da:a0:71:da:a3:5f:6c:e5:85:ba:00:a3:e3:
9b:b4:bc:c8:da:22:35:af:2d:bb:3f:c9:74:8a:20:4a:8b:47:
31:8e:ee:7f:fb:be:f7:40:43:a7:1d:96:81:e6:43:84:d7:4b:
7e:0e:be:cf:69:83:a9:fc:28:3e:10:87:72:57:8b:da:d3:86:
57:d3:3b:4e:40:40:cc:e4:fc:dc:bd:99:8f:d0:50:4a:99:01:
5d:45:4e:f5:70:91:3d:52:fb:b8:cb:16:26:1a:c4:70:e9:1f:
e3:6b:69:c8:9a:81:23:51:84:16:2a:17:df:7b:99:06:0a:ea:
84:97:61:bc:f0:be:b8:f4:98:3e:e4:4e:8b:52:7f:97:78:80:
2e:35:7a:04
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEx
NTA4MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkxNEU5RDM2MjNCNjM5
QTNCMDZBRDg4MTY3Qjk5QUQ2QTZDQTRFOUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCT7MvqXFSZii/I4AAAg0QJnO4/1SVeP1ojknEWDtMX6ukgcGed
nUY/oxM06Dpl6oUn1U7cg3iQVlJQ2jnWB7QhJfc9csRbNCYm8vAvWUURaoiabCkB
UdLVaQVb9giaFlX1crtxqHxBjvRRUNQ3xq22oyD9oMh6CaUEvHNtWQp/LLpL+JbS
DAclrm6Mt+X30NDU9WSaUIO53/RU4AAtn2emxAPpU5pGN+rjDUACOgV+Yl0jVZqS
AEd0f5k96CLERsofEEi19Yh2ljnSLc00y0IHydr/isyWa9UePb0EdcMDyrd4B+DN
gVCsBpnFAmoC4Hq79wB0Gw8EUmzxWZ9ydxy1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkU6dNiO2OaOwatiBZ7ma1qbKTp8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rVTZkTmlPMk9hT3dhdGlC
WjdtYTFxYktUcDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHxtoZEbB8seQIq/hJ7gQnPgcoao0wlLTdGa
L7PWLJ+aSC/k2dAMoUKKqpFen5Xr2Kgxn3CTXpxrlKyI90fbCgkOw3+Dk52hGg1z
7CiLfif1+sOh9t4JPGK5+RT41i5CEszuCIMxOIAfNVTy192YHK5U2qBx2qNfbOWF
ugCj45u0vMjaIjWvLbs/yXSKIEqLRzGO7n/7vvdAQ6cdloHmQ4TXS34Ovs9pg6n8
KD4Qh3JXi9rThlfTO05AQMzk/Ny9mY/QUEqZAV1FTvVwkT1S+7jLFiYaxHDpH+Nr
aciagSNRhBYqF997mQYK6oSXYbzwvrj0mD7kTotSf5d4gC41egQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 16:50:00 2025 by rpki-client