Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/1TZN0NMrpXChh6R3E1bwVoK5DnA.roa
File: 1TZN0NMrpXChh6R3E1bwVoK5DnA.roa (raw, json)
Hash identifier: 4IJjfad4KE1dwQzcz4DMdHtRgqy3p2paypiGGoZrQn4=
Subject key identifier: D5:36:4D:D0:D3:2B:A5:70:A1:87:A4:77:13:56:F0:56:82:B9:0E:70
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04A2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1TZN0NMrpXChh6R3E1bwVoK5DnA.roa
Signing time: Tue 13 May 2025 06:08:04 +0000
ROA not before: Tue 13 May 2025 06:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1186 (0x4a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 06:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D5364DD0D32BA570A187A4771356F05682B90E70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:00:0e:2f:44:91:6c:85:10:7d:83:29:43:a5:
2a:e8:8f:2e:3d:3f:54:a6:09:1c:a8:72:81:4e:98:
37:9f:c5:24:da:55:c7:ff:1b:fc:25:4e:e8:39:7c:
58:fc:d6:b2:d3:13:b6:37:89:5d:c9:48:75:3a:c7:
c7:17:87:c8:90:9b:95:2a:d0:63:6a:39:33:9b:d2:
ae:a8:c7:b0:bb:c9:d4:25:ed:9d:fa:22:69:15:50:
37:2e:d5:a5:53:82:37:b5:3e:68:0a:84:4d:63:dc:
60:ef:20:94:2b:ee:e7:22:2a:24:38:ba:0e:48:5d:
0e:f6:eb:8a:90:fa:55:f3:8e:bf:46:3a:d3:8d:3d:
5c:2e:20:85:14:ef:bf:90:6b:ea:34:b2:23:a3:97:
2f:97:db:70:f4:5f:00:e7:2c:01:7f:bd:a0:44:3f:
ed:e7:d5:eb:dc:2c:e9:24:57:64:fa:4f:c7:d9:c8:
46:85:b1:bd:1a:53:8d:c5:2d:3a:7e:b9:2e:74:66:
ce:ad:b7:02:d3:1c:06:a5:6f:12:b8:fe:d2:aa:26:
4d:33:9b:8f:70:ac:54:3d:bb:d4:b9:80:cd:b9:06:
aa:d7:40:aa:d7:51:e0:a1:b8:34:b1:b9:f0:ef:31:
ef:8d:2a:76:29:90:5d:2a:02:7b:33:5e:88:ba:10:
87:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:36:4D:D0:D3:2B:A5:70:A1:87:A4:77:13:56:F0:56:82:B9:0E:70
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1TZN0NMrpXChh6R3E1bwVoK5DnA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:00:c0:8d:e4:67:9d:62:22:72:19:ba:4c:d3:09:6e:6f:4f:
4a:b3:fd:a6:55:e7:64:a0:5c:f9:e2:2d:0d:f0:25:40:7a:4c:
05:06:d4:e4:88:a2:b1:fc:05:f8:b9:2d:6c:b1:d1:b4:7b:68:
3d:5b:35:5b:b3:db:3a:c8:0f:3c:25:cb:82:9b:d6:63:7a:e9:
6f:85:e0:6c:6e:89:66:5c:f0:bd:13:a1:58:6a:9f:3d:99:a3:
b8:8d:57:b7:f4:0a:c1:f8:2a:a1:a3:2a:41:76:18:67:35:60:
20:2f:bb:c0:e9:0c:4d:e5:e9:df:71:6a:0b:32:76:35:58:aa:
59:02:13:9a:60:c5:8f:ed:55:8e:e8:04:e5:d2:b7:da:fb:17:
b7:e4:0e:c6:6b:e8:2d:71:b1:f7:f9:8f:bf:ee:d8:1c:7a:98:
ee:ce:2e:81:9b:b0:65:48:e3:54:37:62:39:b7:f4:8e:69:65:
eb:c7:0c:d4:51:33:17:48:83:c2:17:d8:04:32:20:aa:57:58:
33:06:ce:17:92:0e:53:90:cf:41:37:ac:ca:d7:77:63:65:ed:
9b:ba:b9:8d:e5:b0:b2:df:75:ab:2f:c2:7a:b4:f5:b2:9c:e9:
a7:68:56:d1:a6:fc:00:19:df:24:aa:20:da:8f:1e:91:e5:19:
61:bf:93:27
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBKIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NjA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ1MzY0REQwRDMyQkE1
NzBBMTg3QTQ3NzEzNTZGMDU2ODJCOTBFNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCeAA4vRJFshRB9gylDpSrojy49P1SmCRyocoFOmDefxSTaVcf/
G/wlTug5fFj81rLTE7Y3iV3JSHU6x8cXh8iQm5Uq0GNqOTOb0q6ox7C7ydQl7Z36
ImkVUDcu1aVTgje1PmgKhE1j3GDvIJQr7uciKiQ4ug5IXQ7264qQ+lXzjr9GOtON
PVwuIIUU77+Qa+o0siOjly+X23D0XwDnLAF/vaBEP+3n1evcLOkkV2T6T8fZyEaF
sb0aU43FLTp+uS50Zs6ttwLTHAalbxK4/tKqJk0zm49wrFQ9u9S5gM25BqrXQKrX
UeChuDSxufDvMe+NKnYpkF0qAnszXoi6EIctAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU1TZN0NMrpXChh6R3E1bwVoK5DnAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xVFpOME5NcnBYQ2hoNlIz
RTFid1ZvSzVEbkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIYAwI3kZ51iInIZukzTCW5vT0qz/aZV52Sg
XPniLQ3wJUB6TAUG1OSIorH8Bfi5LWyx0bR7aD1bNVuz2zrIDzwly4Kb1mN66W+F
4GxuiWZc8L0ToVhqnz2Zo7iNV7f0CsH4KqGjKkF2GGc1YCAvu8DpDE3l6d9xagsy
djVYqlkCE5pgxY/tVY7oBOXSt9r7F7fkDsZr6C1xsff5j7/u2Bx6mO7OLoGbsGVI
41Q3Yjm39I5pZevHDNRRMxdIg8IX2AQyIKpXWDMGzheSDlOQz0E3rMrXd2Nl7Zu6
uY3lsLLfdasvwnq09bKc6adoVtGm/AAZ3ySqINqPHpHlGWG/kyc=
-----END CERTIFICATE-----
Generated at Sun May 18 02:03:00 2025 by rpki-client