Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4Uq_Yep4T_2E8C4Gv9dvXTGOqTA.roa
File: 4Uq_Yep4T_2E8C4Gv9dvXTGOqTA.roa (raw, json)
Hash identifier: cf/GDgTbbQONxjcAQMM2zRDjnuvTFxftaTK8OqyScMQ=
Subject key identifier: E1:4A:BF:61:EA:78:4F:FD:84:F0:2E:06:BF:D7:6F:5D:31:8E:A9:30
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 069E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4Uq_Yep4T_2E8C4Gv9dvXTGOqTA.roa
Signing time: Thu 15 May 2025 21:38:46 +0000
ROA not before: Thu 15 May 2025 21:38:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1694 (0x69e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 21:38:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E14ABF61EA784FFD84F02E06BFD76F5D318EA930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:95:33:ce:5a:38:8c:e1:3d:d3:e5:ca:8d:a7:
b4:f2:57:e4:2d:55:e3:23:64:c8:25:66:ae:7d:0b:
6f:76:3b:ef:6a:2c:15:cd:17:c1:85:22:41:4e:da:
15:f1:f7:7c:8c:f6:b7:b9:75:93:c0:e3:7d:c0:eb:
f5:3e:f7:78:c7:41:5e:ca:ac:a7:b5:f3:6a:ba:cf:
50:ba:b6:73:9f:46:b4:48:b2:23:9c:f8:2e:62:0c:
6b:3c:86:01:d3:5b:fc:7e:38:84:bb:61:56:c0:80:
9a:b6:51:6a:b3:44:5a:0c:26:68:45:60:af:fa:5f:
b7:86:d2:56:d1:35:20:f9:04:63:dd:de:25:c5:27:
d0:e9:7f:b8:8d:8b:c3:eb:0e:68:0c:d6:47:d9:ea:
f2:d9:76:ea:f3:ec:ff:cb:2c:9d:d9:a7:02:7a:4e:
38:5c:95:87:82:b6:b0:f0:7b:72:91:04:5e:dc:1c:
95:73:d4:c8:73:cc:fd:11:25:21:ec:0e:69:00:4c:
b1:0b:30:4d:cf:a4:de:4c:13:a7:cd:0b:61:31:3f:
ce:a3:7a:8e:6f:09:5f:2e:95:78:54:93:65:62:37:
ef:d1:72:40:25:ae:ee:24:61:bf:f3:4d:db:fd:b6:
eb:d6:88:24:fc:30:15:bf:11:e1:8e:83:69:6d:75:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4A:BF:61:EA:78:4F:FD:84:F0:2E:06:BF:D7:6F:5D:31:8E:A9:30
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4Uq_Yep4T_2E8C4Gv9dvXTGOqTA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:a4:89:9a:96:22:b6:28:62:a9:84:d1:c2:27:40:4a:65:0c:
72:e7:9a:15:98:e2:16:6a:85:ab:e8:f0:33:41:b1:84:98:e8:
3e:bd:05:03:47:8b:32:aa:c6:4e:10:55:95:4f:49:ec:6d:af:
3b:af:5b:06:75:f5:91:9e:80:b4:b6:4d:f9:ce:42:ab:fb:89:
e8:76:09:36:e8:2a:e2:f9:c0:4b:b1:b4:e5:64:8d:7c:b6:8c:
56:8f:bc:32:87:28:91:18:3b:e1:e6:8c:7e:da:84:c3:9a:f3:
d9:45:21:da:44:de:0e:14:bb:b5:90:da:4e:4c:8b:0a:96:10:
d4:4a:bf:a0:ee:d1:9d:59:c5:33:33:36:92:f0:2c:8d:24:46:
99:c1:00:87:d9:c6:de:84:f3:ec:54:d6:e6:93:96:c4:0f:e8:
0b:2b:ad:ad:ea:93:af:ea:33:b2:b8:4e:56:63:84:75:82:33:
91:95:1b:0e:8c:6e:60:a9:82:c2:90:f0:c3:72:2a:24:a7:e4:
b2:70:49:17:6a:84:ac:52:c8:dd:26:09:9b:92:dd:b7:2a:9a:
ae:a4:fe:f4:e4:a9:6c:14:31:15:57:2b:14:51:db:78:3d:b2:
f2:cf:7e:33:85:a0:73:e2:77:de:bb:f8:d8:b1:8a:30:ca:aa:
98:50:35:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBp4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MTM4NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUxNEFCRjYxRUE3ODRG
RkQ4NEYwMkUwNkJGRDc2RjVEMzE4RUE5MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdlTPOWjiM4T3T5cqNp7TyV+QtVeMjZMglZq59C292O+9qLBXN
F8GFIkFO2hXx93yM9re5dZPA433A6/U+93jHQV7KrKe182q6z1C6tnOfRrRIsiOc
+C5iDGs8hgHTW/x+OIS7YVbAgJq2UWqzRFoMJmhFYK/6X7eG0lbRNSD5BGPd3iXF
J9Dpf7iNi8PrDmgM1kfZ6vLZdurz7P/LLJ3ZpwJ6TjhclYeCtrDwe3KRBF7cHJVz
1MhzzP0RJSHsDmkATLELME3PpN5ME6fNC2ExP86jeo5vCV8ulXhUk2ViN+/RckAl
ru4kYb/zTdv9tuvWiCT8MBW/EeGOg2ltdVuLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4Uq/Yep4T/2E8C4Gv9dvXTGOqTAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80VXFfWWVwNFRfMkU4QzRH
djlkdlhUR09xVEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFmkiZqWIrYoYqmE0cInQEplDHLnmhWY4hZq
havo8DNBsYSY6D69BQNHizKqxk4QVZVPSextrzuvWwZ19ZGegLS2TfnOQqv7ieh2
CTboKuL5wEuxtOVkjXy2jFaPvDKHKJEYO+HmjH7ahMOa89lFIdpE3g4Uu7WQ2k5M
iwqWENRKv6Du0Z1ZxTMzNpLwLI0kRpnBAIfZxt6E8+xU1uaTlsQP6Asrra3qk6/q
M7K4TlZjhHWCM5GVGw6MbmCpgsKQ8MNyKiSn5LJwSRdqhKxSyN0mCZuS3bcqmq6k
/vTkqWwUMRVXKxRR23g9svLPfjOFoHPid967+NixijDKqphQNaE=
-----END CERTIFICATE-----
Generated at Sun May 18 01:56:17 2025 by rpki-client