Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BUQCIUIYIl67G2P8Tc9NdGW-xs4.roa
File: BUQCIUIYIl67G2P8Tc9NdGW-xs4.roa (raw, json)
Hash identifier: nv+50zAzVWbEc2jycO5MG3e3yaguoTYKhGMJwFJtUZ4=
Subject key identifier: 05:44:02:21:42:18:22:5E:BB:1B:63:FC:4D:CF:4D:74:65:BE:C6:CE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05EA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BUQCIUIYIl67G2P8Tc9NdGW-xs4.roa
Signing time: Wed 14 May 2025 23:08:03 +0000
ROA not before: Wed 14 May 2025 23:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1514 (0x5ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 23:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=054402214218225EBB1B63FC4DCF4D7465BEC6CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:96:9a:f0:b5:4d:06:9f:af:df:a5:12:67:
45:92:79:02:7b:cc:af:cb:27:d5:e3:c3:a1:b5:c8:
fa:6f:72:d6:39:26:27:07:ac:17:1a:c4:dc:fa:17:
67:92:61:32:79:64:67:15:7d:ba:0f:f9:c6:62:77:
7e:2f:14:27:6d:40:9c:94:62:06:c4:0c:df:c4:7a:
91:57:2f:26:d1:93:d7:9b:2c:e3:36:53:b9:3d:22:
3d:8c:8c:31:c2:8c:34:f9:ce:a5:25:f6:0c:67:36:
81:c0:80:51:34:ac:a5:e6:96:2c:1c:ad:ba:94:c2:
27:80:3c:23:df:49:af:7a:8f:0a:a1:eb:40:e8:5f:
94:82:b3:00:5d:35:8d:0e:74:8f:0f:58:d3:1b:98:
2a:58:27:5a:39:f4:80:e2:4c:be:21:89:49:a3:fa:
ef:be:ad:f0:19:96:97:71:f4:da:7a:e4:3d:37:eb:
8a:10:0b:c0:db:11:57:66:78:0a:64:7f:94:65:f1:
b2:7b:f1:97:b7:75:af:df:d8:28:fe:17:5e:5f:ed:
40:98:2d:01:9b:c0:f3:21:63:15:5b:01:f7:63:ea:
99:c7:0a:28:fe:8a:1b:b2:73:fe:e3:1b:2e:74:e1:
f1:96:5f:8b:a0:e9:71:97:df:df:4a:c2:d8:b3:cc:
a6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:44:02:21:42:18:22:5E:BB:1B:63:FC:4D:CF:4D:74:65:BE:C6:CE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BUQCIUIYIl67G2P8Tc9NdGW-xs4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:ae:cf:e6:d1:41:96:29:dd:76:4e:02:0a:97:55:70:29:b5:
0c:e2:fd:c5:18:89:30:b8:39:cc:e5:9f:ce:45:a7:57:12:f9:
28:20:f4:b2:5b:65:33:ac:e7:a7:fd:36:80:d9:33:19:b0:31:
1b:ea:4b:42:82:14:66:19:6f:bd:ed:ac:0a:d5:f5:9d:7c:4c:
63:76:31:eb:54:de:32:aa:04:ee:68:59:54:a7:cc:33:26:98:
78:59:5d:56:f0:e3:31:43:48:f7:d5:23:e9:d6:48:f0:33:3e:
69:ba:28:43:09:1d:c1:dd:07:65:06:af:64:f1:a5:f6:1e:fd:
6d:30:24:93:81:b2:33:ae:72:fc:37:1c:31:8b:99:70:54:d0:
ea:36:da:aa:5c:4d:e6:2c:92:b5:34:43:0f:3f:4c:8c:49:6c:
89:01:0d:12:38:e3:17:b0:93:f0:f0:63:bc:96:d9:f8:02:f2:
f6:a0:14:06:2a:82:46:41:b2:6f:03:07:88:62:85:4d:7b:60:
b2:b5:c3:69:41:07:bc:20:3e:54:59:dc:8d:1f:e9:0f:d0:e0:
a0:79:67:d0:75:0c:ca:9d:91:a9:a1:77:8f:54:d8:f9:b9:24:
b0:82:ef:63:26:15:01:d3:2f:57:49:db:4a:d2:2f:74:16:0f:
c9:a8:1e:e8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQy
MzA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA1NDQwMjIxNDIxODIy
NUVCQjFCNjNGQzREQ0Y0RDc0NjVCRUM2Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwsJaa8LVNBp+v36USZ0WSeQJ7zK/LJ9Xjw6G1yPpvctY5JicH
rBcaxNz6F2eSYTJ5ZGcVfboP+cZid34vFCdtQJyUYgbEDN/EepFXLybRk9ebLOM2
U7k9Ij2MjDHCjDT5zqUl9gxnNoHAgFE0rKXmliwcrbqUwieAPCPfSa96jwqh60Do
X5SCswBdNY0OdI8PWNMbmCpYJ1o59IDiTL4hiUmj+u++rfAZlpdx9Np65D0364oQ
C8DbEVdmeApkf5Rl8bJ78Ze3da/f2Cj+F15f7UCYLQGbwPMhYxVbAfdj6pnHCij+
ihuyc/7jGy504fGWX4ug6XGX399KwtizzKZBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBUQCIUIYIl67G2P8Tc9NdGW+xs4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CVVFDSVVJWUlsNjdHMlA4
VGM5TmRHVy14czQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACquz+bRQZYp3XZOAgqXVXAptQzi/cUYiTC4
Oczln85Fp1cS+Sgg9LJbZTOs56f9NoDZMxmwMRvqS0KCFGYZb73trArV9Z18TGN2
MetU3jKqBO5oWVSnzDMmmHhZXVbw4zFDSPfVI+nWSPAzPmm6KEMJHcHdB2UGr2Tx
pfYe/W0wJJOBsjOucvw3HDGLmXBU0Oo22qpcTeYskrU0Qw8/TIxJbIkBDRI44xew
k/DwY7yW2fgC8vagFAYqgkZBsm8DB4hihU17YLK1w2lBB7wgPlRZ3I0f6Q/Q4KB5
Z9B1DMqdkamhd49U2Pm5JLCC72MmFQHTL1dJ20rSL3QWD8moHug=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:23 2025 by rpki-client