Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tikY9OThSwj63klDXYbEnvlqPYo.roa
File: tikY9OThSwj63klDXYbEnvlqPYo.roa (raw, json)
Hash identifier: NuafVY34tSG1MbbYWk2LBRUMfzDBjHahAWo4hWASFVE=
Subject key identifier: B6:29:18:F4:E4:E1:4B:08:FA:DE:49:43:5D:86:C4:9E:F9:6A:3D:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0692
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tikY9OThSwj63klDXYbEnvlqPYo.roa
Signing time: Thu 15 May 2025 20:08:03 +0000
ROA not before: Thu 15 May 2025 20:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1682 (0x692)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 20:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B62918F4E4E14B08FADE49435D86C49EF96A3D8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ae:15:5e:72:b3:d0:fb:0c:1d:0c:82:de:38:
67:41:07:8d:81:1a:5d:32:24:e6:24:98:93:78:e9:
93:48:fb:9e:4f:41:6d:6d:8c:1a:96:f5:90:8b:27:
97:f0:65:15:82:b7:55:66:2f:01:42:14:4f:fc:ba:
7d:73:54:f0:64:9b:7c:ce:84:3a:16:d3:75:a7:23:
7b:83:f5:b8:cc:0b:03:af:d2:3d:7f:ab:9c:b0:19:
12:b6:70:81:82:0a:a1:51:54:2a:49:c5:91:50:f6:
59:aa:d3:b1:0d:f2:b6:1c:78:a9:ec:be:ee:bf:54:
59:81:0f:f4:cc:e8:2b:95:db:e1:19:30:bc:ab:38:
c6:58:8d:71:fd:31:f4:d9:28:8a:2b:4c:30:8e:b0:
82:40:ba:cf:95:1f:d1:96:75:74:ab:3c:54:1a:4b:
c8:55:07:b0:fc:3c:c2:f7:ab:3f:da:c7:27:e6:88:
05:5d:32:d0:e4:58:96:a4:fd:dc:a2:05:ac:8c:fa:
aa:92:e5:71:d0:39:c6:2f:29:d7:5d:8e:65:2b:47:
07:3f:11:cf:f7:cf:fd:89:b2:91:5f:a0:96:50:b7:
f5:3d:e9:cd:11:73:78:55:cf:b8:26:53:50:53:19:
e8:2b:b6:49:51:ec:49:93:fc:65:ed:04:ee:d2:fb:
90:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:29:18:F4:E4:E1:4B:08:FA:DE:49:43:5D:86:C4:9E:F9:6A:3D:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tikY9OThSwj63klDXYbEnvlqPYo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:45:69:8c:69:51:f6:1e:eb:85:d3:fb:27:f3:f8:ba:6a:be:
c9:fc:86:33:d0:21:38:80:13:22:4e:43:13:29:41:b5:71:ba:
90:08:9a:e5:98:58:2a:e5:9f:94:70:97:49:b9:e5:9a:91:39:
dd:99:82:6c:41:ac:9c:fd:15:f1:bd:e7:a2:83:6f:55:65:0d:
60:25:c8:16:a5:98:e6:9e:16:95:07:11:2f:59:e8:e5:d3:b7:
f9:ea:3e:4f:8b:d0:31:39:78:46:ea:3f:0f:45:9d:87:59:93:
d6:97:65:6b:86:35:71:f5:de:a1:60:d2:45:40:69:58:80:1a:
54:52:e2:62:42:28:e9:d0:a8:e5:90:5f:09:66:f2:0c:73:0d:
ce:74:66:2b:6f:d7:db:68:ef:71:ff:56:9d:14:7e:6c:62:16:
57:21:e9:0c:0e:01:e5:97:8c:16:47:04:78:c8:63:2a:68:01:
ef:5c:c6:26:7e:05:43:5f:0e:b2:25:9c:b6:00:13:e6:2d:84:
a8:fc:02:d2:0d:11:6e:ba:70:a0:f2:aa:15:a9:0c:80:13:cf:
75:bb:68:18:5c:c7:24:d0:c8:df:0c:a8:d3:6c:8e:e5:68:0f:
6f:48:61:69:44:0f:40:8c:28:88:81:8f:73:43:24:70:a1:9f:
c8:48:16:a4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBpIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MDA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI2MjkxOEY0RTRFMTRC
MDhGQURFNDk0MzVEODZDNDlFRjk2QTNEOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnrhVecrPQ+wwdDILeOGdBB42BGl0yJOYkmJN46ZNI+55PQW1t
jBqW9ZCLJ5fwZRWCt1VmLwFCFE/8un1zVPBkm3zOhDoW03WnI3uD9bjMCwOv0j1/
q5ywGRK2cIGCCqFRVCpJxZFQ9lmq07EN8rYceKnsvu6/VFmBD/TM6CuV2+EZMLyr
OMZYjXH9MfTZKIorTDCOsIJAus+VH9GWdXSrPFQaS8hVB7D8PML3qz/axyfmiAVd
MtDkWJak/dyiBayM+qqS5XHQOcYvKdddjmUrRwc/Ec/3z/2JspFfoJZQt/U96c0R
c3hVz7gmU1BTGegrtklR7EmT/GXtBO7S+5DBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtikY9OThSwj63klDXYbEnvlqPYowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90aWtZOU9UaFN3ajYza2xE
WFliRW52bHFQWW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAdFaYxpUfYe64XT+yfz+Lpqvsn8hjPQITiA
EyJOQxMpQbVxupAImuWYWCrln5Rwl0m55ZqROd2ZgmxBrJz9FfG956KDb1VlDWAl
yBalmOaeFpUHES9Z6OXTt/nqPk+L0DE5eEbqPw9FnYdZk9aXZWuGNXH13qFg0kVA
aViAGlRS4mJCKOnQqOWQXwlm8gxzDc50Zitv19to73H/Vp0UfmxiFlch6QwOAeWX
jBZHBHjIYypoAe9cxiZ+BUNfDrIlnLYAE+YthKj8AtINEW66cKDyqhWpDIATz3W7
aBhcxyTQyN8MqNNsjuVoD29IYWlED0CMKIiBj3NDJHChn8hIFqQ=
-----END CERTIFICATE-----
Generated at Sat Jun 21 15:27:52 2025 by rpki-client