Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9g7Ym8dV1Ij_AJKviKVVZMQhq_E.roa
File: 9g7Ym8dV1Ij_AJKviKVVZMQhq_E.roa (raw, json)
Hash identifier: WwraE6jrZPxhCLQ3Sj+q9mepte7acpUPuorNHabyxZ4=
Subject key identifier: F6:0E:D8:9B:C7:55:D4:88:FF:00:92:AF:88:A5:55:64:C4:21:AB:F1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05D2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9g7Ym8dV1Ij_AJKviKVVZMQhq_E.roa
Signing time: Wed 14 May 2025 20:08:02 +0000
ROA not before: Wed 14 May 2025 20:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1490 (0x5d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 20:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F60ED89BC755D488FF0092AF88A55564C421ABF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c3:10:d2:0b:24:58:16:21:b0:0c:0f:8f:67:
07:f5:df:ed:e6:ed:78:b9:6d:9e:9c:70:7e:09:da:
0d:8f:84:ac:ef:1b:2b:5c:d3:f7:ae:5f:ab:dd:68:
50:95:a2:d0:43:9f:b9:22:71:c1:76:d4:09:56:48:
e1:39:77:ec:7e:66:bf:49:3b:5b:92:81:07:61:18:
f2:b0:09:99:d7:9e:60:1f:46:95:33:c8:b6:06:40:
16:8a:aa:e8:a3:18:59:ea:9d:a5:20:ec:5a:81:59:
3f:37:61:1b:55:d7:e8:02:c9:c6:57:39:2a:32:6e:
17:ce:2d:de:8c:35:4b:19:b4:66:11:98:d3:4f:b4:
78:4c:5b:4d:bf:6c:54:46:61:e0:65:35:25:08:83:
4a:8e:df:d1:15:f2:b0:7d:7f:8b:62:a0:e9:72:51:
6d:d0:f5:2a:c6:34:cf:eb:e6:a1:10:2b:7f:b2:68:
ec:88:41:74:06:2b:f5:05:43:80:f2:f8:b5:58:79:
98:52:3f:1d:9d:fe:36:eb:00:28:62:0c:d5:44:3b:
7e:a4:49:12:fb:d2:42:f3:47:ea:29:16:79:2b:96:
92:03:a4:2d:02:92:83:37:d4:92:0d:72:11:03:33:
04:43:c6:c8:2e:31:cd:a6:84:17:6f:46:f3:db:57:
10:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:0E:D8:9B:C7:55:D4:88:FF:00:92:AF:88:A5:55:64:C4:21:AB:F1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9g7Ym8dV1Ij_AJKviKVVZMQhq_E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:a4:d2:c2:1e:fe:94:7e:44:d1:81:e4:43:82:e3:0c:e0:d5:
0f:0d:02:56:03:85:52:4a:fb:1b:89:61:3c:f9:23:c2:68:46:
72:6c:32:2c:15:96:ed:cb:90:3b:9d:49:45:ad:db:22:54:60:
56:f3:22:a4:02:4a:e0:17:9f:61:78:08:48:71:bf:94:59:a7:
82:8b:f8:6c:da:52:75:55:97:43:50:98:e0:c6:55:d8:37:dd:
bd:77:ea:e0:26:64:14:fc:d5:a2:13:f0:e5:98:59:61:6e:d5:
0f:f3:c5:58:f0:13:6e:ef:28:ac:56:b5:09:4f:fd:2e:ff:10:
73:b0:5a:6a:02:e2:e4:eb:42:07:9f:37:df:c6:f9:13:7e:90:
30:99:d1:6d:2d:72:61:45:ea:be:f4:33:5d:3d:26:b4:2b:d0:
75:6f:98:39:df:cc:0e:27:a4:b9:fe:ae:15:f9:42:5d:29:f0:
3d:85:e8:fb:82:31:31:8d:79:5c:9e:c1:e5:15:ae:39:45:68:
55:02:b8:68:ee:20:69:25:01:6f:e1:77:a1:83:e2:60:5b:cf:
7f:1c:cf:cf:f9:bf:22:2c:f2:1a:fe:f7:e0:f2:0e:3c:3e:1a:
82:8f:d6:99:a5:02:1d:f0:02:0a:2c:7a:6a:0e:31:6e:09:25:
e6:84:c1:36
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQy
MDA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY2MEVEODlCQzc1NUQ0
ODhGRjAwOTJBRjg4QTU1NTY0QzQyMUFCRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkwxDSCyRYFiGwDA+PZwf13+3m7Xi5bZ6ccH4J2g2PhKzvGytc
0/euX6vdaFCVotBDn7kiccF21AlWSOE5d+x+Zr9JO1uSgQdhGPKwCZnXnmAfRpUz
yLYGQBaKquijGFnqnaUg7FqBWT83YRtV1+gCycZXOSoybhfOLd6MNUsZtGYRmNNP
tHhMW02/bFRGYeBlNSUIg0qO39EV8rB9f4tioOlyUW3Q9SrGNM/r5qEQK3+yaOyI
QXQGK/UFQ4Dy+LVYeZhSPx2d/jbrAChiDNVEO36kSRL70kLzR+opFnkrlpIDpC0C
koM31JINchEDMwRDxsguMc2mhBdvRvPbVxANAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9g7Ym8dV1Ij/AJKviKVVZMQhq/EwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85ZzdZbThkVjFJal9BSkt2
aUtWVlpNUWhxX0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE6k0sIe/pR+RNGB5EOC4wzg1Q8NAlYDhVJK
+xuJYTz5I8JoRnJsMiwVlu3LkDudSUWt2yJUYFbzIqQCSuAXn2F4CEhxv5RZp4KL
+GzaUnVVl0NQmODGVdg33b136uAmZBT81aIT8OWYWWFu1Q/zxVjwE27vKKxWtQlP
/S7/EHOwWmoC4uTrQgefN9/G+RN+kDCZ0W0tcmFF6r70M109JrQr0HVvmDnfzA4n
pLn+rhX5Ql0p8D2F6PuCMTGNeVyeweUVrjlFaFUCuGjuIGklAW/hd6GD4mBbz38c
z8/5vyIs8hr+9+DyDjw+GoKP1pmlAh3wAgosemoOMW4JJeaEwTY=
-----END CERTIFICATE-----
Generated at Sat May 17 22:41:27 2025 by rpki-client