Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/9ungy0T8sp6efofd_HTlffP_stg.roa
File: 9ungy0T8sp6efofd_HTlffP_stg.roa (raw, json)
Hash identifier: PuWjMKETXAo8JgO6aMXEQX2UsXQTh4EDKIbPds9mAoM=
Subject key identifier: F6:E9:E0:CB:44:FC:B2:9E:9E:7E:87:DD:FC:74:E5:7D:F3:FF:B2:D8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0586
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9ungy0T8sp6efofd_HTlffP_stg.roa
Signing time: Wed 14 May 2025 10:38:02 +0000
ROA not before: Wed 14 May 2025 10:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1414 (0x586)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 10:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F6E9E0CB44FCB29E9E7E87DDFC74E57DF3FFB2D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:35:4e:e7:e1:5f:ba:95:92:0f:74:cb:72:9a:
a2:21:9e:57:93:af:c7:6d:34:c6:7c:a3:bc:73:c6:
c3:0b:6e:4d:f6:07:dc:8a:a0:7f:84:be:8f:30:20:
dc:7c:38:72:1b:ee:48:92:a6:71:bb:85:7d:c6:8e:
ee:16:06:05:2c:92:e3:bb:ae:89:f7:4f:4e:29:e2:
1e:74:63:b9:f9:5c:45:1a:dd:7e:f0:a5:31:d3:85:
96:a6:2c:5d:bf:78:a0:b5:f4:e7:de:34:f4:1e:20:
e4:a8:65:ff:5f:3f:97:66:94:1f:3c:e7:b5:e7:47:
73:e3:18:3e:e2:e6:67:86:93:4b:37:6e:ed:aa:5b:
92:20:3f:78:0d:9b:4a:16:1a:e2:8c:9a:b0:28:25:
da:93:89:c4:c5:e3:75:ba:18:a3:6e:d1:38:b9:ec:
4a:41:b5:63:99:5b:12:c3:1d:b2:1c:75:da:2a:30:
ab:1d:db:e5:96:14:d7:c5:58:59:5d:cd:78:d1:2d:
c6:2a:3b:62:e1:4e:a2:ae:b1:76:3f:5c:6d:42:32:
84:7c:0e:fa:69:ab:a9:0b:6c:eb:62:f2:d8:03:75:
28:90:2d:56:69:29:e8:ef:25:50:4e:fc:6f:c0:b8:
ab:22:1d:5a:d0:68:3f:ff:10:53:23:2c:ef:54:7d:
36:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E9:E0:CB:44:FC:B2:9E:9E:7E:87:DD:FC:74:E5:7D:F3:FF:B2:D8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/9ungy0T8sp6efofd_HTlffP_stg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
17:c5:79:62:64:22:39:f3:a7:a6:c4:c9:37:15:c5:90:be:40:
2d:0f:59:e8:6e:06:79:49:1b:7d:d8:8c:e4:68:8a:58:d7:b8:
3d:c5:5f:5f:02:db:20:e4:87:c5:d6:10:89:35:ea:e9:83:15:
a0:eb:f1:11:3a:87:7f:c2:7d:21:2d:29:30:8b:3f:61:25:de:
bb:20:ed:08:f8:09:72:6d:69:df:86:9a:6b:ad:cb:bd:b1:aa:
9a:a5:2d:04:c4:60:82:6d:62:0b:b9:49:02:ca:07:c9:4e:99:
03:23:47:fe:8c:d9:c4:de:01:36:1f:e2:c9:10:64:82:e0:2a:
88:18:15:47:7c:78:0d:2c:d8:d7:c7:48:99:d2:45:c4:8a:24:
07:b4:a7:b7:04:39:9a:f4:f9:37:00:59:4a:cd:74:1f:0d:2c:
76:d4:83:50:bc:27:3c:17:32:17:12:08:8f:e0:6e:13:ce:7e:
ea:55:8c:e7:a2:bf:16:0f:57:64:4c:85:44:0b:78:8d:78:e6:
e9:bd:73:6a:e1:6b:96:15:65:3b:45:54:97:a7:08:33:52:81:
5e:ff:fe:6c:f5:ac:7e:90:d9:f3:41:ef:69:a3:6c:67:6e:06:
88:0f:60:e2:21:9e:20:73:7a:14:1c:57:87:27:01:71:d7:1b:
b2:75:7c:a6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBYYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
MDM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY2RTlFMENCNDRGQ0Iy
OUU5RTdFODdEREZDNzRFNTdERjNGRkIyRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7NU7n4V+6lZIPdMtymqIhnleTr8dtNMZ8o7xzxsMLbk32B9yK
oH+Evo8wINx8OHIb7kiSpnG7hX3Gju4WBgUskuO7ron3T04p4h50Y7n5XEUa3X7w
pTHThZamLF2/eKC19OfeNPQeIOSoZf9fP5dmlB8857XnR3PjGD7i5meGk0s3bu2q
W5IgP3gNm0oWGuKMmrAoJdqTicTF43W6GKNu0Ti57EpBtWOZWxLDHbIcddoqMKsd
2+WWFNfFWFldzXjRLcYqO2LhTqKusXY/XG1CMoR8Dvppq6kLbOti8tgDdSiQLVZp
KejvJVBO/G/AuKsiHVrQaD//EFMjLO9UfTaFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9ungy0T8sp6efofd/HTlffP/stgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni85dW5neTBUOHNwNmVmb2Zk
X0hUbGZmUF9zdGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABfFeWJkIjnzp6bEyTcVxZC+QC0PWehuBnlJ
G33YjORoiljXuD3FX18C2yDkh8XWEIk16umDFaDr8RE6h3/CfSEtKTCLP2El3rsg
7Qj4CXJtad+Gmmuty72xqpqlLQTEYIJtYgu5SQLKB8lOmQMjR/6M2cTeATYf4skQ
ZILgKogYFUd8eA0s2NfHSJnSRcSKJAe0p7cEOZr0+TcAWUrNdB8NLHbUg1C8JzwX
MhcSCI/gbhPOfupVjOeivxYPV2RMhUQLeI145um9c2rha5YVZTtFVJenCDNSgV7/
/mz1rH6Q2fNB72mjbGduBogPYOIhniBzehQcV4cnAXHXG7J1fKY=
-----END CERTIFICATE-----
Generated at Sun May 18 02:01:52 2025 by rpki-client