Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/6gVue6K_nsnYTkgf4KoaBFE509I.roa
File: 6gVue6K_nsnYTkgf4KoaBFE509I.roa (raw, json)
Hash identifier: 7qObv+2mbfOYePb/7Y5NemKsfSKOJ3HCRTR5YQ94/xU=
Subject key identifier: EA:05:6E:7B:A2:BF:9E:C9:D8:4E:48:1F:E0:AA:1A:04:51:39:D3:D2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0632
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6gVue6K_nsnYTkgf4KoaBFE509I.roa
Signing time: Thu 15 May 2025 08:08:03 +0000
ROA not before: Thu 15 May 2025 08:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1586 (0x632)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 08:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EA056E7BA2BF9EC9D84E481FE0AA1A045139D3D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:81:65:50:bb:27:f2:62:e1:d0:47:23:a2:22:
2b:59:e4:5e:8e:d6:35:32:1f:98:8f:bf:2a:4b:a0:
e5:72:a6:48:a4:d9:a8:49:85:60:13:d2:9c:a1:4f:
5f:12:9d:99:39:26:c8:86:70:5d:55:7a:7d:e6:3e:
f8:52:4b:96:89:28:aa:fa:c8:a6:30:e0:82:c1:72:
aa:c0:aa:07:df:40:75:26:13:b4:ce:2f:5d:ed:7e:
c6:29:ef:b4:50:4b:61:3d:ca:78:d1:8f:d6:0a:17:
6f:b6:08:05:9a:fd:16:cc:4b:0a:97:13:0f:3e:23:
4d:ef:9d:32:77:bf:7e:ea:06:36:b2:25:e0:0c:65:
b1:22:e0:0d:c6:5f:f2:b9:d6:c0:02:f1:2a:53:c2:
f3:f7:d7:26:b0:a6:ad:09:e8:11:51:cb:b1:61:2d:
4c:63:95:17:68:a9:4f:f6:68:f9:60:8e:dd:77:ba:
8d:dc:1c:80:ea:eb:f7:52:11:83:32:ad:11:a4:38:
43:32:a2:bc:71:40:44:2a:68:9c:18:37:d7:d1:34:
90:21:f2:bc:00:70:0a:61:9a:d1:b0:fe:52:a9:43:
9c:6f:6f:1d:bd:c6:e6:6a:77:97:06:55:31:52:59:
71:f1:8e:96:08:16:bc:50:fb:32:03:a5:9c:5d:9f:
77:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:05:6E:7B:A2:BF:9E:C9:D8:4E:48:1F:E0:AA:1A:04:51:39:D3:D2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/6gVue6K_nsnYTkgf4KoaBFE509I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:e8:bb:b0:a3:88:40:2a:e9:40:bd:58:07:0b:c3:e0:f4:15:
20:dd:fd:82:b4:3a:8b:1d:ba:f0:df:55:b6:d6:bf:cb:18:5c:
34:35:1c:4e:51:0a:9f:99:17:83:73:cf:7a:25:9a:0f:dd:6f:
36:e4:03:82:09:1b:d0:25:a4:fa:6d:7f:51:3a:c9:96:20:ef:
a5:94:11:53:34:64:36:ee:22:a7:d5:0a:be:fb:f5:9f:24:2f:
97:9b:85:fb:1b:e2:fa:53:4a:76:7a:90:71:b5:30:96:af:5b:
08:98:8e:b0:d8:55:2b:2a:22:5e:59:12:5f:34:56:47:77:cf:
2f:b7:f8:be:93:d4:6c:0a:53:a5:70:3e:b2:62:32:55:10:37:
8a:ad:c8:d6:1c:db:f8:0f:bb:66:ea:13:cc:90:8e:6f:55:4d:
34:15:b8:36:56:49:b1:f8:62:9c:83:c2:f4:26:56:0d:fb:c2:
35:92:36:29:89:08:48:d8:6b:e1:4d:f6:da:a0:3a:14:52:75:
10:ec:8f:91:02:9b:83:a6:aa:b8:66:bd:5a:ad:d1:f4:c0:99:
01:16:56:65:3d:99:a9:cf:03:3c:62:2b:aa:4e:78:70:7a:8a:
31:3f:e5:da:06:3a:7b:ec:5c:bd:47:6a:db:bd:71:f4:cd:fc:
ba:db:e8:36
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBjIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
ODA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVBMDU2RTdCQTJCRjlF
QzlEODRFNDgxRkUwQUExQTA0NTEzOUQzRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCggWVQuyfyYuHQRyOiIitZ5F6O1jUyH5iPvypLoOVypkik2ahJ
hWAT0pyhT18SnZk5JsiGcF1Ven3mPvhSS5aJKKr6yKYw4ILBcqrAqgffQHUmE7TO
L13tfsYp77RQS2E9ynjRj9YKF2+2CAWa/RbMSwqXEw8+I03vnTJ3v37qBjayJeAM
ZbEi4A3GX/K51sAC8SpTwvP31yawpq0J6BFRy7FhLUxjlRdoqU/2aPlgjt13uo3c
HIDq6/dSEYMyrRGkOEMyorxxQEQqaJwYN9fRNJAh8rwAcAphmtGw/lKpQ5xvbx29
xuZqd5cGVTFSWXHxjpYIFrxQ+zIDpZxdn3fnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU6gVue6K/nsnYTkgf4KoaBFE509IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni82Z1Z1ZTZLX25zbllUa2dm
NEtvYUJGRTUwOUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAATou7CjiEAq6UC9WAcLw+D0FSDd/YK0Oosd
uvDfVbbWv8sYXDQ1HE5RCp+ZF4Nzz3olmg/dbzbkA4IJG9AlpPptf1E6yZYg76WU
EVM0ZDbuIqfVCr779Z8kL5ebhfsb4vpTSnZ6kHG1MJavWwiYjrDYVSsqIl5ZEl80
Vkd3zy+3+L6T1GwKU6VwPrJiMlUQN4qtyNYc2/gPu2bqE8yQjm9VTTQVuDZWSbH4
YpyDwvQmVg37wjWSNimJCEjYa+FN9tqgOhRSdRDsj5ECm4OmqrhmvVqt0fTAmQEW
VmU9manPAzxiK6pOeHB6ijE/5doGOnvsXL1Hatu9cfTN/Lrb6DY=
-----END CERTIFICATE-----
Generated at Sat May 17 21:21:46 2025 by rpki-client