Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AYwDSEWs-RRImc_9IHRGsvUv5rM.roa
File: AYwDSEWs-RRImc_9IHRGsvUv5rM.roa (raw, json)
Hash identifier: +kfjCMXudN9MmDM4iL30VcHH/AeSgHAJwuI6aup6f4A=
Subject key identifier: 01:8C:03:48:45:AC:F9:14:48:99:CF:FD:20:74:46:B2:F5:2F:E6:B3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04BE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AYwDSEWs-RRImc_9IHRGsvUv5rM.roa
Signing time: Tue 13 May 2025 09:37:59 +0000
ROA not before: Tue 13 May 2025 09:37:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1214 (0x4be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 09:37:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=018C034845ACF9144899CFFD207446B2F52FE6B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:29:20:d7:70:1b:89:e2:ac:43:a8:d7:aa:80:
b6:b8:10:fa:43:5d:da:b6:9e:c7:04:49:bc:f9:41:
09:d1:19:e6:9b:f8:41:59:d4:85:81:41:58:0e:bb:
5a:4a:3f:e5:79:d3:bd:a7:e5:3f:f8:9d:98:ce:f5:
99:62:0e:3f:7f:e6:63:41:d9:01:01:78:19:15:a8:
8e:59:ca:89:7f:dd:2c:22:55:7f:1a:4a:82:37:36:
55:45:a8:c5:e3:5f:8e:19:c4:3c:85:1e:1c:d5:08:
23:1f:2c:34:07:8c:21:3f:0c:ad:30:a2:ab:20:80:
b7:c9:93:d9:f7:b6:20:7f:e2:99:d8:d9:42:08:3a:
b1:60:9f:57:d8:69:10:b6:eb:ac:d7:ad:c2:f0:07:
e9:f7:b3:ef:04:3e:2e:2d:9f:fc:20:66:8a:e9:07:
6d:20:8d:41:a4:5f:b1:17:14:ed:fe:ed:b7:7a:17:
4c:3e:3b:a2:d7:bc:d9:18:47:bb:04:88:8a:d3:f2:
37:b1:77:dd:76:9b:14:7c:dc:b5:0d:86:a7:84:34:
3f:df:2d:99:e7:5d:9b:be:c8:f3:4e:3f:b1:a4:45:
35:f8:e9:03:89:bd:3e:d1:b8:10:7d:49:d9:af:a3:
10:4f:c4:50:1f:a9:a9:2a:a1:17:79:ea:e7:d3:c0:
3a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8C:03:48:45:AC:F9:14:48:99:CF:FD:20:74:46:B2:F5:2F:E6:B3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AYwDSEWs-RRImc_9IHRGsvUv5rM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:c5:83:09:a6:3b:5f:26:61:34:34:c3:7c:53:a2:ee:f8:3c:
8f:ef:a2:7e:9c:cb:56:5c:02:1c:9d:2d:32:47:9e:95:04:e0:
b4:25:1d:81:8c:12:e1:6e:e1:38:40:63:d7:89:72:b2:9d:0e:
a8:c5:30:77:b5:26:56:e1:d6:04:b7:f8:ed:af:1e:0b:1f:d4:
37:d9:f9:33:b5:33:c9:36:ee:13:71:20:c8:bc:90:73:04:ee:
fc:38:ac:5d:ad:b4:db:e3:c6:00:2c:bb:07:07:82:32:ce:1a:
3f:54:b7:f3:4d:ee:54:c0:98:3e:46:1a:0f:d5:b7:74:bc:cf:
c6:18:fc:0a:cf:fa:84:84:20:52:8d:4f:28:c6:57:65:6a:00:
fe:8c:49:08:e6:39:e4:8f:ca:6d:3c:95:96:88:83:5c:d6:74:
48:41:b3:47:b5:78:f2:ea:2e:09:b9:d1:5a:da:2d:57:d5:17:
b3:29:5e:d2:89:5e:c9:e2:6c:0b:64:b4:c5:f0:7e:50:cc:77:
75:69:5d:84:0c:0c:e0:24:8c:61:2f:15:87:b5:71:0b:25:d1:
bb:57:20:9c:3a:7e:5a:eb:68:ea:46:ad:0d:c9:fa:85:88:bf:
98:b3:ea:2c:14:bc:58:c4:1c:88:4c:3c:fd:99:8c:18:98:c6:
cd:51:5a:fb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
OTM3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAxOEMwMzQ4NDVBQ0Y5
MTQ0ODk5Q0ZGRDIwNzQ0NkIyRjUyRkU2QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuKSDXcBuJ4qxDqNeqgLa4EPpDXdq2nscESbz5QQnRGeab+EFZ
1IWBQVgOu1pKP+V5072n5T/4nZjO9ZliDj9/5mNB2QEBeBkVqI5Zyol/3SwiVX8a
SoI3NlVFqMXjX44ZxDyFHhzVCCMfLDQHjCE/DK0woqsggLfJk9n3tiB/4pnY2UII
OrFgn1fYaRC266zXrcLwB+n3s+8EPi4tn/wgZorpB20gjUGkX7EXFO3+7bd6F0w+
O6LXvNkYR7sEiIrT8jexd912mxR83LUNhqeEND/fLZnnXZu+yPNOP7GkRTX46QOJ
vT7RuBB9SdmvoxBPxFAfqakqoRd56ufTwDohAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAYwDSEWs+RRImc/9IHRGsvUv5rMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BWXdEU0VXcy1SUkltY185
SUhSR3N2VXY1ck0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKPFgwmmO18mYTQ0w3xTou74PI/von6cy1Zc
AhydLTJHnpUE4LQlHYGMEuFu4ThAY9eJcrKdDqjFMHe1Jlbh1gS3+O2vHgsf1DfZ
+TO1M8k27hNxIMi8kHME7vw4rF2ttNvjxgAsuwcHgjLOGj9Ut/NN7lTAmD5GGg/V
t3S8z8YY/ArP+oSEIFKNTyjGV2VqAP6MSQjmOeSPym08lZaIg1zWdEhBs0e1ePLq
Lgm50VraLVfVF7MpXtKJXsnibAtktMXwflDMd3VpXYQMDOAkjGEvFYe1cQsl0btX
IJw6flrraOpGrQ3J+oWIv5iz6iwUvFjEHIhMPP2ZjBiYxs1RWvs=
-----END CERTIFICATE-----
Generated at Sat May 17 21:28:15 2025 by rpki-client