Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FCs9-8gEaEMx8YrRcVn0G9ecnzg.roa
File: FCs9-8gEaEMx8YrRcVn0G9ecnzg.roa (raw, json)
Hash identifier: ZM0xrxrUCJWAKyZOmjh9JY43dYoPE5rQNHKSsk4CUvc=
Subject key identifier: 14:2B:3D:FB:C8:04:68:43:31:F1:8A:D1:71:59:F4:1B:D7:9C:9F:38
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0462
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FCs9-8gEaEMx8YrRcVn0G9ecnzg.roa
Signing time: Mon 12 May 2025 22:07:59 +0000
ROA not before: Mon 12 May 2025 22:07:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1122 (0x462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 22:07:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=142B3DFBC804684331F18AD17159F41BD79C9F38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0b:65:76:bf:9f:0f:1c:3d:a4:87:8a:ab:23:
74:30:28:46:1a:eb:76:5b:c2:76:b3:8e:06:91:8a:
6a:04:0a:61:4b:a1:fc:f1:25:c4:82:a1:22:c2:72:
c3:25:94:c7:51:61:7c:f8:46:47:04:33:35:19:e4:
88:8e:d4:f4:44:fa:33:8f:af:a1:46:ee:53:95:1d:
00:f9:a9:c9:63:8d:7b:b2:9a:de:4a:32:73:6c:e5:
13:17:34:9c:4a:93:f6:ca:a1:76:60:85:61:b6:ae:
68:37:39:f1:5d:22:b7:a6:35:85:c4:f8:b6:5d:82:
f5:7a:27:99:2f:33:2a:29:44:cc:cd:03:7b:ee:95:
b0:af:20:91:4f:ea:71:66:c6:7f:c5:df:2a:af:ba:
a7:43:27:6b:b0:fc:45:3a:07:89:8c:6b:b1:e5:95:
31:12:6d:7c:eb:f0:b0:71:31:45:71:1d:7d:db:2d:
9e:40:c3:ca:24:fa:2f:61:62:23:ca:ca:fb:a4:aa:
11:9a:9e:f0:c5:66:14:ab:7c:f3:42:75:c3:a7:84:
ce:92:59:36:8e:b4:cb:3f:ee:75:05:b6:a8:9e:0c:
2a:fc:10:aa:53:9f:a3:44:e3:57:37:e6:40:ed:d8:
22:c9:87:08:9a:ed:3a:4e:33:95:7c:97:e4:78:2e:
7d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2B:3D:FB:C8:04:68:43:31:F1:8A:D1:71:59:F4:1B:D7:9C:9F:38
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FCs9-8gEaEMx8YrRcVn0G9ecnzg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:71:e4:f8:c9:dd:4a:65:19:14:44:7c:27:b3:9f:47:16:89:
67:bf:16:4c:53:94:95:d3:26:e7:73:7a:66:a2:17:e8:a3:6f:
f8:62:39:12:47:f4:85:1c:1a:a6:51:5b:66:d6:d6:f5:52:3d:
9b:4d:42:c1:b1:a5:d2:73:d4:22:d5:a5:bf:0a:4e:09:a3:7d:
75:ad:d9:0d:c3:44:82:05:64:46:d5:1c:3e:6c:4d:81:d2:d6:
c3:87:b1:f6:06:04:64:b6:a4:e5:5f:8b:16:69:cf:8c:63:af:
96:6f:40:a7:a4:4a:75:f2:e9:4d:10:da:4f:02:49:19:95:cd:
df:2a:17:00:aa:ea:b3:21:aa:33:63:ac:04:8e:ff:da:5d:9f:
0d:e5:e8:7d:bc:13:80:8c:2e:ab:d4:90:01:47:80:b2:63:87:
14:da:2b:b7:84:d9:3e:fd:6a:87:1f:c7:d8:08:1e:e2:c1:b4:
22:63:e6:ba:70:d1:8e:c5:73:78:05:9b:a9:e4:17:9f:15:02:
ca:66:2f:e9:d8:f0:f4:c5:f2:3f:ae:1d:9a:47:3f:8f:5e:78:
4b:33:63:c6:ae:03:43:f7:c8:02:2e:97:21:90:26:a5:88:a2:
be:5b:31:95:68:88:f1:ec:85:4e:93:03:16:54:f4:93:f6:47:
92:38:d9:df
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIy
MjA3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE0MkIzREZCQzgwNDY4
NDMzMUYxOEFEMTcxNTlGNDFCRDc5QzlGMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoC2V2v58PHD2kh4qrI3QwKEYa63ZbwnazjgaRimoECmFLofzx
JcSCoSLCcsMllMdRYXz4RkcEMzUZ5IiO1PRE+jOPr6FG7lOVHQD5qcljjXuymt5K
MnNs5RMXNJxKk/bKoXZghWG2rmg3OfFdIremNYXE+LZdgvV6J5kvMyopRMzNA3vu
lbCvIJFP6nFmxn/F3yqvuqdDJ2uw/EU6B4mMa7HllTESbXzr8LBxMUVxHX3bLZ5A
w8ok+i9hYiPKyvukqhGanvDFZhSrfPNCdcOnhM6SWTaOtMs/7nUFtqieDCr8EKpT
n6NE41c35kDt2CLJhwia7TpOM5V8l+R4Ln2jAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFCs9+8gEaEMx8YrRcVn0G9ecnzgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GQ3M5LThnRWFFTXg4WXJS
Y1ZuMEc5ZWNuemcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHZx5PjJ3UplGRREfCezn0cWiWe/FkxTlJXT
JudzemaiF+ijb/hiORJH9IUcGqZRW2bW1vVSPZtNQsGxpdJz1CLVpb8KTgmjfXWt
2Q3DRIIFZEbVHD5sTYHS1sOHsfYGBGS2pOVfixZpz4xjr5ZvQKekSnXy6U0Q2k8C
SRmVzd8qFwCq6rMhqjNjrASO/9pdnw3l6H28E4CMLqvUkAFHgLJjhxTaK7eE2T79
aocfx9gIHuLBtCJj5rpw0Y7Fc3gFm6nkF58VAspmL+nY8PTF8j+uHZpHP49eeEsz
Y8auA0P3yAIulyGQJqWIor5bMZVoiPHshU6TAxZU9JP2R5I42d8=
-----END CERTIFICATE-----
Generated at Sun May 18 06:48:18 2025 by rpki-client