Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/w3YKW0dSrEO19VhjgJHMd4bRcSo.roa
File: w3YKW0dSrEO19VhjgJHMd4bRcSo.roa (raw, json)
Hash identifier: ijhl6z8vmNHvrPooJ9w7FPVyQUQ2dw5ghpWnN7L3hyc=
Subject key identifier: C3:76:0A:5B:47:52:AC:43:B5:F5:58:63:80:91:CC:77:86:D1:71:2A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CDE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/w3YKW0dSrEO19VhjgJHMd4bRcSo.roa
Signing time: Sat 24 May 2025 05:38:30 +0000
ROA not before: Sat 24 May 2025 05:38:30 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3294 (0xcde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 05:38:30 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C3760A5B4752AC43B5F558638091CC7786D1712A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:bd:b1:d2:64:69:1e:81:7d:e1:1f:c6:54:
82:b0:f6:ff:0e:cc:27:e4:06:c7:ec:76:06:07:d6:
8a:25:b4:8c:75:c2:86:8f:f2:40:9f:cf:4d:31:d2:
0f:d2:d8:36:4c:e0:bd:2d:f2:2f:63:a9:e0:3e:e4:
86:7c:f0:9c:b9:b6:87:02:26:28:4b:58:4e:30:ef:
77:ac:c0:6e:a5:db:50:c6:84:99:04:fb:c0:c4:a9:
5e:c4:01:4f:dd:29:9c:e2:a1:44:81:30:da:3d:08:
bd:41:74:a5:b1:1b:4f:d1:fb:cf:86:0c:ef:d7:08:
b0:50:97:b1:c4:a9:37:41:c4:00:10:88:9b:bd:30:
02:b2:77:e2:46:14:c5:b2:71:a2:44:59:e7:a0:5a:
14:b0:3d:58:2b:d9:11:5f:7c:00:4d:89:d8:96:69:
1c:53:d8:8e:f5:b9:b9:14:da:2b:cf:4a:fe:51:a0:
f9:57:5c:24:46:65:28:26:b1:96:f6:c5:15:e8:ed:
ef:bd:b8:c7:b1:2b:f3:40:33:d6:46:95:10:23:1c:
a7:37:93:a7:05:43:dc:f6:fe:b2:77:09:f0:55:a3:
d7:e7:00:58:84:83:ea:11:b3:99:5c:73:92:cb:ff:
76:bb:5b:5f:f0:71:73:e7:ba:ba:ea:42:7e:15:cd:
9e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:76:0A:5B:47:52:AC:43:B5:F5:58:63:80:91:CC:77:86:D1:71:2A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/w3YKW0dSrEO19VhjgJHMd4bRcSo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:03:38:66:66:d3:ba:ff:d5:69:d7:1c:3e:6b:5b:ae:68:8c:
95:e4:16:92:72:87:e7:f5:88:7f:d3:7f:1b:e5:a9:90:be:4e:
cc:7d:ae:ee:9f:ef:d4:d5:1d:c0:c8:f3:96:17:9d:6f:b7:53:
a7:5d:f2:04:23:ed:ea:71:6d:c8:cc:9d:3c:4a:cd:f6:5f:fe:
cf:6c:01:47:be:dd:a3:6b:03:b5:1a:09:a3:03:5d:e6:a1:73:
34:52:f1:eb:b9:32:8a:72:a4:88:3e:e5:1a:d4:93:59:62:10:
fa:a3:34:4f:80:b8:f4:ea:c5:55:40:8d:9e:e1:2c:59:36:79:
8b:4c:2f:55:b0:cd:14:df:61:5f:0d:32:47:e1:64:24:af:97:
36:19:59:17:17:4d:89:41:c3:9b:53:3b:cc:70:94:85:b4:b5:
49:4c:a5:45:ec:ba:95:49:43:d5:85:97:b2:02:38:41:4e:82:
d5:27:c3:6c:f3:c7:5f:8e:40:e2:fc:e8:ea:21:91:7f:6c:86:
1a:ba:d2:68:73:9c:85:f6:d2:c0:76:df:2a:8a:0a:5a:7b:c5:
02:a6:f0:71:96:ee:81:e1:8e:12:7e:88:da:71:0c:e5:ae:c5:
92:72:05:c8:d0:de:69:d5:74:ad:61:53:2a:fb:ae:5c:02:88:
c8:a3:3d:34
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQw
NTM4MzBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMzNzYwQTVCNDc1MkFD
NDNCNUY1NTg2MzgwOTFDQzc3ODZEMTcxMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3EL2x0mRpHoF94R/GVIKw9v8OzCfkBsfsdgYH1ooltIx1woaP
8kCfz00x0g/S2DZM4L0t8i9jqeA+5IZ88Jy5tocCJihLWE4w73eswG6l21DGhJkE
+8DEqV7EAU/dKZzioUSBMNo9CL1BdKWxG0/R+8+GDO/XCLBQl7HEqTdBxAAQiJu9
MAKyd+JGFMWycaJEWeegWhSwPVgr2RFffABNidiWaRxT2I71ubkU2ivPSv5RoPlX
XCRGZSgmsZb2xRXo7e+9uMexK/NAM9ZGlRAjHKc3k6cFQ9z2/rJ3CfBVo9fnAFiE
g+oRs5lcc5LL/3a7W1/wcXPnurrqQn4VzZ5dAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUw3YKW0dSrEO19VhjgJHMd4bRcSowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93M1lLVzBkU3JFTzE5Vmhq
Z0pITWQ0YlJjU28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK4DOGZm07r/1WnXHD5rW65ojJXkFpJyh+f1
iH/TfxvlqZC+Tsx9ru6f79TVHcDI85YXnW+3U6dd8gQj7epxbcjMnTxKzfZf/s9s
AUe+3aNrA7UaCaMDXeahczRS8eu5MopypIg+5RrUk1liEPqjNE+AuPTqxVVAjZ7h
LFk2eYtML1WwzRTfYV8NMkfhZCSvlzYZWRcXTYlBw5tTO8xwlIW0tUlMpUXsupVJ
Q9WFl7ICOEFOgtUnw2zzx1+OQOL86OohkX9shhq60mhznIX20sB23yqKClp7xQKm
8HGW7oHhjhJ+iNpxDOWuxZJyBcjQ3mnVdK1hUyr7rlwCiMijPTQ=
-----END CERTIFICATE-----
Generated at Fri Jun 20 17:50:16 2025 by rpki-client