Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/siwrsAiMWUzvG2a4UoFH1N8zas0.roa
File: siwrsAiMWUzvG2a4UoFH1N8zas0.roa (raw, json)
Hash identifier: 1rpVssjeENKp8l95+CoJ6OYMNmUhVwWWoSvKj0+IHj8=
Subject key identifier: B2:2C:2B:B0:08:8C:59:4C:EF:1B:66:B8:52:81:47:D4:DF:33:6A:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C56
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/siwrsAiMWUzvG2a4UoFH1N8zas0.roa
Signing time: Fri 23 May 2025 12:38:26 +0000
ROA not before: Fri 23 May 2025 12:38:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3158 (0xc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 12:38:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B22C2BB0088C594CEF1B66B8528147D4DF336ACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:98:48:76:c3:40:68:02:99:d3:20:63:40:
24:49:5a:a5:74:fd:af:02:f9:0c:49:80:f8:4b:78:
c6:e8:d3:05:40:af:07:37:e4:59:d9:13:22:72:cd:
24:40:ac:0d:79:c7:1f:f5:e9:86:d7:f1:a8:09:85:
c5:a8:e9:56:50:72:d4:f3:d7:2c:ca:2b:44:72:27:
86:f4:6c:3d:47:25:68:7d:db:5b:d6:48:53:29:39:
98:0e:9b:e0:0d:30:07:93:c5:8d:b0:9e:29:a6:9b:
a5:6a:9c:e4:b9:d0:8a:f6:2e:9e:e7:d1:79:5b:47:
9b:8a:f0:57:0e:c1:e3:24:c2:2a:89:9c:75:22:8d:
bc:05:d7:d8:ab:8c:d1:2e:e2:8c:d0:33:87:57:b9:
90:45:e9:f4:d0:50:15:70:05:2a:69:7c:d2:87:bd:
67:57:a9:4c:c4:eb:2e:15:58:b0:ae:6a:06:93:e1:
00:15:ec:24:f9:a3:24:d7:df:0b:60:32:40:3f:d7:
eb:de:33:a6:7c:da:a5:05:4e:d1:71:9c:34:22:4f:
67:da:66:d1:d4:42:e2:a4:1b:60:ce:90:9c:21:8b:
24:16:02:45:c8:f0:5d:4a:89:03:4d:06:7f:9f:ec:
e2:da:82:2e:0b:bf:bf:b1:38:f7:55:a6:36:99:4b:
82:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:2C:2B:B0:08:8C:59:4C:EF:1B:66:B8:52:81:47:D4:DF:33:6A:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/siwrsAiMWUzvG2a4UoFH1N8zas0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:82:bc:e8:e6:11:4c:d3:66:1b:40:ae:e5:b0:08:90:c5:15:
8c:e6:b4:0b:0e:34:09:d0:89:dc:09:9a:70:49:ae:98:b5:46:
af:e3:43:dc:5d:8a:fa:96:ee:02:71:25:4c:cd:78:44:3a:65:
13:97:5e:a4:c8:e3:cf:5d:1e:3d:24:dc:62:17:aa:b2:30:c5:
a3:b8:d8:bd:01:16:36:ba:a6:63:ff:3d:11:80:db:4a:ed:5b:
7c:95:fb:93:0a:6e:7c:ed:a0:c4:c1:35:bb:72:2a:1a:03:c0:
13:64:a0:1c:8b:e8:9b:b8:ce:97:28:b8:b5:11:f8:b1:45:23:
7a:5d:86:6e:dd:fe:3f:2c:78:0d:ff:6b:bd:f9:af:96:46:03:
63:74:21:a1:9e:0c:13:62:c1:a6:70:4b:a4:ec:15:81:bc:77:
41:5f:7e:c0:68:94:61:03:85:a5:c9:d2:6c:0b:80:b2:e6:19:
17:89:88:7f:a6:3c:8d:39:01:5a:dc:e4:3d:10:5b:bb:73:ad:
41:72:ed:99:c5:8a:00:11:69:e4:61:e7:d3:7a:9c:19:ed:10:
19:f8:e7:0c:bc:7f:3d:df:f9:ae:ba:de:78:a6:cb:09:55:f6:
94:9d:b0:fc:b0:6c:ab:12:9d:4b:c3:2c:12:e4:31:73:d0:28:
48:8a:c5:c2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMx
MjM4MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyMkMyQkIwMDg4QzU5
NENFRjFCNjZCODUyODE0N0Q0REYzMzZBQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpBphIdsNAaAKZ0yBjQCRJWqV0/a8C+QxJgPhLeMbo0wVArwc3
5FnZEyJyzSRArA15xx/16YbX8agJhcWo6VZQctTz1yzKK0RyJ4b0bD1HJWh921vW
SFMpOZgOm+ANMAeTxY2wnimmm6VqnOS50Ir2Lp7n0XlbR5uK8FcOweMkwiqJnHUi
jbwF19irjNEu4ozQM4dXuZBF6fTQUBVwBSppfNKHvWdXqUzE6y4VWLCuagaT4QAV
7CT5oyTX3wtgMkA/1+veM6Z82qUFTtFxnDQiT2faZtHUQuKkG2DOkJwhiyQWAkXI
8F1KiQNNBn+f7OLagi4Lv7+xOPdVpjaZS4KTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsiwrsAiMWUzvG2a4UoFH1N8zas0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zaXdyc0FpTVdVenZHMmE0
VW9GSDFOOHphczAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACmCvOjmEUzTZhtAruWwCJDFFYzmtAsONAnQ
idwJmnBJrpi1Rq/jQ9xdivqW7gJxJUzNeEQ6ZROXXqTI489dHj0k3GIXqrIwxaO4
2L0BFja6pmP/PRGA20rtW3yV+5MKbnztoMTBNbtyKhoDwBNkoByL6Ju4zpcouLUR
+LFFI3pdhm7d/j8seA3/a735r5ZGA2N0IaGeDBNiwaZwS6TsFYG8d0FffsBolGED
haXJ0mwLgLLmGReJiH+mPI05AVrc5D0QW7tzrUFy7ZnFigARaeRh59N6nBntEBn4
5wy8fz3f+a663nimywlV9pSdsPywbKsSnUvDLBLkMXPQKEiKxcI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:55:30 2025 by rpki-client