Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CHekIPtgnhGSGMo-FweC1uY5oXU.roa
File: CHekIPtgnhGSGMo-FweC1uY5oXU.roa (raw, json)
Hash identifier: T2wDVPcsjriAAOSpLBSPI+Mu0WNVskXbin93X7MAOas=
Subject key identifier: 08:77:A4:20:FB:60:9E:11:92:18:CA:3E:17:07:82:D6:E6:39:A1:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0372
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CHekIPtgnhGSGMo-FweC1uY5oXU.roa
Signing time: Sun 11 May 2025 16:07:53 +0000
ROA not before: Sun 11 May 2025 16:07:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 882 (0x372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 16:07:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0877A420FB609E119218CA3E170782D6E639A175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:71:cb:ce:92:1d:39:3b:8e:de:26:0d:74:29:
1e:6e:fc:cd:60:03:56:1c:47:97:fd:cf:41:54:e8:
e9:df:53:1a:34:52:4c:5b:7b:b3:77:ac:06:23:48:
38:27:57:69:17:7f:b5:f9:73:0d:1b:e1:d0:a4:9f:
21:d4:a1:eb:ca:71:00:5e:b5:99:9f:35:a1:17:2c:
15:6b:f7:95:93:f7:21:a8:1a:f0:5c:a3:d9:40:fc:
1d:15:2c:56:cd:bf:fb:22:ac:f2:59:7e:59:85:41:
8d:d9:9e:6f:be:da:5f:05:cf:82:b0:69:be:ee:40:
b5:c2:f2:68:2b:d3:a6:e8:67:d9:06:26:f6:32:dc:
e8:9b:61:8d:a1:81:21:3a:d6:2b:e1:c8:f9:ea:32:
97:e1:7a:a8:ca:2f:48:f6:33:48:6e:db:00:57:02:
47:14:8a:25:e4:60:08:5c:27:b6:ec:56:56:77:18:
da:04:27:94:76:49:ae:42:28:8f:e4:f1:63:3b:5f:
9c:6e:32:ab:77:73:87:b9:7d:ea:fd:44:f3:61:52:
c3:30:bd:8d:fb:6f:58:9d:7f:af:e7:90:77:46:65:
43:de:e9:88:f4:ff:64:dc:51:4f:16:1b:bd:a3:e2:
37:1d:58:63:b9:cb:9f:45:f1:47:6a:9e:37:3d:5e:
f9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:77:A4:20:FB:60:9E:11:92:18:CA:3E:17:07:82:D6:E6:39:A1:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CHekIPtgnhGSGMo-FweC1uY5oXU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:8c:1c:c3:33:8d:f0:48:a9:74:6b:98:d2:70:19:5c:93:97:
9c:c7:2b:27:95:cb:d4:ae:8f:2c:d6:57:54:d8:40:df:89:ff:
00:93:67:48:a5:7d:0f:60:d1:bd:96:60:77:2c:3a:96:4c:09:
3c:94:4a:b7:99:00:10:b9:c7:57:84:68:f0:90:3a:fd:c7:b0:
39:1d:c3:21:77:65:a6:0e:27:3c:11:12:cd:40:59:b3:aa:b8:
14:95:c5:76:88:b7:0c:9f:8b:01:44:ef:9b:12:cb:52:7f:18:
5c:92:97:ff:e2:70:73:bd:61:c2:d5:4a:0c:0d:ec:ec:52:66:
fd:26:d9:34:cc:e4:43:66:7c:c9:dc:74:5a:30:c0:77:85:30:
7e:bb:25:3d:96:43:97:ea:b7:dd:2f:a9:0b:e5:77:a1:9b:0c:
9b:24:1e:bb:9b:ad:a5:0b:ca:f7:5b:22:58:16:55:c6:53:c5:
1b:70:7c:6c:1b:00:a2:6f:2f:34:7b:ed:fe:4e:bd:a8:cf:dd:
5a:6e:db:da:56:c6:6a:ab:65:07:ca:f4:ab:c7:3c:47:e5:83:
4c:03:02:e8:60:73:67:b1:59:8f:76:9a:66:c0:0e:06:c4:47:
b9:0e:cb:a6:4c:f0:36:30:01:ed:da:8f:f6:ad:bc:0a:95:ea:
5f:ee:5e:3a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NjA3NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA4NzdBNDIwRkI2MDlF
MTE5MjE4Q0EzRTE3MDc4MkQ2RTYzOUExNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1ccvOkh05O47eJg10KR5u/M1gA1YcR5f9z0FU6OnfUxo0Ukxb
e7N3rAYjSDgnV2kXf7X5cw0b4dCknyHUoevKcQBetZmfNaEXLBVr95WT9yGoGvBc
o9lA/B0VLFbNv/sirPJZflmFQY3Znm++2l8Fz4Kwab7uQLXC8mgr06boZ9kGJvYy
3OibYY2hgSE61ivhyPnqMpfheqjKL0j2M0hu2wBXAkcUiiXkYAhcJ7bsVlZ3GNoE
J5R2Sa5CKI/k8WM7X5xuMqt3c4e5fer9RPNhUsMwvY37b1idf6/nkHdGZUPe6Yj0
/2TcUU8WG72j4jcdWGO5y59F8Udqnjc9XvlFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCHekIPtgnhGSGMo+FweC1uY5oXUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DSGVrSVB0Z25oR1NHTW8t
RndlQzF1WTVvWFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFGMHMMzjfBIqXRrmNJwGVyTl5zHKyeVy9Su
jyzWV1TYQN+J/wCTZ0ilfQ9g0b2WYHcsOpZMCTyUSreZABC5x1eEaPCQOv3HsDkd
wyF3ZaYOJzwREs1AWbOquBSVxXaItwyfiwFE75sSy1J/GFySl//icHO9YcLVSgwN
7OxSZv0m2TTM5ENmfMncdFowwHeFMH67JT2WQ5fqt90vqQvld6GbDJskHrubraUL
yvdbIlgWVcZTxRtwfGwbAKJvLzR77f5OvajP3Vpu29pWxmqrZQfK9KvHPEflg0wD
Auhgc2exWY92mmbADgbER7kOy6ZM8DYwAe3aj/atvAqV6l/uXjo=
-----END CERTIFICATE-----
Generated at Sun May 18 03:06:20 2025 by rpki-client