Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HEEyjLg--sRKqbYSI4vy_8CmwdM.roa
File: HEEyjLg--sRKqbYSI4vy_8CmwdM.roa (raw, json)
Hash identifier: t3u44cp0dmKnIiR4Djj0eYGycebXTbaR31V1PwXo8YE=
Subject key identifier: 1C:41:32:8C:B8:3E:FA:C4:4A:A9:B6:12:23:8B:F2:FF:C0:A6:C1:D3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 063A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HEEyjLg--sRKqbYSI4vy_8CmwdM.roa
Signing time: Thu 15 May 2025 09:08:07 +0000
ROA not before: Thu 15 May 2025 09:08:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1594 (0x63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 09:08:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1C41328CB83EFAC44AA9B612238BF2FFC0A6C1D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8a:9b:d6:69:70:dc:8c:d9:47:b1:e2:6a:57:
44:d4:0c:f8:b9:bd:e9:0a:d0:05:39:cc:65:6f:e5:
bd:8c:f1:e3:34:4a:4c:02:f7:d0:6d:77:d3:cc:e0:
3a:d9:d7:b6:5f:0e:53:b2:18:16:d0:1d:e2:5d:a3:
09:c9:4e:1d:1b:72:5e:4b:a4:6e:02:ec:f4:4c:0b:
0f:1f:e5:8f:bc:44:0c:56:c4:4f:b2:2b:2d:59:f1:
5f:7d:69:3a:a9:a6:a3:ab:c3:5c:5a:ad:ad:f1:c1:
34:61:9c:2b:cd:c9:ee:e9:9a:a0:4b:af:c9:e8:58:
17:95:8d:62:8c:e0:b8:12:6a:d6:fb:28:54:68:04:
28:cf:86:d4:ac:17:9c:cb:73:ec:c2:fa:92:1a:15:
e7:fe:0b:21:03:08:e4:9a:fd:07:1c:e8:a1:cb:0c:
20:d9:cb:14:33:3d:fb:d3:6b:3b:2b:d1:68:1e:ce:
bd:3b:a8:fb:d3:c9:6d:1b:bc:62:b3:67:4f:8b:61:
bd:ad:db:e5:92:eb:96:40:3d:8f:8b:93:3e:55:c3:
f6:88:50:d2:b9:95:2b:08:42:83:75:79:e0:91:ea:
72:e3:e9:75:23:89:4b:22:f8:9e:16:b1:bb:93:77:
34:00:0b:e2:cf:02:6d:3b:80:f4:47:35:af:34:25:
14:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:41:32:8C:B8:3E:FA:C4:4A:A9:B6:12:23:8B:F2:FF:C0:A6:C1:D3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HEEyjLg--sRKqbYSI4vy_8CmwdM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:f7:50:45:68:ce:67:c0:80:93:a1:b3:42:09:0e:7d:ed:05:
79:6e:0c:42:75:32:50:01:a7:ff:47:1e:87:0c:f2:fb:d1:ba:
8c:f7:66:27:df:5c:3e:d0:a5:93:9b:59:db:2e:9f:2b:2e:2a:
62:5d:41:c2:e7:99:9c:ba:ba:ff:88:67:c4:95:3a:95:3e:66:
65:7c:a0:6e:07:52:06:cf:9e:95:3a:13:81:4d:a1:e4:10:c0:
bc:dd:f2:5e:9c:8a:20:10:36:dd:84:d5:fd:b1:a5:fb:ff:56:
f2:78:7a:3b:ad:a2:43:8c:d3:fd:b5:ff:7c:1a:95:7c:b5:50:
da:f2:99:61:1d:a2:0e:8b:ef:68:b9:2c:df:16:ff:04:36:39:
66:a0:a3:ad:22:5a:23:77:c3:ae:9c:86:67:41:4b:be:24:d9:
8b:36:f9:9b:2e:18:90:0e:22:64:c8:7b:45:8e:55:c0:3d:f5:
f4:37:4c:9f:ed:52:c1:8b:78:ad:9c:07:bd:b6:0e:71:5a:8e:
9f:b1:4c:b4:aa:fd:f7:53:02:fb:c0:38:ec:32:6d:fa:da:f8:
d6:e8:e3:a4:d1:b6:b7:96:32:29:31:3c:da:e2:d5:80:78:a9:
90:18:63:bb:4f:e6:90:36:b6:6c:ea:cd:da:9c:37:87:f5:c7:
72:9a:0a:d3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
OTA4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFDNDEzMjhDQjgzRUZB
QzQ0QUE5QjYxMjIzOEJGMkZGQzBBNkMxRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOipvWaXDcjNlHseJqV0TUDPi5vekK0AU5zGVv5b2M8eM0SkwC
99Btd9PM4DrZ17ZfDlOyGBbQHeJdownJTh0bcl5LpG4C7PRMCw8f5Y+8RAxWxE+y
Ky1Z8V99aTqppqOrw1xara3xwTRhnCvNye7pmqBLr8noWBeVjWKM4LgSatb7KFRo
BCjPhtSsF5zLc+zC+pIaFef+CyEDCOSa/Qcc6KHLDCDZyxQzPfvTazsr0Wgezr07
qPvTyW0bvGKzZ0+LYb2t2+WS65ZAPY+Lkz5Vw/aIUNK5lSsIQoN1eeCR6nLj6XUj
iUsi+J4WsbuTdzQAC+LPAm07gPRHNa80JRSZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHEEyjLg++sRKqbYSI4vy/8CmwdMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IRUV5akxnLS1zUktxYllT
STR2eV84Q213ZE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIP3UEVozmfAgJOhs0IJDn3tBXluDEJ1MlAB
p/9HHocM8vvRuoz3ZiffXD7QpZObWdsunysuKmJdQcLnmZy6uv+IZ8SVOpU+ZmV8
oG4HUgbPnpU6E4FNoeQQwLzd8l6ciiAQNt2E1f2xpfv/VvJ4ejutokOM0/21/3wa
lXy1UNrymWEdog6L72i5LN8W/wQ2OWago60iWiN3w66chmdBS74k2Ys2+ZsuGJAO
ImTIe0WOVcA99fQ3TJ/tUsGLeK2cB722DnFajp+xTLSq/fdTAvvAOOwybfra+Nbo
46TRtreWMikxPNri1YB4qZAYY7tP5pA2tmzqzdqcN4f1x3KaCtM=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:13 2025 by rpki-client