Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/49zu6PLIPJg85bhoVFWX-6Y_l1A.roa
File: 49zu6PLIPJg85bhoVFWX-6Y_l1A.roa (raw, json)
Hash identifier: YJooykK5HkOT+2PwNlQn5JS8dzCa7DXDruGMhpeKD6s=
Subject key identifier: E3:DC:EE:E8:F2:C8:3C:98:3C:E5:B8:68:54:55:97:FB:A6:3F:97:50
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 060E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/49zu6PLIPJg85bhoVFWX-6Y_l1A.roa
Signing time: Thu 15 May 2025 03:38:02 +0000
ROA not before: Thu 15 May 2025 03:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1550 (0x60e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 03:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E3DCEEE8F2C83C983CE5B868545597FBA63F9750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ad:c6:0b:9c:f0:3a:e2:91:0c:10:2b:7f:03:
fc:17:b1:d1:aa:65:b0:64:aa:cc:25:00:43:d7:3f:
35:e6:1f:a8:5d:30:3f:b2:78:e5:85:10:54:33:47:
a8:fa:dc:30:e3:52:c0:65:c7:18:16:77:9c:6e:f3:
f7:f4:57:4b:d5:ab:1a:61:f1:0a:d4:60:8d:74:92:
07:d0:92:1e:17:e0:08:0c:11:d7:f3:a5:ce:97:a5:
a7:26:d4:e0:91:89:67:5f:17:ac:91:5f:e3:e9:dc:
29:05:18:07:f5:b0:12:5f:49:5f:be:0e:81:7f:7d:
21:4e:f7:7d:4c:ba:03:bb:2c:ae:54:67:5d:59:98:
6e:b8:99:a4:09:29:de:86:f8:09:b9:66:84:d0:c9:
bd:2c:06:54:87:9c:ff:03:6e:34:23:49:7e:0c:d3:
08:21:1c:cd:ea:63:58:21:b4:2a:72:5b:29:11:61:
b9:f0:4c:f6:a2:b5:89:d0:2c:5f:9c:ff:e3:1e:de:
b5:52:e4:b7:3b:a7:15:b9:66:67:24:a0:5b:41:b5:
01:d9:c5:87:ba:84:dc:5d:eb:60:99:9b:b3:3c:63:
cf:51:ea:4d:28:76:83:99:d5:e4:57:21:45:84:f6:
67:38:c2:6e:89:a8:cd:4c:b5:44:3b:9a:77:05:b5:
ab:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DC:EE:E8:F2:C8:3C:98:3C:E5:B8:68:54:55:97:FB:A6:3F:97:50
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/49zu6PLIPJg85bhoVFWX-6Y_l1A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:1a:c1:22:76:1e:12:4d:dd:ea:a2:87:99:65:ba:19:b7:c2:
72:d6:76:74:78:1b:c1:fd:76:39:92:70:10:fe:99:10:23:0e:
8f:d9:1b:fb:3e:62:ff:cf:30:69:2d:af:cd:3f:f8:96:d3:4d:
4f:3d:b2:61:d1:0e:f3:14:c0:a7:6d:31:6f:9f:0f:db:74:24:
08:bc:f7:3e:0c:35:d5:51:f1:4e:81:cb:0c:a4:65:f5:29:f7:
bc:5e:75:84:d6:30:2a:f9:30:fe:80:76:0d:73:47:f9:a8:12:
e8:11:0a:eb:f5:d4:93:8a:a2:2f:69:53:e5:a5:e9:b4:18:56:
75:30:32:eb:84:c4:89:9c:6c:ee:cd:41:10:fd:76:1a:2d:f0:
aa:d4:d1:1c:30:0e:92:e3:6f:c3:e7:c4:d7:c8:5a:64:26:90:
d6:ff:d1:15:8a:6c:96:cc:e7:63:16:72:05:ad:e3:ae:43:aa:
89:65:0c:7b:81:fb:8d:b9:93:d6:52:90:b4:8e:29:44:d8:12:
75:cb:3a:dc:af:10:db:8e:06:bf:e5:60:a2:99:cf:ee:3f:e0:
f4:00:0a:b4:15:0e:b8:82:19:90:97:10:86:86:12:ea:56:d5:
28:86:56:76:1e:0a:54:97:f6:fa:94:17:9d:47:81:06:b8:61:
aa:05:f6:e4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBg4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MzM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUzRENFRUU4RjJDODND
OTgzQ0U1Qjg2ODU0NTU5N0ZCQTYzRjk3NTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVrcYLnPA64pEMECt/A/wXsdGqZbBkqswlAEPXPzXmH6hdMD+y
eOWFEFQzR6j63DDjUsBlxxgWd5xu8/f0V0vVqxph8QrUYI10kgfQkh4X4AgMEdfz
pc6Xpacm1OCRiWdfF6yRX+Pp3CkFGAf1sBJfSV++DoF/fSFO931MugO7LK5UZ11Z
mG64maQJKd6G+Am5ZoTQyb0sBlSHnP8DbjQjSX4M0wghHM3qY1ghtCpyWykRYbnw
TPaitYnQLF+c/+Me3rVS5Lc7pxW5ZmckoFtBtQHZxYe6hNxd62CZm7M8Y89R6k0o
doOZ1eRXIUWE9mc4wm6JqM1MtUQ7mncFtasxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU49zu6PLIPJg85bhoVFWX+6Y/l1AwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80OXp1NlBMSVBKZzg1Ymhv
VkZXWC02WV9sMUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEEawSJ2HhJN3eqih5lluhm3wnLWdnR4G8H9
djmScBD+mRAjDo/ZG/s+Yv/PMGktr80/+JbTTU89smHRDvMUwKdtMW+fD9t0JAi8
9z4MNdVR8U6BywykZfUp97xedYTWMCr5MP6Adg1zR/moEugRCuv11JOKoi9pU+Wl
6bQYVnUwMuuExImcbO7NQRD9dhot8KrU0RwwDpLjb8PnxNfIWmQmkNb/0RWKbJbM
52MWcgWt465DqollDHuB+425k9ZSkLSOKUTYEnXLOtyvENuOBr/lYKKZz+4/4PQA
CrQVDriCGZCXEIaGEupW1SiGVnYeClSX9vqUF51HgQa4YaoF9uQ=
-----END CERTIFICATE-----
Generated at Sun May 18 01:51:05 2025 by rpki-client