Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-d1_xkYR9R4oWZerSqjpbUg88vg.roa
File: -d1_xkYR9R4oWZerSqjpbUg88vg.roa (raw, json)
Hash identifier: hStaX4lWEqWocHl9Bw0jAwF/gk971HTXVB+JdkJyd9c=
Subject key identifier: F9:DD:7F:C6:46:11:F5:1E:28:59:97:AB:4A:A8:E9:6D:48:3C:F2:F8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 050E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-d1_xkYR9R4oWZerSqjpbUg88vg.roa
Signing time: Tue 13 May 2025 19:37:59 +0000
ROA not before: Tue 13 May 2025 19:37:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1294 (0x50e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 19:37:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F9DD7FC64611F51E285997AB4AA8E96D483CF2F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:36:e0:7a:39:91:d0:34:cf:c9:30:63:cb:28:
ed:41:e1:80:58:88:6a:e3:38:64:e7:66:19:c7:3f:
ce:31:ce:0a:d9:25:fc:9a:c6:84:92:50:d0:05:ab:
13:4a:b2:ad:9b:f1:51:2f:c6:40:2c:54:bc:df:f9:
3d:e1:38:83:1b:4f:40:59:25:57:be:f0:89:15:d8:
24:e3:fe:fc:7f:34:d2:32:e8:b5:96:30:8d:5c:ac:
af:2c:9b:ac:a6:70:ff:77:34:44:63:6a:a0:8a:36:
db:b9:5e:81:1f:24:5a:ff:21:46:16:bb:a8:a8:a7:
e7:11:10:29:19:86:90:7b:c1:9f:80:25:96:ec:ac:
6b:7d:4e:ab:32:80:f0:e3:25:fb:69:0c:e8:67:a1:
f6:af:22:5a:37:59:06:64:de:0c:87:db:1f:03:d2:
10:cb:75:25:01:8b:b8:2b:23:67:88:c0:6d:38:13:
d6:05:57:ca:49:ce:66:9a:fa:4c:0e:13:ed:1f:ca:
b4:ba:9c:f9:4f:ca:cc:8c:5b:8a:38:e7:03:cc:61:
ec:9d:3f:0a:d9:7b:bd:d6:40:f7:de:18:7a:b8:eb:
31:f0:8f:a4:cb:8f:fe:ff:15:8f:bb:77:b1:a8:b1:
f5:3a:51:71:02:bf:42:65:03:8c:57:81:de:6b:ff:
23:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DD:7F:C6:46:11:F5:1E:28:59:97:AB:4A:A8:E9:6D:48:3C:F2:F8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-d1_xkYR9R4oWZerSqjpbUg88vg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:5e:3b:f5:d8:ff:3c:ce:22:c9:29:6e:77:3a:de:2c:43:c0:
08:eb:e1:73:c9:b3:3b:38:87:85:24:f7:ec:e8:53:c0:86:e2:
0c:ff:27:96:9b:5b:64:93:73:8d:a5:a5:55:fb:ff:75:5c:7d:
6d:8c:9f:3c:e4:23:3a:50:0d:d8:ee:ed:15:d9:26:69:10:1e:
93:5a:88:0d:95:e9:3c:01:f0:ce:b6:2c:60:a4:fa:20:cc:d6:
c5:a6:a6:a5:e7:08:79:8b:ef:dd:b7:38:75:b4:d6:bd:34:15:
8c:c4:ba:79:1f:23:b1:50:74:b9:f8:1c:a5:71:c6:80:44:64:
d8:3b:7d:b5:7b:9b:26:18:6e:19:92:a0:27:cc:a4:3c:65:f1:
a2:0c:49:cf:91:07:c8:2a:ad:30:f0:fc:95:e8:80:ec:3d:99:
83:f5:19:5e:74:65:cb:e3:1f:1c:f5:ca:e3:94:64:4d:10:70:
d4:35:28:55:c8:2e:8b:78:a1:0c:b1:f3:b8:af:a2:26:11:84:
55:e3:7f:06:ba:cd:9e:0d:10:70:2c:aa:34:d8:a3:39:4e:e1:
6d:df:36:d4:71:5c:62:3a:6c:a8:5d:29:e0:11:09:0b:40:03:
e8:62:1f:14:4a:a3:88:0e:bf:10:15:be:e7:11:33:5c:af:89:
04:08:a7:9a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBQ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
OTM3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5REQ3RkM2NDYxMUY1
MUUyODU5OTdBQjRBQThFOTZENDgzQ0YyRjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRNuB6OZHQNM/JMGPLKO1B4YBYiGrjOGTnZhnHP84xzgrZJfya
xoSSUNAFqxNKsq2b8VEvxkAsVLzf+T3hOIMbT0BZJVe+8IkV2CTj/vx/NNIy6LWW
MI1crK8sm6ymcP93NERjaqCKNtu5XoEfJFr/IUYWu6iop+cRECkZhpB7wZ+AJZbs
rGt9TqsygPDjJftpDOhnofavIlo3WQZk3gyH2x8D0hDLdSUBi7grI2eIwG04E9YF
V8pJzmaa+kwOE+0fyrS6nPlPysyMW4o45wPMYeydPwrZe73WQPfeGHq46zHwj6TL
j/7/FY+7d7GosfU6UXECv0JlA4xXgd5r/yPDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+d1/xkYR9R4oWZerSqjpbUg88vgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tZDFfeGtZUjlSNG9XWmVy
U3FqcGJVZzg4dmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIBeO/XY/zzOIskpbnc63ixDwAjr4XPJszs4
h4Uk9+zoU8CG4gz/J5abW2STc42lpVX7/3VcfW2MnzzkIzpQDdju7RXZJmkQHpNa
iA2V6TwB8M62LGCk+iDM1sWmpqXnCHmL7923OHW01r00FYzEunkfI7FQdLn4HKVx
xoBEZNg7fbV7myYYbhmSoCfMpDxl8aIMSc+RB8gqrTDw/JXogOw9mYP1GV50Zcvj
Hxz1yuOUZE0QcNQ1KFXILot4oQyx87ivoiYRhFXjfwa6zZ4NEHAsqjTYozlO4W3f
NtRxXGI6bKhdKeARCQtAA+hiHxRKo4gOvxAVvucRM1yviQQIp5o=
-----END CERTIFICATE-----
Generated at Sat May 17 20:00:49 2025 by rpki-client