Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HhJNVJur6B-4QLuiXACMHU01xuw.roa
File: HhJNVJur6B-4QLuiXACMHU01xuw.roa (raw, json)
Hash identifier: 8gfSVtUTeRn6kIMamkgK0526T+Z8gi6ReV5dcqcn/hE=
Subject key identifier: 1E:12:4D:54:9B:AB:E8:1F:B8:40:BB:A2:5C:00:8C:1D:4D:35:C6:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0696
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HhJNVJur6B-4QLuiXACMHU01xuw.roa
Signing time: Thu 15 May 2025 20:38:09 +0000
ROA not before: Thu 15 May 2025 20:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1686 (0x696)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 20:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1E124D549BABE81FB840BBA25C008C1D4D35C6EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ef:0a:91:5b:76:64:1a:6b:dc:08:d4:99:2d:
35:1f:d2:4f:29:ac:6a:bd:60:44:24:4b:ed:1d:a1:
19:03:99:c6:00:d5:ab:f0:6a:1d:e5:43:63:d9:3a:
f6:1e:d9:3d:aa:8a:06:5d:ef:fd:15:8a:f0:98:48:
85:bd:e2:fb:f3:c0:fe:07:85:21:a4:27:6d:54:4a:
f3:01:3b:96:db:68:0a:75:19:8d:1e:d7:19:eb:67:
bb:38:76:7e:f0:0d:e5:5b:09:6f:d8:de:1c:5a:f4:
98:e0:8b:82:cc:f6:04:6e:86:cb:57:79:a2:7e:34:
81:de:1a:ea:7b:9d:e1:f0:81:80:2c:d3:bb:24:5b:
3f:40:2a:c5:da:86:fd:63:a9:27:7b:18:d0:32:e5:
13:10:77:0d:d4:07:21:55:31:76:f3:3f:3f:6f:01:
ea:46:22:48:00:b7:5f:e9:b5:4a:86:13:3f:7d:60:
3d:a6:0e:4c:22:b4:ad:8b:9e:40:ff:98:04:5b:bd:
f5:28:50:56:e0:40:e2:5d:f5:e0:7b:9f:a5:65:f3:
9d:0a:b2:da:24:cc:21:c7:69:2f:00:cf:27:bf:5a:
bb:23:ea:5a:9c:a6:86:d6:15:00:a6:22:78:35:b1:
f8:de:37:13:a0:5e:df:b2:48:e9:e0:dd:8c:e3:8d:
d4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:12:4D:54:9B:AB:E8:1F:B8:40:BB:A2:5C:00:8C:1D:4D:35:C6:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HhJNVJur6B-4QLuiXACMHU01xuw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:9a:23:94:66:04:79:1c:94:ef:17:d1:37:29:8f:c0:a2:4b:
78:d1:df:96:79:4a:47:0f:3d:cf:83:2e:04:8c:41:79:57:7c:
3a:6f:62:9b:52:9d:63:97:8b:88:c6:9c:70:80:96:cb:2d:6c:
5a:9e:89:c9:fc:c5:ae:ea:cf:81:93:25:99:cd:65:23:d5:31:
09:93:7e:f0:ae:b2:ce:7f:85:30:fc:c1:3a:f6:a7:ae:8a:fc:
41:a6:a2:41:b4:d2:63:a4:6b:f6:2f:87:8f:2a:dd:17:e6:45:
5a:b8:29:cb:91:50:8e:b3:25:96:7b:21:92:b8:a2:44:e5:9a:
2f:a5:43:82:ef:06:90:b5:6f:a7:9d:42:74:77:49:77:4e:01:
8d:f3:6b:d9:e0:0a:3f:f4:0f:7c:53:dc:ed:bd:df:b0:91:0a:
05:0c:c9:41:be:cd:c6:a2:ab:8f:de:44:75:9c:49:d5:29:40:
83:30:95:a8:9d:37:97:ab:c9:b9:79:46:0a:74:c5:aa:70:27:
5b:92:cd:ad:5c:88:36:5b:18:40:c2:9c:61:6f:a6:26:ac:f2:
6b:ed:60:d0:44:a4:a4:23:de:12:7c:30:10:08:81:dd:f2:43:
21:ee:63:c4:5f:09:ca:f7:be:88:e8:d2:3e:7e:d3:a0:fa:a2:
27:e1:53:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBpYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MDM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFFMTI0RDU0OUJBQkU4
MUZCODQwQkJBMjVDMDA4QzFENEQzNUM2RUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU7wqRW3ZkGmvcCNSZLTUf0k8prGq9YEQkS+0doRkDmcYA1avw
ah3lQ2PZOvYe2T2qigZd7/0VivCYSIW94vvzwP4HhSGkJ21USvMBO5bbaAp1GY0e
1xnrZ7s4dn7wDeVbCW/Y3hxa9Jjgi4LM9gRuhstXeaJ+NIHeGup7neHwgYAs07sk
Wz9AKsXahv1jqSd7GNAy5RMQdw3UByFVMXbzPz9vAepGIkgAt1/ptUqGEz99YD2m
DkwitK2LnkD/mARbvfUoUFbgQOJd9eB7n6Vl850KstokzCHHaS8Azye/Wrsj6lqc
pobWFQCmIng1sfjeNxOgXt+ySOng3YzjjdQ1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHhJNVJur6B+4QLuiXACMHU01xuwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IaEpOVkp1cjZCLTRRTHVp
WEFDTUhVMDF4dXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ6aI5RmBHkclO8X0Tcpj8CiS3jR35Z5SkcP
Pc+DLgSMQXlXfDpvYptSnWOXi4jGnHCAlsstbFqeicn8xa7qz4GTJZnNZSPVMQmT
fvCuss5/hTD8wTr2p66K/EGmokG00mOka/Yvh48q3RfmRVq4KcuRUI6zJZZ7IZK4
okTlmi+lQ4LvBpC1b6edQnR3SXdOAY3za9ngCj/0D3xT3O2937CRCgUMyUG+zcai
q4/eRHWcSdUpQIMwlaidN5erybl5Rgp0xapwJ1uSza1ciDZbGEDCnGFvpias8mvt
YNBEpKQj3hJ8MBAIgd3yQyHuY8RfCcr3vojo0j5+06D6oifhUwY=
-----END CERTIFICATE-----
Generated at Sat May 17 22:40:17 2025 by rpki-client