Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/H213WVKHshZOdOpW44zOr52sn6s.roa
File: H213WVKHshZOdOpW44zOr52sn6s.roa (raw, json)
Hash identifier: yHLrevvy7sf4/rH+tU5BVqIlEfVyi9yCF5xTAWhZ7p8=
Subject key identifier: 1F:6D:77:59:52:87:B2:16:4E:74:EA:56:E3:8C:CE:AF:9D:AC:9F:AB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04EA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/H213WVKHshZOdOpW44zOr52sn6s.roa
Signing time: Tue 13 May 2025 15:08:48 +0000
ROA not before: Tue 13 May 2025 15:08:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1258 (0x4ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 15:08:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1F6D77595287B2164E74EA56E38CCEAF9DAC9FAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:92:d7:6a:2e:bd:b8:ff:05:ad:4b:38:0e:
69:53:5f:6f:4b:49:4c:f4:33:d3:6a:b6:d3:4e:79:
a0:9d:0e:c5:a6:9f:85:bc:6d:19:01:af:21:63:94:
fe:d4:4a:c1:05:58:6e:29:27:36:83:d7:7e:2c:cf:
4e:69:d4:ce:c3:da:da:ec:88:d8:ff:98:d1:c2:af:
76:6f:08:f3:fd:c5:b5:9b:45:95:4f:ab:04:c8:d7:
8d:2b:54:7d:99:0c:08:2b:05:c8:9c:2b:64:5e:ef:
30:28:56:3f:f4:61:a1:84:f2:d2:87:76:65:72:11:
c7:17:d3:79:31:63:7f:30:a7:73:49:9b:79:fe:11:
18:02:c6:b8:9e:53:5c:8c:b7:86:c1:70:5c:31:0e:
6c:ed:83:d3:83:98:f4:14:d1:04:09:06:d1:fb:98:
a0:d9:56:41:b5:16:66:c1:4b:86:fc:0f:36:6b:de:
7f:ce:19:1c:79:d5:9e:5c:95:e3:5a:06:05:52:e2:
bc:91:33:95:75:40:f7:1b:8a:e2:7b:1f:2d:5e:4f:
75:34:a2:a2:d3:15:b5:7e:94:3e:75:2c:14:d7:14:
2e:6a:1c:d3:f1:44:51:6c:05:af:1e:b1:29:9f:76:
aa:ea:f8:a6:e0:09:59:23:a9:e5:25:41:72:23:b1:
a3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6D:77:59:52:87:B2:16:4E:74:EA:56:E3:8C:CE:AF:9D:AC:9F:AB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/H213WVKHshZOdOpW44zOr52sn6s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:69:63:01:81:6d:1e:ea:e6:01:28:da:79:c9:5d:df:88:63:
02:0a:13:06:e7:4e:2f:70:b0:47:48:a5:15:4e:18:ee:f7:59:
7c:04:3d:c3:33:2e:e9:e7:ae:46:7e:b6:55:8a:e4:f4:1e:96:
7b:0b:ad:0f:08:e7:bc:49:30:a9:cb:4d:eb:61:88:68:27:6c:
5c:16:c7:1f:5d:b2:1e:62:84:47:f5:7d:cd:2c:37:7a:c8:06:
0e:0f:07:8a:0b:b1:02:1a:2f:78:7e:62:b2:43:22:31:39:04:
6d:9b:87:6f:1a:d3:c9:b9:3d:57:ad:e4:bf:a2:26:d8:fb:f6:
4f:23:9f:ba:da:7b:11:3f:b7:c2:cb:b2:0a:ce:23:32:d1:99:
5d:d1:9e:94:ae:86:5d:0b:1b:87:a8:0b:59:7c:80:e6:00:1a:
11:e0:4b:4a:27:1c:73:c7:42:6d:10:7e:8e:de:b2:75:7a:ca:
22:3b:d5:7d:8a:31:77:c2:06:92:27:34:70:09:65:a8:c1:37:
00:ed:a0:67:df:e4:1f:57:07:bd:ba:cc:df:93:89:c0:28:a1:
85:71:b4:9b:91:d3:31:bb:ad:1b:7b:67:0f:4c:36:6d:d1:29:
fd:de:d8:b4:c6:7b:1a:7d:e4:50:cf:ab:3b:2f:7d:aa:06:69:
1a:38:81:d8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
NTA4NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFGNkQ3NzU5NTI4N0Iy
MTY0RTc0RUE1NkUzOENDRUFGOURBQzlGQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKepLXai69uP8FrUs4DmlTX29LSUz0M9NqttNOeaCdDsWmn4W8
bRkBryFjlP7USsEFWG4pJzaD134sz05p1M7D2trsiNj/mNHCr3ZvCPP9xbWbRZVP
qwTI140rVH2ZDAgrBcicK2Re7zAoVj/0YaGE8tKHdmVyEccX03kxY38wp3NJm3n+
ERgCxrieU1yMt4bBcFwxDmztg9ODmPQU0QQJBtH7mKDZVkG1FmbBS4b8DzZr3n/O
GRx51Z5cleNaBgVS4ryRM5V1QPcbiuJ7Hy1eT3U0oqLTFbV+lD51LBTXFC5qHNPx
RFFsBa8esSmfdqrq+KbgCVkjqeUlQXIjsaPpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUH213WVKHshZOdOpW44zOr52sn6swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IMjEzV1ZLSHNoWk9kT3BX
NDR6T3I1MnNuNnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHVpYwGBbR7q5gEo2nnJXd+IYwIKEwbnTi9w
sEdIpRVOGO73WXwEPcMzLunnrkZ+tlWK5PQelnsLrQ8I57xJMKnLTethiGgnbFwW
xx9dsh5ihEf1fc0sN3rIBg4PB4oLsQIaL3h+YrJDIjE5BG2bh28a08m5PVet5L+i
Jtj79k8jn7raexE/t8LLsgrOIzLRmV3RnpSuhl0LG4eoC1l8gOYAGhHgS0onHHPH
Qm0Qfo7esnV6yiI71X2KMXfCBpInNHAJZajBNwDtoGff5B9XB726zN+TicAooYVx
tJuR0zG7rRt7Zw9MNm3RKf3e2LTGexp95FDPqzsvfaoGaRo4gdg=
-----END CERTIFICATE-----
Generated at Sun May 18 18:38:57 2025 by rpki-client