Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qKneXjoblZNMdcDHBTacnWxd3us.roa
File: qKneXjoblZNMdcDHBTacnWxd3us.roa (raw, json)
Hash identifier: m4TXylYmrMv/fvzuOzxvgIkvPNIqdkKYQdyxFGiRpNE=
Subject key identifier: A8:A9:DE:5E:3A:1B:95:93:4C:75:C0:C7:05:36:9C:9D:6C:5D:DE:EB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03D2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qKneXjoblZNMdcDHBTacnWxd3us.roa
Signing time: Mon 12 May 2025 04:08:06 +0000
ROA not before: Mon 12 May 2025 04:08:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 978 (0x3d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 04:08:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A8A9DE5E3A1B95934C75C0C705369C9D6C5DDEEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4c:42:76:5f:67:6a:eb:49:64:b7:98:ce:c2:
49:59:c1:aa:17:0a:7f:51:98:81:80:dc:93:3a:78:
6e:97:e8:72:60:8d:90:31:a3:fd:15:ba:63:ed:d7:
a9:fc:71:ef:ca:17:af:97:5c:a0:3d:7e:30:0e:63:
8b:04:8c:db:1c:db:bc:f2:16:6b:af:fe:55:de:10:
dc:28:5c:79:e8:df:1d:11:7f:82:c8:05:62:4a:5c:
df:78:ec:a0:3c:42:81:d3:ca:c1:1d:44:4e:9c:2b:
25:4b:57:e4:15:ec:bc:9d:8a:42:3f:57:22:e8:13:
fd:cf:f2:ce:24:a5:3d:a1:ff:e4:c1:b5:45:98:a7:
a4:25:8e:de:9c:37:86:a4:cd:ce:46:9c:22:c3:cf:
ea:6d:68:92:bd:bb:9f:c5:2f:fa:bb:73:53:ec:b6:
2d:dd:cd:13:ad:a1:ab:f0:bc:a7:35:f9:3c:e4:11:
d4:ee:97:8f:bd:30:d7:d0:06:a1:40:da:2c:56:28:
3a:2b:c9:2e:fd:7e:67:7c:de:e5:53:bd:6d:31:9f:
5f:6f:4f:b6:71:9c:a1:c3:3f:f2:38:27:61:3e:b8:
a4:52:57:c1:d8:da:4b:54:61:65:23:b0:82:11:72:
a2:6e:44:91:58:43:2a:f2:cd:44:c8:91:8e:a5:99:
4d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A9:DE:5E:3A:1B:95:93:4C:75:C0:C7:05:36:9C:9D:6C:5D:DE:EB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qKneXjoblZNMdcDHBTacnWxd3us.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:db:2e:36:ee:db:64:22:64:bd:1b:f4:cc:04:b7:83:c2:3b:
e4:73:51:16:21:97:37:94:19:c9:9d:99:1b:23:f2:3a:a5:93:
ac:8d:81:1e:3b:48:f8:33:83:d3:d3:06:de:c4:4c:21:21:7a:
6d:28:1a:87:cc:2b:f9:29:61:40:a8:72:b8:be:2e:7d:81:d2:
ad:ef:8e:e2:37:a2:a7:59:e7:d4:1d:48:d8:8a:15:05:0d:5b:
e7:7a:81:50:e6:4c:e7:29:51:c6:7c:eb:0b:6d:3e:71:d6:51:
76:16:e3:68:e7:81:55:75:a3:bc:c6:e0:8d:53:f2:cf:7c:ce:
1c:ec:89:aa:f4:79:ef:0e:b9:af:2f:a4:81:27:61:55:5c:9a:
33:71:02:31:3b:fc:39:d7:6e:e5:11:3d:4e:09:84:d8:5b:5f:
aa:62:a0:08:13:0b:f7:0c:0a:dc:2c:db:4b:13:17:2b:94:67:
14:8a:31:cc:6f:e6:83:61:1b:0b:0d:1f:51:ca:66:ff:90:d3:
95:6f:c7:45:3e:aa:0b:b1:a7:58:0d:ad:8f:83:e1:11:21:d9:
f7:48:12:ef:f0:a3:99:13:53:97:02:b0:49:7e:01:62:92:a0:
09:71:a8:db:b4:53:19:b1:9e:31:4f:ff:a6:36:14:8b:22:01:
e9:b7:23:31
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
NDA4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE4QTlERTVFM0ExQjk1
OTM0Qzc1QzBDNzA1MzY5QzlENkM1RERFRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaTEJ2X2dq60lkt5jOwklZwaoXCn9RmIGA3JM6eG6X6HJgjZAx
o/0VumPt16n8ce/KF6+XXKA9fjAOY4sEjNsc27zyFmuv/lXeENwoXHno3x0Rf4LI
BWJKXN947KA8QoHTysEdRE6cKyVLV+QV7LydikI/VyLoE/3P8s4kpT2h/+TBtUWY
p6Qljt6cN4akzc5GnCLDz+ptaJK9u5/FL/q7c1Psti3dzROtoavwvKc1+TzkEdTu
l4+9MNfQBqFA2ixWKDoryS79fmd83uVTvW0xn19vT7ZxnKHDP/I4J2E+uKRSV8HY
2ktUYWUjsIIRcqJuRJFYQyryzUTIkY6lmU3zAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqKneXjoblZNMdcDHBTacnWxd3uswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xS25lWGpvYmxaTk1kY0RI
QlRhY25XeGQzdXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAnbLjbu22QiZL0b9MwEt4PCO+RzURYhlzeU
GcmdmRsj8jqlk6yNgR47SPgzg9PTBt7ETCEhem0oGofMK/kpYUCocri+Ln2B0q3v
juI3oqdZ59QdSNiKFQUNW+d6gVDmTOcpUcZ86wttPnHWUXYW42jngVV1o7zG4I1T
8s98zhzsiar0ee8Oua8vpIEnYVVcmjNxAjE7/DnXbuURPU4JhNhbX6pioAgTC/cM
Ctws20sTFyuUZxSKMcxv5oNhGwsNH1HKZv+Q05Vvx0U+qguxp1gNrY+D4REh2fdI
Eu/wo5kTU5cCsEl+AWKSoAlxqNu0UxmxnjFP/6Y2FIsiAem3IzE=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:29 2025 by rpki-client