Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/3X2mFqjXebO-S8h6olk8Dh2xmrU.roa
File: 3X2mFqjXebO-S8h6olk8Dh2xmrU.roa (raw, json)
Hash identifier: ww6bC7E6GVxHay7U1ebQZj4AmiLdQaM2hXThI2sgbWw=
Subject key identifier: DD:7D:A6:16:A8:D7:79:B3:BE:4B:C8:7A:A2:59:3C:0E:1D:B1:9A:B5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01EA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3X2mFqjXebO-S8h6olk8Dh2xmrU.roa
Signing time: Fri 09 May 2025 15:08:15 +0000
ROA not before: Fri 09 May 2025 15:08:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 490 (0x1ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 15:08:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DD7DA616A8D779B3BE4BC87AA2593C0E1DB19AB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ce:96:40:89:ae:a8:af:bf:07:48:5d:0c:5d:
c6:e3:e6:5f:fd:49:82:e4:94:59:d6:f7:2f:f9:2d:
5f:56:81:9a:cf:fc:fd:b5:47:25:bb:77:57:63:bf:
70:ff:59:5a:14:ef:5c:60:f3:02:5d:f4:81:80:fc:
eb:48:48:7c:6d:47:f6:48:98:ec:61:68:df:fe:55:
33:1c:98:3f:fe:1b:ff:32:e9:cd:7b:17:50:66:cf:
e4:f3:de:26:be:2e:4d:38:19:00:03:96:0f:d2:1f:
00:89:33:bf:3a:b3:32:3e:22:8d:69:7f:dc:87:10:
b9:44:92:69:d5:8f:51:28:03:fd:4e:c7:e2:37:e8:
cb:ea:7d:6d:7d:24:83:d6:b4:49:64:fb:93:f7:48:
3c:4f:95:d3:52:fe:67:0e:8a:0a:86:75:51:41:c0:
0b:f0:c0:d9:e7:af:c1:ad:55:0e:bb:74:c4:c3:d6:
48:cd:e5:9b:6b:f3:48:9e:90:e6:f3:6c:d6:fb:58:
ac:7c:63:b0:db:1a:d9:06:f8:28:8d:95:85:cc:eb:
a0:66:95:74:24:d3:6c:84:30:51:83:bf:61:42:da:
ae:b0:9d:38:13:7d:19:66:89:08:f4:05:e0:c7:08:
2b:d8:c3:64:99:40:79:78:35:81:5f:8a:36:4b:66:
c7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7D:A6:16:A8:D7:79:B3:BE:4B:C8:7A:A2:59:3C:0E:1D:B1:9A:B5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3X2mFqjXebO-S8h6olk8Dh2xmrU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:c6:0f:62:6e:40:45:46:fa:ef:ff:70:d8:3e:b5:f0:67:73:
ef:a5:48:c4:a7:13:64:51:25:fc:7b:b9:ff:b8:24:67:19:12:
33:86:55:58:4d:98:ec:65:07:f6:02:67:6a:58:59:a7:be:c1:
85:b7:9e:41:a3:b3:ce:b6:a7:09:a6:df:e7:49:82:37:89:a8:
ed:e5:3b:d6:6b:f0:2c:43:4e:cd:14:c9:49:79:bd:a0:87:0b:
99:67:4f:3e:af:bc:0d:b4:93:7c:da:11:b6:93:19:be:61:e4:
0b:06:f3:5e:53:78:d2:ec:4e:1e:08:9f:70:50:0c:9c:4d:a5:
0e:97:5c:0f:5d:a7:67:63:06:b8:f9:75:09:26:67:e2:a3:b7:
1f:f9:ab:fc:d8:e5:6c:bb:ad:bc:d8:f4:2b:a2:2a:cd:99:60:
91:c2:31:2b:33:32:29:70:73:15:ad:f9:e9:70:0f:ab:67:4c:
f8:e4:b0:ec:29:fe:d9:68:ce:bb:7d:fe:1c:9e:80:05:58:68:
9e:ab:76:8f:bc:fb:2f:cf:3c:e4:3f:be:cc:81:79:ad:1a:98:
70:20:15:b6:17:70:e9:93:0e:af:6a:2f:bb:9f:cb:7d:71:70:
47:a2:23:00:13:f9:a5:94:11:fb:3c:63:48:05:8a:46:d2:bc:
39:04:1f:ac
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
NTA4MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEREN0RBNjE2QThENzc5
QjNCRTRCQzg3QUEyNTkzQzBFMURCMTlBQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKzpZAia6or78HSF0MXcbj5l/9SYLklFnW9y/5LV9WgZrP/P21
RyW7d1djv3D/WVoU71xg8wJd9IGA/OtISHxtR/ZImOxhaN/+VTMcmD/+G/8y6c17
F1Bmz+Tz3ia+Lk04GQADlg/SHwCJM786szI+Io1pf9yHELlEkmnVj1EoA/1Ox+I3
6MvqfW19JIPWtElk+5P3SDxPldNS/mcOigqGdVFBwAvwwNnnr8GtVQ67dMTD1kjN
5Ztr80iekObzbNb7WKx8Y7DbGtkG+CiNlYXM66BmlXQk02yEMFGDv2FC2q6wnTgT
fRlmiQj0BeDHCCvYw2SZQHl4NYFfijZLZsc3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3X2mFqjXebO+S8h6olk8Dh2xmrUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zWDJtRnFqWGViTy1TOGg2
b2xrOERoMnhtclUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAC3GD2JuQEVG+u//cNg+tfBnc++lSMSnE2RR
Jfx7uf+4JGcZEjOGVVhNmOxlB/YCZ2pYWae+wYW3nkGjs862pwmm3+dJgjeJqO3l
O9Zr8CxDTs0UyUl5vaCHC5lnTz6vvA20k3zaEbaTGb5h5AsG815TeNLsTh4In3BQ
DJxNpQ6XXA9dp2djBrj5dQkmZ+Kjtx/5q/zY5Wy7rbzY9CuiKs2ZYJHCMSszMilw
cxWt+elwD6tnTPjksOwp/tlozrt9/hyegAVYaJ6rdo+8+y/PPOQ/vsyBea0amHAg
FbYXcOmTDq9qL7ufy31xcEeiIwAT+aWUEfs8Y0gFikbSvDkEH6w=
-----END CERTIFICATE-----
Generated at Sat May 17 19:34:12 2025 by rpki-client