Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7WzLLKxhk9ifanPG-mPhoZfAKnU.roa
File: 7WzLLKxhk9ifanPG-mPhoZfAKnU.roa (raw, json)
Hash identifier: RblvJvf3J9+1be0xZI1UNT7WjNJSi/x/C+hWpqME1go=
Subject key identifier: ED:6C:CB:2C:AC:61:93:D8:9F:6A:73:C6:FA:63:E1:A1:97:C0:2A:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05E2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7WzLLKxhk9ifanPG-mPhoZfAKnU.roa
Signing time: Wed 14 May 2025 22:08:02 +0000
ROA not before: Wed 14 May 2025 22:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1506 (0x5e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 22:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=ED6CCB2CAC6193D89F6A73C6FA63E1A197C02A75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a1:e5:4e:3a:3b:d7:5f:c5:b8:f6:f9:bb:a7:
28:03:13:ad:90:65:4e:15:7d:32:3b:83:67:8c:4c:
8d:a5:38:bb:f1:4b:54:e2:6f:44:d4:8c:4c:e1:af:
d5:6e:4a:58:10:0e:ab:d1:55:be:0c:87:60:0f:5a:
25:6a:10:64:83:ea:6c:af:20:58:ff:76:81:03:68:
0a:bf:76:8a:cf:e4:75:4d:ed:b4:e2:f5:26:fd:38:
c4:ea:ac:34:34:f4:17:a6:c2:65:20:49:10:ca:e2:
0d:07:1c:62:f8:aa:e8:ad:3e:03:7f:f7:16:b7:65:
94:f5:b3:ce:6d:6c:93:e1:b9:9c:91:ba:16:92:b9:
9e:30:63:9d:f5:10:5b:29:52:91:3b:5c:11:a3:8c:
b9:b1:37:62:e4:44:f4:07:2d:01:ec:40:09:44:52:
7a:ce:67:09:dd:a1:03:87:9a:ed:4a:4e:a9:bd:da:
3d:e2:9a:0b:9e:f3:aa:c7:61:f4:dd:00:91:eb:35:
b2:62:a3:07:aa:11:33:58:ff:0d:7c:73:66:fc:55:
38:aa:6f:f7:1e:e0:56:29:93:4d:ce:89:8c:d4:b7:
7c:1a:6d:28:e5:3e:d0:91:ae:1a:6f:70:ed:f4:0b:
d5:d7:dc:79:19:ae:c2:b5:29:a9:d9:63:7b:4a:c3:
0e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:6C:CB:2C:AC:61:93:D8:9F:6A:73:C6:FA:63:E1:A1:97:C0:2A:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7WzLLKxhk9ifanPG-mPhoZfAKnU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:d4:b7:3f:19:cd:72:31:95:f0:c9:4f:8f:5f:6d:9c:e3:ee:
be:75:49:4d:b2:5b:72:b6:2b:4d:48:17:78:e1:20:55:ab:04:
48:c2:b8:b2:ee:28:c2:63:06:af:d7:e1:f7:76:21:eb:2d:5f:
26:a4:53:be:9f:b1:44:61:ea:ac:f0:78:28:93:61:f9:81:1e:
4d:3b:07:b9:10:a0:05:59:41:2e:fe:3c:e2:9f:1d:c5:13:b1:
e2:a1:43:af:47:d9:1d:21:51:77:bf:94:5b:4c:72:8e:48:60:
2c:f4:cc:9f:ea:c1:04:aa:e6:1d:f1:75:27:7d:52:17:a7:be:
b0:2f:3f:ec:af:02:ee:fc:01:a2:fe:70:6c:70:1f:66:8d:80:
3a:27:c3:41:7b:2b:4f:97:67:46:b6:01:b7:42:0f:55:fd:e7:
3b:55:00:cf:75:f2:00:3f:37:17:44:05:35:c1:8b:7e:cb:58:
92:dd:25:ef:19:01:df:95:1f:de:e2:7c:15:86:f8:53:34:d6:
57:0b:4a:13:ac:90:a5:c1:ec:f4:b5:a9:5f:54:7c:a5:ab:2e:
dd:28:cf:b3:a3:34:19:10:96:17:1c:1e:63:44:55:e2:b2:9f:
1f:a0:2b:31:d9:c5:a6:02:ea:7e:5d:e9:81:ca:8e:15:37:46:
db:aa:57:86
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBeIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQy
MjA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVENkNDQjJDQUM2MTkz
RDg5RjZBNzNDNkZBNjNFMUExOTdDMDJBNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3oeVOOjvXX8W49vm7pygDE62QZU4VfTI7g2eMTI2lOLvxS1Ti
b0TUjEzhr9VuSlgQDqvRVb4Mh2APWiVqEGSD6myvIFj/doEDaAq/dorP5HVN7bTi
9Sb9OMTqrDQ09BemwmUgSRDK4g0HHGL4quitPgN/9xa3ZZT1s85tbJPhuZyRuhaS
uZ4wY531EFspUpE7XBGjjLmxN2LkRPQHLQHsQAlEUnrOZwndoQOHmu1KTqm92j3i
mgue86rHYfTdAJHrNbJioweqETNY/w18c2b8VTiqb/ce4FYpk03OiYzUt3wabSjl
PtCRrhpvcO30C9XX3HkZrsK1KanZY3tKww6tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7WzLLKxhk9ifanPG+mPhoZfAKnUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83V3pMTEt4aGs5aWZhblBH
LW1QaG9aZkFLblUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAD7Utz8ZzXIxlfDJT49fbZzj7r51SU2yW3K2
K01IF3jhIFWrBEjCuLLuKMJjBq/X4fd2IestXyakU76fsURh6qzweCiTYfmBHk07
B7kQoAVZQS7+POKfHcUTseKhQ69H2R0hUXe/lFtMco5IYCz0zJ/qwQSq5h3xdSd9
UhenvrAvP+yvAu78AaL+cGxwH2aNgDonw0F7K0+XZ0a2AbdCD1X95ztVAM918gA/
NxdEBTXBi37LWJLdJe8ZAd+VH97ifBWG+FM01lcLShOskKXB7PS1qV9UfKWrLt0o
z7OjNBkQlhccHmNEVeKynx+gKzHZxaYC6n5d6YHKjhU3RtuqV4Y=
-----END CERTIFICATE-----
Generated at Sun May 18 12:22:33 2025 by rpki-client