Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4Bdeed02OSpjjg-MU7r4Lp9FCBA.roa
File: 4Bdeed02OSpjjg-MU7r4Lp9FCBA.roa (raw, json)
Hash identifier: Qu8LpK1GcIqGxdk1/QH73/lRFIQXaQtdZA2XYD3i0SU=
Subject key identifier: E0:17:5E:79:DD:36:39:2A:63:8E:0F:8C:53:BA:F8:2E:9F:45:08:10
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 023A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4Bdeed02OSpjjg-MU7r4Lp9FCBA.roa
Signing time: Sat 10 May 2025 01:07:49 +0000
ROA not before: Sat 10 May 2025 01:07:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 570 (0x23a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 01:07:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E0175E79DD36392A638E0F8C53BAF82E9F450810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7e:22:bc:93:f6:80:24:9f:9f:08:cf:f3:2e:
e4:13:21:15:bd:a9:b4:86:72:9b:93:4c:58:9d:16:
d4:a7:ac:62:d5:fe:8c:18:08:7a:2d:b3:32:f5:7e:
c3:21:82:40:03:fb:d9:7f:c0:4a:c3:7e:7e:09:89:
b3:d9:ff:21:4e:dc:71:be:e0:7a:56:74:97:74:23:
24:31:66:84:3d:8c:1c:2f:ac:14:d0:5c:72:6e:28:
97:fd:8f:32:37:3c:4e:03:92:02:6a:a0:e5:b4:13:
ea:9a:df:6b:b2:b8:f8:1e:c3:93:72:20:68:4f:b2:
be:5e:d2:a2:3a:42:97:1e:1c:e7:b4:a2:6d:a4:bc:
68:06:6a:9a:b9:55:e2:84:5c:d4:df:fb:43:b3:8c:
53:8e:6d:67:5b:fe:ad:bb:5a:05:2a:05:36:9f:fe:
73:02:99:05:ad:8c:a1:8a:a6:2a:bc:b0:0b:a9:11:
c6:64:4a:72:56:90:25:69:c4:5f:91:da:aa:ed:fd:
17:eb:dd:c7:ef:49:89:ea:d3:ba:9a:66:70:7b:92:
8d:87:a8:38:d7:33:c7:12:df:f9:3f:b8:c3:3c:2d:
9e:bb:a7:4d:8d:b3:01:67:5f:b6:8e:7b:92:7e:78:
ad:2b:3f:dd:bd:43:d8:cf:b5:34:3e:d0:34:2f:2d:
0d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:17:5E:79:DD:36:39:2A:63:8E:0F:8C:53:BA:F8:2E:9F:45:08:10
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4Bdeed02OSpjjg-MU7r4Lp9FCBA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:de:6b:bc:11:29:ac:02:08:ac:71:67:0f:b6:60:cd:cb:44:
04:48:a3:d0:11:86:68:13:5c:a2:8a:e5:82:48:61:74:6d:15:
09:4a:a4:60:35:40:4c:86:5f:3b:f4:2f:57:84:28:6f:11:63:
58:3e:15:11:21:41:7e:24:a1:a3:ed:14:27:11:b3:98:23:96:
f8:90:d3:98:2f:48:71:a6:a7:74:62:07:9b:dd:a2:f9:70:f1:
bb:95:4b:c6:bd:f6:de:b8:ee:3a:ad:77:44:af:d4:6c:c4:9a:
9e:ba:13:77:e9:9c:c4:1c:35:e7:85:d3:0f:af:87:bb:21:b5:
dd:2b:5a:9e:ad:1a:d1:8a:58:3a:9e:bc:11:2d:8b:5d:2c:14:
e4:10:d0:77:27:2c:54:27:1c:84:36:bd:9f:13:b1:f2:15:6d:
08:7f:97:58:fb:5a:44:52:1a:46:1c:4d:a0:d8:a3:f7:5c:ba:
8f:1d:0f:6d:f6:f4:92:49:0e:95:36:c7:03:79:bb:cf:e7:e5:
49:74:0f:e1:cc:33:2d:ea:32:1b:cf:a6:25:9b:74:d4:35:d2:
08:51:51:f3:92:a8:3a:d6:96:2f:bb:d6:2b:15:83:35:0a:31:
5c:ad:67:3d:bf:9b:a2:0b:9e:9b:16:ba:35:f4:d4:fa:e4:8a:
ac:b7:d6:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
MTA3NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUwMTc1RTc5REQzNjM5
MkE2MzhFMEY4QzUzQkFGODJFOUY0NTA4MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCfiK8k/aAJJ+fCM/zLuQTIRW9qbSGcpuTTFidFtSnrGLV/owY
CHotszL1fsMhgkAD+9l/wErDfn4JibPZ/yFO3HG+4HpWdJd0IyQxZoQ9jBwvrBTQ
XHJuKJf9jzI3PE4DkgJqoOW0E+qa32uyuPgew5NyIGhPsr5e0qI6QpceHOe0om2k
vGgGapq5VeKEXNTf+0OzjFOObWdb/q27WgUqBTaf/nMCmQWtjKGKpiq8sAupEcZk
SnJWkCVpxF+R2qrt/Rfr3cfvSYnq07qaZnB7ko2HqDjXM8cS3/k/uMM8LZ67p02N
swFnX7aOe5J+eK0rP929Q9jPtTQ+0DQvLQ0lAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4Bdeed02OSpjjg+MU7r4Lp9FCBAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80QmRlZWQwMk9TcGpqZy1N
VTdyNExwOUZDQkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEjea7wRKawCCKxxZw+2YM3LRARIo9ARhmgT
XKKK5YJIYXRtFQlKpGA1QEyGXzv0L1eEKG8RY1g+FREhQX4koaPtFCcRs5gjlviQ
05gvSHGmp3RiB5vdovlw8buVS8a99t647jqtd0Sv1GzEmp66E3fpnMQcNeeF0w+v
h7shtd0rWp6tGtGKWDqevBEti10sFOQQ0HcnLFQnHIQ2vZ8TsfIVbQh/l1j7WkRS
GkYcTaDYo/dcuo8dD2329JJJDpU2xwN5u8/n5Ul0D+HMMy3qMhvPpiWbdNQ10ghR
UfOSqDrWli+71isVgzUKMVytZz2/m6ILnpsWujX01Prkiqy31lM=
-----END CERTIFICATE-----
Generated at Sun May 18 04:49:58 2025 by rpki-client