Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0zR4NrXU-NKFjh6P2xcyQsfROvI.roa
File: 0zR4NrXU-NKFjh6P2xcyQsfROvI.roa (raw, json)
Hash identifier: gOfjP0Wq0/ArduKFvFWXezsq/7UqpSOnei1ts6TeglA=
Subject key identifier: D3:34:78:36:B5:D4:F8:D2:85:8E:1E:8F:DB:17:32:42:C7:D1:3A:F2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07E6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0zR4NrXU-NKFjh6P2xcyQsfROvI.roa
Signing time: Sat 17 May 2025 14:38:08 +0000
ROA not before: Sat 17 May 2025 14:38:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2022 (0x7e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 14:38:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D3347836B5D4F8D2858E1E8FDB173242C7D13AF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c0:3b:07:ef:a9:eb:c1:1b:c8:9a:a4:97:7c:
5e:62:e9:9c:4d:2c:3a:ed:3b:60:34:a1:d0:0a:01:
c0:7e:56:33:6d:07:2d:03:8e:83:4c:40:da:46:06:
85:d4:e4:44:39:9c:d3:95:6c:b8:66:80:ea:6e:14:
8d:26:8e:83:94:54:e3:95:2f:dc:0a:23:1d:2d:31:
df:98:64:48:f5:8a:ad:03:53:1b:d2:dd:5b:19:5e:
0d:19:cb:0b:15:1c:b9:2b:de:a3:d2:27:8f:a6:f5:
ba:87:75:25:2a:3c:45:16:1f:8f:19:2d:31:70:ef:
82:f4:dc:3d:2f:5c:f8:a5:91:2c:3c:f9:71:cf:a5:
0b:e7:d4:90:a7:22:cb:7f:49:95:ff:1d:b3:12:eb:
ca:f3:42:12:ba:d6:5e:6f:b2:50:02:4c:e2:48:28:
21:75:7b:be:c5:b0:ef:b7:4c:62:17:7a:0b:45:98:
c4:37:37:33:83:d1:50:06:cc:2d:37:83:7a:65:2a:
06:3a:a1:fa:95:23:4f:96:a1:fc:3b:b8:3a:75:d1:
e2:fc:53:2a:03:9b:9b:0a:60:af:ad:52:c5:20:e9:
4a:4e:34:aa:18:a0:b7:30:3b:6d:87:64:0e:c2:ba:
0d:e8:a6:dd:08:71:07:10:f5:4b:1d:66:8b:17:bf:
82:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:34:78:36:B5:D4:F8:D2:85:8E:1E:8F:DB:17:32:42:C7:D1:3A:F2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0zR4NrXU-NKFjh6P2xcyQsfROvI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:b0:80:03:2f:fd:f5:6f:65:89:af:80:20:27:c7:dd:94:9f:
dc:08:fb:15:9f:d9:12:56:43:2a:e3:f4:de:0e:b8:28:70:0a:
92:f9:46:9e:eb:a3:0f:4d:e3:19:42:12:83:ff:f9:ba:24:d0:
79:e8:87:8f:63:40:d5:41:35:ba:1e:30:4e:52:ee:55:d0:08:
7b:0d:02:ea:48:bc:05:7e:ac:1f:18:c8:a0:3e:bd:81:8b:32:
5f:66:a0:90:7e:3a:0f:34:9a:89:f3:86:18:fc:80:51:6d:b6:
1f:c0:cb:21:56:f5:dd:a1:29:6a:77:84:5b:50:34:88:d7:c8:
44:24:ba:6f:3b:17:67:77:31:0f:a0:9a:bf:72:25:37:ae:4b:
42:1e:9b:f6:66:f8:d9:1e:72:28:74:ea:47:cd:76:d8:90:d5:
fd:13:e5:ab:5c:8a:08:ed:fa:fd:64:02:43:bb:ce:90:20:d0:
0c:1f:58:fc:b4:91:af:1c:47:71:5f:ec:b2:f2:9d:cf:2d:2a:
a2:c5:9a:ab:19:74:f3:29:a2:3f:1e:06:d8:4b:e0:26:3c:13:
77:86:c7:36:d5:7e:db:22:2c:07:6d:b7:c1:f4:eb:03:77:5e:
b2:1d:1d:d8:27:5a:0c:98:11:69:15:df:97:ba:a5:f6:65:19:
50:6d:dc:62
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
NDM4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQzMzQ3ODM2QjVENEY4
RDI4NThFMUU4RkRCMTczMjQyQzdEMTNBRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkwDsH76nrwRvImqSXfF5i6ZxNLDrtO2A0odAKAcB+VjNtBy0D
joNMQNpGBoXU5EQ5nNOVbLhmgOpuFI0mjoOUVOOVL9wKIx0tMd+YZEj1iq0DUxvS
3VsZXg0ZywsVHLkr3qPSJ4+m9bqHdSUqPEUWH48ZLTFw74L03D0vXPilkSw8+XHP
pQvn1JCnIst/SZX/HbMS68rzQhK61l5vslACTOJIKCF1e77FsO+3TGIXegtFmMQ3
NzOD0VAGzC03g3plKgY6ofqVI0+Wofw7uDp10eL8UyoDm5sKYK+tUsUg6UpONKoY
oLcwO22HZA7Cug3opt0IcQcQ9UsdZosXv4IrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0zR4NrXU+NKFjh6P2xcyQsfROvIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8welI0TnJYVS1OS0ZqaDZQ
MnhjeVFzZlJPdkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ+wgAMv/fVvZYmvgCAnx92Un9wI+xWf2RJW
Qyrj9N4OuChwCpL5Rp7row9N4xlCEoP/+bok0Hnoh49jQNVBNboeME5S7lXQCHsN
AupIvAV+rB8YyKA+vYGLMl9moJB+Og80monzhhj8gFFtth/AyyFW9d2hKWp3hFtQ
NIjXyEQkum87F2d3MQ+gmr9yJTeuS0Iem/Zm+Nkecih06kfNdtiQ1f0T5atcigjt
+v1kAkO7zpAg0AwfWPy0ka8cR3Ff7LLync8tKqLFmqsZdPMpoj8eBthL4CY8E3eG
xzbVftsiLAdtt8H06wN3XrIdHdgnWgyYEWkV35e6pfZlGVBt3GI=
-----END CERTIFICATE-----
Generated at Sun May 18 01:53:07 2025 by rpki-client