Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DZB4pNEEhExYvUSGMd9cRjIH7uk.roa
File: DZB4pNEEhExYvUSGMd9cRjIH7uk.roa (raw, json)
Hash identifier: RiMM5Vuiw/AG1lQc+bjp0z44cP6vEZfz/Zf2ajR+9ow=
Subject key identifier: 0D:90:78:A4:D1:04:84:4C:58:BD:44:86:31:DF:5C:46:32:07:EE:E9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 062A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DZB4pNEEhExYvUSGMd9cRjIH7uk.roa
Signing time: Thu 15 May 2025 07:08:02 +0000
ROA not before: Thu 15 May 2025 07:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1578 (0x62a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 07:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0D9078A4D104844C58BD448631DF5C463207EEE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:17:2c:40:0e:3f:62:fd:b7:5a:57:e1:74:7b:
f5:eb:3f:48:3a:20:88:82:55:1f:ff:e6:c7:79:b8:
3c:78:64:fc:e5:35:9d:ca:c1:45:17:f4:86:76:e1:
f5:25:43:3b:55:87:8a:14:a7:4a:6e:df:9a:9b:fd:
9a:ec:e3:f6:e2:30:36:88:b7:72:21:1a:35:b5:ac:
65:aa:67:dc:22:cf:3b:7c:33:1a:43:3f:01:8a:09:
61:54:36:53:dc:2f:f4:17:07:8a:f7:48:84:cb:5b:
b5:39:42:de:06:94:38:eb:33:b4:58:da:99:93:60:
db:75:f9:3b:a7:dc:dc:cc:f9:cf:cc:e6:96:6e:ad:
e7:92:ff:48:3f:e1:f5:f9:90:ad:47:c6:89:e3:48:
7a:63:49:8d:19:25:08:75:fc:0e:df:4f:d6:b6:6c:
6d:b7:1e:3a:ff:d2:09:03:00:a1:4a:6b:6b:ad:a3:
90:1b:44:7b:a8:b5:b9:a8:56:32:27:2a:8d:7a:1e:
07:7a:7f:3e:1a:56:f1:1e:b6:b5:3e:33:1b:29:2b:
41:45:19:a1:a9:e4:f0:a0:b9:48:12:10:13:64:08:
cd:3c:5e:94:a1:f9:cb:76:2c:8b:3c:36:e4:0f:5f:
39:d2:11:90:17:b0:28:a5:8d:6d:e1:f8:ff:89:32:
fd:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:90:78:A4:D1:04:84:4C:58:BD:44:86:31:DF:5C:46:32:07:EE:E9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DZB4pNEEhExYvUSGMd9cRjIH7uk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:7a:d0:37:ed:f2:6f:fa:68:35:36:df:98:e5:b7:cf:e8:21:
f3:03:01:a6:ec:65:f4:c8:fd:33:14:2b:78:24:e2:a9:f2:09:
b2:23:43:cd:dc:bd:be:b6:4b:d1:43:77:23:5e:63:1b:e8:a8:
96:ae:c8:ee:3c:5d:dc:4c:0a:ef:38:6b:af:b0:ef:ca:dd:99:
02:fc:62:88:9b:7e:cf:2e:cb:8b:f5:35:fb:97:69:22:3d:db:
b1:e3:3b:f6:ff:90:5b:bf:6d:7f:37:f4:04:2b:43:e8:b6:a3:
27:55:77:7e:40:64:b4:ff:6c:8f:eb:78:71:76:e1:bd:3d:2f:
c5:bf:17:39:68:7e:c0:ca:6a:a2:1e:a5:42:bc:40:b5:6e:79:
f4:29:2c:85:44:35:92:58:15:03:b8:3f:77:16:73:5a:60:01:
af:5d:54:8b:31:86:cf:ea:53:4b:1c:28:59:fb:59:0c:d0:90:
94:b1:1e:77:d2:5d:d4:08:2f:08:a6:6a:e5:1d:39:1d:79:8a:
19:b5:d3:13:32:77:49:15:f2:ab:9d:bd:7e:e4:af:c2:27:86:
55:02:a9:4e:f7:ba:ca:49:bd:46:60:f5:02:5e:0c:c6:5a:af:
8f:d7:66:b3:41:b6:d8:95:34:17:ee:f3:89:90:17:d7:08:91:
ff:09:c3:b5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBEOTA3OEE0RDEwNDg0
NEM1OEJENDQ4NjMxREY1QzQ2MzIwN0VFRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJFyxADj9i/bdaV+F0e/XrP0g6IIiCVR//5sd5uDx4ZPzlNZ3K
wUUX9IZ24fUlQztVh4oUp0pu35qb/Zrs4/biMDaIt3IhGjW1rGWqZ9wizzt8MxpD
PwGKCWFUNlPcL/QXB4r3SITLW7U5Qt4GlDjrM7RY2pmTYNt1+Tun3NzM+c/M5pZu
reeS/0g/4fX5kK1HxonjSHpjSY0ZJQh1/A7fT9a2bG23Hjr/0gkDAKFKa2uto5Ab
RHuotbmoVjInKo16Hgd6fz4aVvEetrU+MxspK0FFGaGp5PCguUgSEBNkCM08XpSh
+ct2LIs8NuQPXznSEZAXsCiljW3h+P+JMv1vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDZB4pNEEhExYvUSGMd9cRjIH7ukwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EWkI0cE5FRWhFeFl2VVNH
TWQ5Y1JqSUg3dWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAG560Dft8m/6aDU235jlt8/oIfMDAabsZfTI
/TMUK3gk4qnyCbIjQ83cvb62S9FDdyNeYxvoqJauyO48XdxMCu84a6+w78rdmQL8
Yoibfs8uy4v1NfuXaSI927HjO/b/kFu/bX839AQrQ+i2oydVd35AZLT/bI/reHF2
4b09L8W/FzlofsDKaqIepUK8QLVuefQpLIVENZJYFQO4P3cWc1pgAa9dVIsxhs/q
U0scKFn7WQzQkJSxHnfSXdQILwimauUdOR15ihm10xMyd0kV8qudvX7kr8InhlUC
qU73uspJvUZg9QJeDMZar4/XZrNBttiVNBfu84mQF9cIkf8Jw7U=
-----END CERTIFICATE-----
Generated at Sun May 18 09:09:19 2025 by rpki-client