Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8-JbUAVYcoloqWztJW9GlhyyD0U.roa
File: 8-JbUAVYcoloqWztJW9GlhyyD0U.roa (raw, json)
Hash identifier: 7Xj95ie1Y35tul0c7MXSs5r8Yfjq+m0tfpZpGRWIcDc=
Subject key identifier: F3:E2:5B:50:05:58:72:89:68:A9:6C:ED:25:6F:46:96:1C:B2:0F:45
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05DA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8-JbUAVYcoloqWztJW9GlhyyD0U.roa
Signing time: Wed 14 May 2025 21:08:53 +0000
ROA not before: Wed 14 May 2025 21:08:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1498 (0x5da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 21:08:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F3E25B500558728968A96CED256F46961CB20F45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:bb:6a:05:ef:41:07:91:37:af:aa:28:ac:64:
4a:10:b2:43:10:58:e9:a4:87:bb:31:a8:0d:75:66:
10:e2:56:41:fa:de:65:a4:b9:11:2b:fc:8a:67:5a:
14:3c:e6:80:51:67:48:95:cf:33:42:87:38:c7:ac:
90:e0:50:69:98:30:95:b0:3f:10:7f:28:9a:c8:97:
bc:7e:89:7d:c3:68:04:f2:da:07:4a:74:ce:22:41:
ba:32:5a:46:09:11:e8:3d:c1:d5:fb:fe:ef:eb:a4:
bd:c5:70:63:31:cf:30:13:1d:b9:62:f4:ad:d9:c6:
36:13:cd:c5:d2:f6:2b:5a:c4:94:15:ba:66:64:22:
ae:75:31:4a:39:f2:9f:d8:c4:a0:5f:6f:6c:e6:ba:
f1:de:24:ba:90:9a:a7:8e:27:68:e9:99:cf:7b:ed:
78:5f:ae:52:a7:2b:dd:7c:7a:e1:63:3d:3b:f9:74:
81:75:53:ec:15:88:88:7e:04:f2:8c:4a:5d:ba:87:
ff:2d:58:b8:88:f2:d0:bd:2f:c6:f0:14:dc:de:aa:
00:53:7f:e6:ca:6c:c7:16:2f:9c:27:bc:7d:56:61:
3f:b2:cc:c2:76:b2:66:b4:b2:98:f2:33:3b:6d:be:
3e:b7:07:b7:02:d1:68:1b:26:62:12:b9:43:7c:64:
f7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E2:5B:50:05:58:72:89:68:A9:6C:ED:25:6F:46:96:1C:B2:0F:45
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8-JbUAVYcoloqWztJW9GlhyyD0U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:eb:2b:3d:dd:b9:d8:49:99:cc:06:9b:0e:1c:14:e8:d7:91:
a3:9f:00:7f:3b:be:69:4b:f6:f2:a5:be:d5:27:e0:c4:65:ef:
da:b6:48:ed:b6:07:25:c3:a7:60:ac:2e:07:04:28:f3:ce:a7:
52:a9:d5:e7:96:bc:40:97:4f:a6:3a:4a:3d:26:90:73:00:d7:
87:64:90:b0:56:4a:0a:1a:4c:fa:f4:bb:92:37:0e:e1:f3:ad:
1a:07:09:9e:bc:e8:64:42:51:d7:4b:35:8d:a4:8a:df:88:2e:
b8:8b:6c:87:26:76:41:67:9a:99:08:e0:70:f7:2a:29:ea:11:
17:6c:f1:95:da:ab:8a:8d:4b:c3:42:7f:c4:07:de:cc:a6:35:
46:08:e0:80:70:ba:57:b7:38:89:af:1b:6e:9e:b9:e0:16:30:
f6:64:97:3f:99:5a:de:0d:9b:88:1b:cd:3c:ae:0e:b3:98:45:
6f:bd:e0:ce:d2:31:35:cb:42:a9:07:e6:a4:ad:4c:b4:e4:e9:
16:6c:98:7c:f8:ab:eb:d2:7c:f6:73:bd:e1:1c:98:07:35:b8:
59:e8:ff:cb:8a:6b:00:f4:76:c3:18:67:16:21:04:a7:7a:a5:
cc:b7:57:aa:c3:dc:f1:06:26:85:73:f2:39:b4:f7:f2:06:47:
a4:25:67:02
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBdowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQy
MTA4NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYzRTI1QjUwMDU1ODcy
ODk2OEE5NkNFRDI1NkY0Njk2MUNCMjBGNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+u2oF70EHkTevqiisZEoQskMQWOmkh7sxqA11ZhDiVkH63mWk
uREr/IpnWhQ85oBRZ0iVzzNChzjHrJDgUGmYMJWwPxB/KJrIl7x+iX3DaATy2gdK
dM4iQboyWkYJEeg9wdX7/u/rpL3FcGMxzzATHbli9K3ZxjYTzcXS9itaxJQVumZk
Iq51MUo58p/YxKBfb2zmuvHeJLqQmqeOJ2jpmc977XhfrlKnK918euFjPTv5dIF1
U+wViIh+BPKMSl26h/8tWLiI8tC9L8bwFNzeqgBTf+bKbMcWL5wnvH1WYT+yzMJ2
sma0spjyMzttvj63B7cC0WgbJmISuUN8ZPfrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8+JbUAVYcoloqWztJW9GlhyyD0UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84LUpiVUFWWWNvbG9xV3p0
Slc5R2xoeXlEMFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHbrKz3dudhJmcwGmw4cFOjXkaOfAH87vmlL
9vKlvtUn4MRl79q2SO22ByXDp2CsLgcEKPPOp1Kp1eeWvECXT6Y6Sj0mkHMA14dk
kLBWSgoaTPr0u5I3DuHzrRoHCZ686GRCUddLNY2kit+ILriLbIcmdkFnmpkI4HD3
KinqERds8ZXaq4qNS8NCf8QH3symNUYI4IBwule3OImvG26eueAWMPZklz+ZWt4N
m4gbzTyuDrOYRW+94M7SMTXLQqkH5qStTLTk6RZsmHz4q+vSfPZzveEcmAc1uFno
/8uKawD0dsMYZxYhBKd6pcy3V6rD3PEGJoVz8jm09/IGR6QlZwI=
-----END CERTIFICATE-----
Generated at Sun May 18 09:16:57 2025 by rpki-client