Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ITFH5DNQcM99RkamZnHAXEolroI.roa
File: ITFH5DNQcM99RkamZnHAXEolroI.roa (raw, json)
Hash identifier: zDJcsdGcoGvSYHPDK9Ls8AMkgyDKe/LGX1HCWKRjwqg=
Subject key identifier: 21:31:47:E4:33:50:70:CF:7D:46:46:A6:66:71:C0:5C:4A:25:AE:82
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03B2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ITFH5DNQcM99RkamZnHAXEolroI.roa
Signing time: Mon 12 May 2025 00:08:15 +0000
ROA not before: Mon 12 May 2025 00:08:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 946 (0x3b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 00:08:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=213147E4335070CF7D4646A66671C05C4A25AE82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:56:78:15:7c:de:74:7d:ef:eb:13:52:b8:57:
05:3a:93:64:2c:76:b7:27:e9:37:a3:e5:e4:2b:c4:
cd:7d:83:aa:b2:a3:63:03:79:e8:37:24:f4:c0:28:
7f:5e:0a:45:5e:63:7c:7b:26:58:80:0f:ff:8f:4d:
b9:cd:12:7c:c3:85:2f:9c:6f:1c:b6:72:d5:ef:f7:
f4:dc:a3:4d:f0:ba:dd:ab:fe:32:66:8d:97:1f:5e:
8d:7e:33:90:e5:b9:3e:29:2b:9c:f9:8a:ab:57:28:
d3:84:d2:9a:ad:36:a2:5c:90:9d:66:0f:8c:1a:97:
bb:c2:ee:ac:0e:81:3d:74:cd:77:32:c1:f2:1a:34:
a6:c8:db:05:be:e0:7e:4d:5c:46:d3:0f:47:b2:cd:
e0:69:da:77:60:8a:e3:7c:07:fe:d6:50:af:20:95:
e6:46:68:36:9b:0c:3a:55:1f:cf:82:44:0a:6b:91:
cf:3c:a0:43:5f:ff:e9:1a:de:7f:16:3d:54:9b:63:
61:88:bc:04:ce:7b:4c:a2:df:31:e8:23:c4:c9:e1:
21:f8:18:ae:a1:0f:d1:5c:98:99:42:58:c7:d5:03:
d2:ab:24:2e:51:00:bb:63:58:de:27:5e:6c:b6:3d:
f7:f8:b0:c9:bc:ab:cd:6a:1a:de:4a:44:2a:71:d5:
f0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:31:47:E4:33:50:70:CF:7D:46:46:A6:66:71:C0:5C:4A:25:AE:82
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ITFH5DNQcM99RkamZnHAXEolroI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:c3:39:d6:a5:8f:0f:fd:7a:39:a1:55:45:de:13:b0:08:c6:
12:ce:6c:df:41:bc:85:c9:68:31:c8:fb:1d:09:6e:65:b6:34:
57:2d:a5:67:e9:54:70:57:9d:ed:5d:12:23:c3:b2:3c:f4:8a:
c0:f1:f5:0a:9a:7b:04:11:ab:2a:87:c6:dc:c8:4d:2b:96:dc:
ff:06:a3:47:01:c2:b0:17:7d:ae:3f:fa:d5:68:f2:9a:98:73:
75:0a:3c:6c:6b:47:0e:3a:7c:4f:00:f5:35:ca:c6:fd:21:5e:
29:9a:3c:45:35:15:b0:70:aa:f8:80:d7:dc:1e:a8:c9:40:65:
02:11:e9:6b:1e:68:2b:57:99:50:32:98:c2:1e:8c:18:32:b0:
c9:c7:7d:59:c4:e0:fe:6c:00:bb:21:e0:d9:bf:e6:55:78:1f:
3a:31:13:45:8f:81:b5:f4:f5:d0:29:11:31:41:08:63:b5:2d:
2f:83:d1:95:71:5c:6a:c6:89:a3:18:5c:e9:16:01:5d:10:b5:
5a:3b:7a:7d:0a:ab:05:a8:ac:13:f2:4d:18:b9:1f:5a:a6:be:
43:62:57:47:a0:b8:98:1a:76:94:87:4e:91:1f:d8:95:c4:c5:
e6:81:c6:82:25:23:5f:cb:7f:fb:0d:9a:73:5f:0f:db:fa:49:
b8:c9:5e:b6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
MDA4MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDIxMzE0N0U0MzM1MDcw
Q0Y3RDQ2NDZBNjY2NzFDMDVDNEEyNUFFODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnVngVfN50fe/rE1K4VwU6k2Qsdrcn6Tej5eQrxM19g6qyo2MD
eeg3JPTAKH9eCkVeY3x7JliAD/+PTbnNEnzDhS+cbxy2ctXv9/Tco03wut2r/jJm
jZcfXo1+M5DluT4pK5z5iqtXKNOE0pqtNqJckJ1mD4wal7vC7qwOgT10zXcywfIa
NKbI2wW+4H5NXEbTD0eyzeBp2ndgiuN8B/7WUK8gleZGaDabDDpVH8+CRAprkc88
oENf/+ka3n8WPVSbY2GIvATOe0yi3zHoI8TJ4SH4GK6hD9FcmJlCWMfVA9KrJC5R
ALtjWN4nXmy2Pff4sMm8q81qGt5KRCpx1fBxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUITFH5DNQcM99RkamZnHAXEolroIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9JVEZINUROUWNNOTlSa2Ft
Wm5IQVhFb2xyb0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ/DOdaljw/9ejmhVUXeE7AIxhLObN9BvIXJ
aDHI+x0JbmW2NFctpWfpVHBXne1dEiPDsjz0isDx9QqaewQRqyqHxtzITSuW3P8G
o0cBwrAXfa4/+tVo8pqYc3UKPGxrRw46fE8A9TXKxv0hXimaPEU1FbBwqviA19we
qMlAZQIR6WseaCtXmVAymMIejBgysMnHfVnE4P5sALsh4Nm/5lV4HzoxE0WPgbX0
9dApETFBCGO1LS+D0ZVxXGrGiaMYXOkWAV0QtVo7en0KqwWorBPyTRi5H1qmvkNi
V0eguJgadpSHTpEf2JXExeaBxoIlI1/Lf/sNmnNfD9v6SbjJXrY=
-----END CERTIFICATE-----
Generated at Sat May 17 22:45:00 2025 by rpki-client