Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/4_QPiJQ4xXctpCqybQsfhLqoJUw.roa
File: 4_QPiJQ4xXctpCqybQsfhLqoJUw.roa (raw, json)
Hash identifier: z6OWqfFfP3mZzRCqzsm5NSm4vpsKX0jns6V6FTU+xpE=
Subject key identifier: E3:F4:0F:88:94:38:C5:77:2D:A4:2A:B2:6D:0B:1F:84:BA:A8:25:4C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 044E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4_QPiJQ4xXctpCqybQsfhLqoJUw.roa
Signing time: Mon 12 May 2025 19:38:46 +0000
ROA not before: Mon 12 May 2025 19:38:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1102 (0x44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 19:38:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=E3F40F889438C5772DA42AB26D0B1F84BAA8254C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9b:aa:cc:32:6a:5a:af:f5:ac:bb:b8:ab:bd:
37:17:22:9b:c8:e5:42:f1:4d:ba:86:fc:d6:f9:03:
49:67:80:46:c0:09:20:d5:1a:38:3e:dc:63:e3:33:
e6:2d:aa:b4:07:dc:cb:c1:33:fd:55:4c:58:ae:ff:
dc:32:d7:24:78:5a:fc:a3:84:99:89:22:cd:3d:7f:
d7:9a:d1:23:09:da:99:dd:47:55:c4:9c:5c:0a:ad:
d9:2e:f5:34:22:48:1f:f1:81:b0:d0:26:48:f6:16:
63:2f:31:ab:14:a6:a9:d5:8a:5a:8a:fb:56:b3:92:
9a:32:bb:e2:c1:10:59:e5:7f:75:1a:80:1e:eb:fe:
fd:e3:48:f4:25:60:b2:cd:7d:e2:3b:bc:c6:34:2a:
ae:63:fa:19:5f:29:47:17:67:e5:a0:b1:2b:fe:70:
91:13:ba:a5:c4:3a:dc:22:e7:b4:a7:b8:08:32:fe:
30:87:98:8b:76:29:dc:7c:83:e8:a1:24:b2:79:f1:
6f:fc:a3:20:e3:35:71:9f:21:aa:95:87:43:3c:21:
92:c3:66:9f:e6:78:68:f7:1c:d7:c0:a0:f9:a1:b6:
cc:b0:24:08:c0:80:16:22:4a:a2:c7:2d:dd:bd:b5:
a2:93:f7:b2:a7:24:c3:ac:90:5a:12:4d:07:82:b3:
95:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F4:0F:88:94:38:C5:77:2D:A4:2A:B2:6D:0B:1F:84:BA:A8:25:4C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/4_QPiJQ4xXctpCqybQsfhLqoJUw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:70:04:ba:59:39:3a:fb:82:fd:f7:35:0f:6d:e8:c9:28:b8:
a5:2f:6d:3c:72:6c:fb:4d:c4:46:fe:d8:83:c1:a9:e8:94:80:
f8:c5:32:7e:3c:0e:82:24:83:53:3f:0b:cc:01:62:b8:08:4f:
5c:fd:de:5d:c8:05:a8:17:eb:ca:01:07:bc:01:f7:8c:f9:23:
41:25:4e:35:96:be:41:9f:54:bd:36:e2:24:99:68:b5:36:49:
0d:a9:34:e6:e9:55:5b:7d:7b:99:14:d8:3f:7e:29:fd:68:3b:
b7:30:c6:8e:d5:30:4e:49:1b:26:51:39:f5:bd:95:0a:93:27:
5b:49:bc:f8:5a:5b:11:54:5b:0e:63:6d:2a:c3:39:e0:1a:60:
55:80:ef:9d:97:7b:b7:d2:36:25:b0:3c:be:5f:1c:21:e1:d9:
a2:8d:56:83:8c:52:09:59:a9:16:ba:b4:e8:d7:e3:2a:09:36:
f9:16:40:53:92:ec:94:6d:2e:46:d4:7e:8c:65:d7:13:15:58:
ae:40:32:b7:c6:30:1a:96:bf:cf:03:6b:a6:8b:e3:eb:55:85:
66:2a:a3:de:df:6d:6a:09:b1:62:69:04:f9:17:36:ca:d4:fb:
5b:f1:df:5c:da:11:a5:38:1e:0f:57:11:27:64:55:b6:50:87:
ff:3d:9f:33
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
OTM4NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEUzRjQwRjg4OTQzOEM1
NzcyREE0MkFCMjZEMEIxRjg0QkFBODI1NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDam6rMMmpar/Wsu7irvTcXIpvI5ULxTbqG/Nb5A0lngEbACSDV
Gjg+3GPjM+YtqrQH3MvBM/1VTFiu/9wy1yR4WvyjhJmJIs09f9ea0SMJ2pndR1XE
nFwKrdku9TQiSB/xgbDQJkj2FmMvMasUpqnVilqK+1azkpoyu+LBEFnlf3UagB7r
/v3jSPQlYLLNfeI7vMY0Kq5j+hlfKUcXZ+WgsSv+cJETuqXEOtwi57SnuAgy/jCH
mIt2Kdx8g+ihJLJ58W/8oyDjNXGfIaqVh0M8IZLDZp/meGj3HNfAoPmhtsywJAjA
gBYiSqLHLd29taKT97KnJMOskFoSTQeCs5UjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU4/QPiJQ4xXctpCqybQsfhLqoJUwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni80X1FQaUpRNHhYY3RwQ3F5
YlFzZmhMcW9KVXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJFwBLpZOTr7gv33NQ9t6MkouKUvbTxybPtN
xEb+2IPBqeiUgPjFMn48DoIkg1M/C8wBYrgIT1z93l3IBagX68oBB7wB94z5I0El
TjWWvkGfVL024iSZaLU2SQ2pNObpVVt9e5kU2D9+Kf1oO7cwxo7VME5JGyZROfW9
lQqTJ1tJvPhaWxFUWw5jbSrDOeAaYFWA752Xe7fSNiWwPL5fHCHh2aKNVoOMUglZ
qRa6tOjX4yoJNvkWQFOS7JRtLkbUfoxl1xMVWK5AMrfGMBqWv88Da6aL4+tVhWYq
o97fbWoJsWJpBPkXNsrU+1vx31zaEaU4Hg9XESdkVbZQh/89nzM=
-----END CERTIFICATE-----
Generated at Sat May 17 19:43:41 2025 by rpki-client