Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/FEyvT1A4veTlHTKYsuBBdGi1z_M.roa
File: FEyvT1A4veTlHTKYsuBBdGi1z_M.roa (raw, json)
Hash identifier: Nm8Ic/MODKzGej0ijfPynhqIVDup96vqRKsPaqcIYPU=
Subject key identifier: 14:4C:AF:4F:50:38:BD:E4:E5:1D:32:98:B2:E0:41:74:68:B5:CF:F3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0126
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FEyvT1A4veTlHTKYsuBBdGi1z_M.roa
Signing time: Thu 08 May 2025 14:37:42 +0000
ROA not before: Thu 08 May 2025 14:37:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294 (0x126)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 14:37:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=144CAF4F5038BDE4E51D3298B2E0417468B5CFF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1b:7c:be:be:4d:93:2a:76:b4:7b:3c:d7:b1:
00:bf:95:02:e5:83:54:cc:6b:c8:a9:bf:30:5b:5d:
d9:57:35:0e:ab:f6:14:5a:62:92:e8:2a:0c:42:04:
90:15:64:89:71:6f:35:b1:2c:e1:ba:3c:d9:2c:b1:
a7:e6:80:37:0c:d1:13:da:45:a6:47:39:79:90:7a:
da:a7:3a:8c:1f:ea:14:23:1c:90:f6:e9:52:45:06:
ab:91:37:02:4f:84:5f:fe:42:17:fa:b3:b5:fa:37:
d8:ca:34:ed:89:d9:e5:d3:3e:aa:9e:6d:e1:a6:fb:
be:9d:62:c9:15:a7:20:66:db:b3:26:41:98:86:6f:
cd:6e:2c:71:7c:bf:ae:5b:fb:98:a0:ed:07:e7:01:
39:5a:18:0b:cc:21:a3:2e:4e:a8:de:c7:5b:49:e0:
7e:77:7c:91:be:e6:99:b1:01:23:32:33:78:34:db:
01:c0:39:80:49:97:ea:86:4b:3b:0b:9d:9c:ce:47:
57:d0:83:af:78:ad:30:1a:94:b0:b6:6b:6c:23:4a:
ea:39:1c:5b:da:cb:33:cc:5a:b2:68:38:c4:d2:1f:
38:d7:5d:ca:a0:1d:20:0a:1e:73:e3:f0:3f:cd:28:
0c:82:86:a6:9e:19:00:2c:15:82:c1:af:fa:82:ca:
b0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:4C:AF:4F:50:38:BD:E4:E5:1D:32:98:B2:E0:41:74:68:B5:CF:F3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/FEyvT1A4veTlHTKYsuBBdGi1z_M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:0c:7b:0a:f2:f8:d5:05:fa:29:bb:d9:79:ff:16:0f:92:e3:
7d:d4:7b:4e:a1:de:8d:12:a4:72:1e:e9:f2:d2:0e:5b:6f:4b:
bd:33:e3:62:05:42:ee:82:4a:f5:d5:53:c9:a8:b5:d2:9b:a1:
70:86:48:57:ce:6b:1f:2b:cd:a5:89:33:bc:38:44:4b:14:0a:
d3:3f:2c:d7:96:f9:2c:96:29:9f:5a:f0:03:7a:8b:c6:49:56:
33:c9:5d:96:ed:30:31:f4:44:e9:72:e2:71:9f:12:67:29:54:
1b:3f:29:27:27:40:2b:61:e9:ec:cc:a3:09:57:af:7d:06:d5:
51:bb:df:a0:72:29:f1:8d:79:3b:a2:22:0f:4a:dc:cf:4f:a9:
6f:87:5a:a9:1c:a4:02:d5:50:d6:99:3d:86:3d:60:91:c9:85:
6a:2c:65:30:8a:1a:c1:d5:65:ff:27:cd:47:7a:e4:f0:17:ab:
5d:50:c3:9b:09:ef:9a:e6:7c:20:78:b5:1c:e5:54:71:66:3b:
ca:15:c1:15:c5:0d:2b:5d:84:86:b5:d5:74:d3:50:57:2e:fc:
b7:23:93:71:35:6e:85:25:1f:16:4e:1e:2c:4e:0e:3b:e2:a3:
0c:fc:aa:9b:39:63:f7:3b:3b:5b:bc:bb:4a:ed:7a:8e:6d:7b:
dd:c3:e5:23
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICASYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
NDM3NDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE0NENBRjRGNTAzOEJE
RTRFNTFEMzI5OEIyRTA0MTc0NjhCNUNGRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBG3y+vk2TKna0ezzXsQC/lQLlg1TMa8ipvzBbXdlXNQ6r9hRa
YpLoKgxCBJAVZIlxbzWxLOG6PNkssafmgDcM0RPaRaZHOXmQetqnOowf6hQjHJD2
6VJFBquRNwJPhF/+Qhf6s7X6N9jKNO2J2eXTPqqebeGm+76dYskVpyBm27MmQZiG
b81uLHF8v65b+5ig7QfnATlaGAvMIaMuTqjex1tJ4H53fJG+5pmxASMyM3g02wHA
OYBJl+qGSzsLnZzOR1fQg694rTAalLC2a2wjSuo5HFvayzPMWrJoOMTSHzjXXcqg
HSAKHnPj8D/NKAyChqaeGQAsFYLBr/qCyrCvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUFEyvT1A4veTlHTKYsuBBdGi1z/MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9GRXl2VDFBNHZlVGxIVEtZ
c3VCQmRHaTF6X00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEQMewry+NUF+im72Xn/Fg+S433Ue06h3o0S
pHIe6fLSDltvS70z42IFQu6CSvXVU8motdKboXCGSFfOax8rzaWJM7w4REsUCtM/
LNeW+SyWKZ9a8AN6i8ZJVjPJXZbtMDH0ROly4nGfEmcpVBs/KScnQCth6ezMowlX
r30G1VG736ByKfGNeTuiIg9K3M9PqW+HWqkcpALVUNaZPYY9YJHJhWosZTCKGsHV
Zf8nzUd65PAXq11Qw5sJ75rmfCB4tRzlVHFmO8oVwRXFDStdhIa11XTTUFcu/Lcj
k3E1boUlHxZOHixODjviowz8qps5Y/c7O1u8u0rteo5te93D5SM=
-----END CERTIFICATE-----
Generated at Sun May 18 17:02:03 2025 by rpki-client