Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/B6ARbNeEhlWQUP9b3r92CCO4VMg.roa
File: B6ARbNeEhlWQUP9b3r92CCO4VMg.roa (raw, json)
Hash identifier: Xwk1KhGbxRQzgaTDDmelasST475PuOtc7qTMAb+4kqk=
Subject key identifier: 07:A0:11:6C:D7:84:86:55:90:50:FF:5B:DE:BF:76:08:23:B8:54:C8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 058E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B6ARbNeEhlWQUP9b3r92CCO4VMg.roa
Signing time: Wed 14 May 2025 11:38:02 +0000
ROA not before: Wed 14 May 2025 11:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1422 (0x58e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 11:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=07A0116CD78486559050FF5BDEBF760823B854C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:8d:59:9b:cd:b0:b0:33:16:99:8d:b1:fa:cb:
13:aa:20:22:ba:33:af:16:73:fc:78:76:f1:7f:2b:
ae:57:ac:e5:35:3b:e2:e5:56:ec:81:8e:4e:c9:d3:
1b:fd:cd:d0:ae:96:a6:6b:81:3e:b5:6f:b6:d1:3c:
bf:6d:55:84:28:ae:5e:80:52:de:bd:3a:46:72:b5:
38:75:ff:13:2b:c1:57:e5:75:47:03:49:a3:27:fe:
b7:ab:ca:d0:4d:f2:58:08:c5:34:bc:96:57:d7:ae:
bf:57:31:1e:d8:5d:dd:e0:33:aa:49:6a:4a:68:90:
37:9a:7d:4d:66:f6:8b:b5:a2:aa:61:42:a5:c8:e2:
c2:27:89:30:53:5b:dc:e2:04:b1:23:a3:cf:99:83:
ea:32:cb:11:d6:86:2b:82:86:2e:bc:0c:aa:0e:8f:
60:79:15:f7:2b:4d:9f:54:1e:6f:c9:62:a5:dc:a8:
82:d4:c2:97:40:12:18:14:23:e7:a7:6c:d0:22:27:
f6:bf:77:17:1d:ea:82:c5:d1:56:ec:19:a0:7b:bf:
71:16:a7:31:5b:1c:71:24:3e:19:75:37:17:97:0e:
5f:74:53:72:1b:36:54:5d:60:6a:eb:47:bc:7a:27:
40:81:80:2c:44:6e:a4:e1:58:0f:01:fe:0c:39:d9:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:A0:11:6C:D7:84:86:55:90:50:FF:5B:DE:BF:76:08:23:B8:54:C8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/B6ARbNeEhlWQUP9b3r92CCO4VMg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:83:d5:79:2a:78:ee:7f:9d:41:d5:52:fb:7a:2c:06:7e:43:
20:7d:18:bd:5d:25:c6:ad:53:ab:64:7a:09:4f:49:7c:1c:2f:
c3:bf:9c:3e:7e:53:4d:d4:84:8f:d1:88:5a:da:f1:df:f9:96:
fd:13:a8:d4:b7:5b:e2:9a:2e:47:44:66:6b:79:c2:2d:e7:45:
60:e9:85:e1:0d:4d:93:f8:d5:33:a3:24:98:4e:c2:b9:8b:15:
75:36:75:3e:2f:9a:6b:99:87:e9:18:f0:2e:6b:c3:4c:d1:9f:
48:e8:74:50:bc:5b:70:c8:ef:ee:6c:2d:20:53:0a:43:a9:d3:
c7:3c:b2:80:c2:0c:9f:a4:ac:de:64:3f:c5:ef:cc:da:64:0d:
ec:1b:ca:79:b6:8f:50:10:1b:08:c2:00:93:5e:52:1b:16:b6:
3c:ae:f0:88:6c:4f:0a:52:c7:0d:6b:07:70:70:a6:37:e0:48:
e5:94:f4:ce:cc:36:6c:60:10:aa:64:8a:a4:0a:a6:15:12:7f:
6d:03:59:ff:14:dc:a8:3a:2f:e7:f8:e0:4e:9b:68:d6:48:5d:
3e:3b:de:99:ac:af:f3:ac:40:7c:c5:75:a9:ff:4d:67:e7:db:
d2:96:0a:98:65:ee:c6:90:82:67:b8:22:91:59:ca:e1:15:7b:
15:73:c9:67
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
MTM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA3QTAxMTZDRDc4NDg2
NTU5MDUwRkY1QkRFQkY3NjA4MjNCODU0QzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSjVmbzbCwMxaZjbH6yxOqICK6M68Wc/x4dvF/K65XrOU1O+Ll
VuyBjk7J0xv9zdCulqZrgT61b7bRPL9tVYQorl6AUt69OkZytTh1/xMrwVfldUcD
SaMn/rerytBN8lgIxTS8llfXrr9XMR7YXd3gM6pJakpokDeafU1m9ou1oqphQqXI
4sIniTBTW9ziBLEjo8+Zg+oyyxHWhiuChi68DKoOj2B5FfcrTZ9UHm/JYqXcqILU
wpdAEhgUI+enbNAiJ/a/dxcd6oLF0VbsGaB7v3EWpzFbHHEkPhl1NxeXDl90U3Ib
NlRdYGrrR7x6J0CBgCxEbqThWA8B/gw52dxhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUB6ARbNeEhlWQUP9b3r92CCO4VMgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CNkFSYk5lRWhsV1FVUDli
M3I5MkNDTzRWTWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKuD1XkqeO5/nUHVUvt6LAZ+QyB9GL1dJcat
U6tkeglPSXwcL8O/nD5+U03UhI/RiFra8d/5lv0TqNS3W+KaLkdEZmt5wi3nRWDp
heENTZP41TOjJJhOwrmLFXU2dT4vmmuZh+kY8C5rw0zRn0jodFC8W3DI7+5sLSBT
CkOp08c8soDCDJ+krN5kP8XvzNpkDewbynm2j1AQGwjCAJNeUhsWtjyu8IhsTwpS
xw1rB3BwpjfgSOWU9M7MNmxgEKpkiqQKphUSf20DWf8U3Kg6L+f44E6baNZIXT47
3pmsr/OsQHzFdan/TWfn29KWCphl7saQgme4IpFZyuEVexVzyWc=
-----END CERTIFICATE-----
Generated at Sat May 17 23:30:04 2025 by rpki-client