Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-1hLyvKV9IGkrinoFNg-NjBiBgM.roa
File: -1hLyvKV9IGkrinoFNg-NjBiBgM.roa (raw, json)
Hash identifier: G8iCT+SbOn7UOv6j0IqXPc5QXdDKWeAZqIYGXZzIWZc=
Subject key identifier: FB:58:4B:CA:F2:95:F4:81:A4:AE:29:E8:14:D8:3E:36:30:62:06:03
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0326
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-1hLyvKV9IGkrinoFNg-NjBiBgM.roa
Signing time: Sun 11 May 2025 06:37:51 +0000
ROA not before: Sun 11 May 2025 06:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 806 (0x326)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 06:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FB584BCAF295F481A4AE29E814D83E3630620603
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ca:4e:90:16:ab:0e:7d:16:2c:d8:5c:f0:96:
69:00:9e:ee:f5:14:e1:ce:44:10:b1:f3:54:7c:ba:
db:df:d9:18:0b:67:c7:37:9b:67:9d:09:19:a8:1a:
d7:de:01:12:9a:71:3a:97:e6:6a:82:63:a0:8f:30:
3e:4e:ef:76:70:90:93:09:b3:aa:82:ff:c7:b4:40:
49:51:f1:c5:5d:1e:89:51:11:de:76:10:23:4a:df:
02:1b:c5:f9:7d:ab:ea:86:e1:d4:92:20:44:c5:7b:
af:9e:e3:b7:7f:09:92:e2:c7:d9:bf:25:b2:1f:25:
16:a1:97:7f:81:e2:4b:e1:f2:06:0e:cb:41:cb:f0:
ec:3d:f6:e2:a5:76:48:d7:4a:be:83:47:f1:56:24:
5f:63:d4:35:df:7e:8a:b1:1e:32:81:ca:e7:e6:da:
2c:02:37:ae:38:a4:fb:82:7f:48:04:96:17:e3:5f:
58:aa:a5:3e:56:fe:47:93:81:0c:c7:2e:6e:c2:bf:
0a:00:a8:04:e5:e8:47:73:2c:3f:4f:2e:3c:be:36:
1d:a5:bb:60:94:47:73:cf:3c:c2:d0:ad:7c:08:7d:
9e:02:d5:ba:51:9f:f4:d3:ed:2b:bd:60:f1:57:43:
d9:4f:23:cb:ec:08:19:9f:d1:16:5b:39:fd:f6:fd:
0d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:58:4B:CA:F2:95:F4:81:A4:AE:29:E8:14:D8:3E:36:30:62:06:03
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-1hLyvKV9IGkrinoFNg-NjBiBgM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:a5:95:f5:25:8e:55:26:80:d3:6a:d9:6a:d3:97:be:a2:bc:
db:7f:8a:97:be:39:92:87:37:3c:37:cd:3d:34:70:e8:03:e5:
75:4d:95:a8:b9:94:0a:97:52:b7:df:ec:ab:6e:9d:c5:5d:97:
06:4d:e3:40:96:11:57:fd:3f:a2:8b:ee:76:72:f5:d3:bf:85:
5b:48:84:7a:13:d5:9f:3c:b0:be:9d:60:6b:b8:2c:3b:a0:82:
45:79:c3:eb:19:55:ec:e6:e7:78:48:5b:4d:20:82:36:6d:a1:
c0:b1:9f:1c:b3:77:62:cc:94:a8:e1:cd:4b:70:cc:4b:be:5e:
42:e2:22:15:d3:a4:fc:9f:8e:7e:a8:f3:bb:14:f7:89:cb:d3:
ed:1d:e3:3b:3b:99:cd:1a:eb:9d:3d:f8:de:52:8e:92:e1:6e:
52:d7:ab:08:b7:63:9f:30:fc:a7:28:79:86:07:d7:94:c0:44:
d0:09:91:1c:a6:0b:df:1b:3f:4d:0d:d8:7e:0a:8e:ce:1d:fb:
14:c1:43:0b:de:c6:cf:ba:7c:09:27:e9:b0:fb:5f:a5:7b:42:
7d:26:2b:e2:b3:b3:e3:d4:07:37:9e:0f:c0:28:d3:f3:69:04:
f9:33:14:0f:d3:7f:4d:d2:00:73:5c:fb:07:67:f5:4f:98:02:
e2:ee:ee:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
NjM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZCNTg0QkNBRjI5NUY0
ODFBNEFFMjlFODE0RDgzRTM2MzA2MjA2MDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnyk6QFqsOfRYs2FzwlmkAnu71FOHORBCx81R8utvf2RgLZ8c3
m2edCRmoGtfeARKacTqX5mqCY6CPMD5O73ZwkJMJs6qC/8e0QElR8cVdHolREd52
ECNK3wIbxfl9q+qG4dSSIETFe6+e47d/CZLix9m/JbIfJRahl3+B4kvh8gYOy0HL
8Ow99uKldkjXSr6DR/FWJF9j1DXffoqxHjKByufm2iwCN644pPuCf0gElhfjX1iq
pT5W/keTgQzHLm7CvwoAqATl6EdzLD9PLjy+Nh2lu2CUR3PPPMLQrXwIfZ4C1bpR
n/TT7Su9YPFXQ9lPI8vsCBmf0RZbOf32/Q0dAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+1hLyvKV9IGkrinoFNg+NjBiBgMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tMWhMeXZLVjlJR2tyaW5v
Rk5nLU5qQmlCZ00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGOllfUljlUmgNNq2WrTl76ivNt/ipe+OZKH
Nzw3zT00cOgD5XVNlai5lAqXUrff7KtuncVdlwZN40CWEVf9P6KL7nZy9dO/hVtI
hHoT1Z88sL6dYGu4LDuggkV5w+sZVezm53hIW00ggjZtocCxnxyzd2LMlKjhzUtw
zEu+XkLiIhXTpPyfjn6o87sU94nL0+0d4zs7mc0a6509+N5SjpLhblLXqwi3Y58w
/KcoeYYH15TARNAJkRymC98bP00N2H4Kjs4d+xTBQwvexs+6fAkn6bD7X6V7Qn0m
K+Kzs+PUBzeeD8Ao0/NpBPkzFA/Tf03SAHNc+wdn9U+YAuLu7iw=
-----END CERTIFICATE-----
Generated at Sun May 18 04:50:48 2025 by rpki-client