Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tVjGvvyyN7NcDpAFWAkDwBLKud4.roa
File: tVjGvvyyN7NcDpAFWAkDwBLKud4.roa (raw, json)
Hash identifier: fsJ+O2cTfoGrQUINSiVNAYLilK0xmiYBDc3yIik48SU=
Subject key identifier: B5:58:C6:BE:FC:B2:37:B3:5C:0E:90:05:58:09:03:C0:12:CA:B9:DE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 149A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tVjGvvyyN7NcDpAFWAkDwBLKud4.roa
Signing time: Tue 03 Jun 2025 13:09:25 +0000
ROA not before: Tue 03 Jun 2025 13:09:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5274 (0x149a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 13:09:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B558C6BEFCB237B35C0E9005580903C012CAB9DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:c2:4a:0d:ef:fb:73:0e:4c:a2:8f:eb:5b:
44:11:ed:d9:09:5e:65:c4:6f:f4:06:f6:6b:63:b6:
82:05:22:1c:47:63:29:f4:17:e8:e1:f2:59:ad:28:
56:5c:a0:0e:4b:c4:60:54:25:f5:e6:c1:20:dd:76:
1c:f1:06:3d:6d:e6:3f:c1:05:00:b8:25:23:8b:19:
50:2b:96:a7:8c:b4:b2:1c:e5:a3:3e:7d:83:f8:30:
56:54:04:7d:41:39:6c:e1:d8:71:da:8e:c0:ba:0d:
cc:85:cd:01:39:55:87:f9:56:e9:bf:97:98:a3:bd:
8a:af:b7:8f:8f:06:88:1f:52:c2:49:3e:a0:ba:00:
b6:79:6f:03:e1:3b:ea:d8:47:71:72:f8:fd:d8:85:
58:be:78:79:f2:1e:8d:a0:38:5a:9e:a9:d5:ba:80:
94:2f:68:66:6c:75:00:50:b2:ac:84:f1:f4:15:a4:
fd:ad:69:ae:55:8e:2c:03:21:c6:3a:f2:e5:46:4e:
d0:31:23:3c:b7:e5:91:17:8a:a6:ca:fd:d6:b3:45:
8f:e8:dc:bb:7d:90:a9:5b:a3:a1:bc:4a:df:b4:f2:
f4:c5:56:04:16:b7:b6:dd:88:7c:be:98:7b:47:12:
19:0c:f9:e4:f3:35:b3:b9:d5:53:4c:35:85:53:46:
75:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:58:C6:BE:FC:B2:37:B3:5C:0E:90:05:58:09:03:C0:12:CA:B9:DE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tVjGvvyyN7NcDpAFWAkDwBLKud4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:29:7e:d5:7a:9f:84:83:c3:a8:25:c6:1f:bf:4b:b1:7b:ef:
b8:4d:7f:c0:4f:8f:17:ab:b0:57:e0:e7:2e:35:79:73:53:fd:
96:73:fb:63:48:40:e5:4e:cc:06:bc:53:0e:1a:bc:db:44:a4:
d1:b5:c8:2e:22:be:20:6d:41:fb:de:d1:ed:60:97:a5:d6:e6:
c3:a1:d4:96:73:ff:f1:e0:8e:e1:dc:b0:8a:a9:b2:9f:43:ab:
2a:d3:8e:2f:3c:b5:c5:bc:a9:91:83:71:43:54:c8:12:bd:30:
f5:dd:65:1a:0e:9c:a9:ab:94:3b:41:ef:c3:47:e9:78:4b:ef:
72:3c:e6:f2:9c:56:5f:6c:a1:a3:ad:f3:41:7c:31:40:18:7b:
e9:43:81:01:dd:95:9c:1b:58:ed:23:88:8b:5d:14:0e:12:d0:
b0:96:4d:29:3b:d8:ed:71:92:89:4a:25:a5:43:d3:3b:82:be:
3c:16:b4:c4:f5:70:b9:0e:3e:80:06:6b:46:0c:41:69:69:66:
82:1e:f0:77:aa:91:ab:57:28:da:b1:ec:f1:60:f9:85:72:fe:
4c:05:d2:76:2e:3a:a4:23:63:fa:b9:96:46:55:30:90:9b:74:
b7:88:81:9e:ec:51:bb:84:84:ca:5b:44:c8:9d:d3:54:58:cd:
ec:92:a0:88
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMx
MzA5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI1NThDNkJFRkNCMjM3
QjM1QzBFOTAwNTU4MDkwM0MwMTJDQUI5REUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4bsJKDe/7cw5Moo/rW0QR7dkJXmXEb/QG9mtjtoIFIhxHYyn0
F+jh8lmtKFZcoA5LxGBUJfXmwSDddhzxBj1t5j/BBQC4JSOLGVArlqeMtLIc5aM+
fYP4MFZUBH1BOWzh2HHajsC6DcyFzQE5VYf5Vum/l5ijvYqvt4+PBogfUsJJPqC6
ALZ5bwPhO+rYR3Fy+P3YhVi+eHnyHo2gOFqeqdW6gJQvaGZsdQBQsqyE8fQVpP2t
aa5VjiwDIcY68uVGTtAxIzy35ZEXiqbK/dazRY/o3Lt9kKlbo6G8St+08vTFVgQW
t7bdiHy+mHtHEhkM+eTzNbO51VNMNYVTRnU7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtVjGvvyyN7NcDpAFWAkDwBLKud4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90VmpHdnZ5eU43TmNEcEFG
V0FrRHdCTEt1ZDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAA0pftV6n4SDw6glxh+/S7F777hNf8BPjxer
sFfg5y41eXNT/ZZz+2NIQOVOzAa8Uw4avNtEpNG1yC4iviBtQfve0e1gl6XW5sOh
1JZz//HgjuHcsIqpsp9DqyrTji88tcW8qZGDcUNUyBK9MPXdZRoOnKmrlDtB78NH
6XhL73I85vKcVl9soaOt80F8MUAYe+lDgQHdlZwbWO0jiItdFA4S0LCWTSk72O1x
kolKJaVD0zuCvjwWtMT1cLkOPoAGa0YMQWlpZoIe8HeqkatXKNqx7PFg+YVy/kwF
0nYuOqQjY/q5lkZVMJCbdLeIgZ7sUbuEhMpbRMid01RYzeySoIg=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:07:46 2025 by rpki-client