Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/JR4vId_4CZcDvWeBCX5gUENHzbI.roa
File: JR4vId_4CZcDvWeBCX5gUENHzbI.roa (raw, json)
Hash identifier: tumsGLb56u61n5LbP0yUozGOE0+ihdJ6Oksnj+PMLkU=
Subject key identifier: 25:1E:2F:21:DF:F8:09:97:03:BD:67:81:09:7E:60:50:43:47:CD:B2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 014E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JR4vId_4CZcDvWeBCX5gUENHzbI.roa
Signing time: Thu 08 May 2025 19:37:44 +0000
ROA not before: Thu 08 May 2025 19:37:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334 (0x14e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 19:37:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=251E2F21DFF8099703BD6781097E60504347CDB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a6:34:0d:01:89:bc:75:5d:fa:96:78:37:d6:
1e:b2:91:18:0a:ae:ab:3f:4a:ba:2e:ed:21:c4:ba:
8e:75:7a:e7:ee:91:e0:e7:70:fa:da:00:6d:f7:cc:
65:20:0c:96:8d:fc:37:e1:12:3c:1c:dd:8e:c2:47:
d0:82:92:0f:60:1d:84:97:bb:46:5e:21:54:b2:e2:
54:47:e3:76:2f:15:d5:7a:a6:c9:2e:70:73:24:aa:
88:6c:f1:18:b9:8e:9f:8d:29:e8:f3:3f:d8:d1:26:
5d:7b:37:aa:e4:65:da:95:76:f6:09:9a:6a:dd:c5:
68:51:4a:58:5b:d3:76:08:d7:34:c2:3f:06:fa:28:
f8:bc:67:20:59:5d:79:21:ad:97:14:5a:7f:90:13:
d8:a4:c1:c5:8b:48:f8:fd:14:3f:f3:d0:28:18:03:
0d:c8:0e:eb:70:67:97:fa:14:81:4f:e6:cf:91:5f:
b8:2d:5a:67:bd:62:bd:ce:22:78:56:c2:74:9f:3d:
c0:4d:44:57:96:ee:8d:59:ab:ff:1c:cf:78:16:59:
71:40:e4:18:98:f2:d8:fe:a1:da:c9:96:20:9a:5b:
e4:80:5e:be:4d:b5:c3:1c:60:5d:9b:95:c4:17:73:
8d:05:c9:66:bc:5e:8e:a2:20:54:3b:24:50:cb:a8:
e2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:1E:2F:21:DF:F8:09:97:03:BD:67:81:09:7E:60:50:43:47:CD:B2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/JR4vId_4CZcDvWeBCX5gUENHzbI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:2c:a6:67:40:f1:c9:c0:8f:84:aa:18:48:ff:8b:9e:05:0e:
c0:47:0d:2d:84:69:a6:b5:4d:d8:11:ec:07:5e:6c:26:f3:ed:
31:fd:5a:22:50:da:68:de:0e:35:05:f7:16:07:4a:cd:9e:af:
68:d7:01:b1:b7:34:bf:ef:99:c0:5d:94:1b:22:f8:87:b5:6a:
c2:aa:73:f9:fa:2f:a6:a8:13:a7:95:4c:01:60:b8:3a:b3:5b:
d8:b7:83:80:a9:ca:ac:5d:0e:3a:4b:0d:bc:a6:7d:51:01:90:
ec:aa:79:d6:ec:d9:c5:90:e2:ec:fa:df:5e:cc:a6:57:2e:80:
d6:ab:d7:83:b7:4e:c4:0f:2f:51:f9:d4:11:db:ba:0a:f8:d8:
3e:ab:2a:4e:3a:83:0f:7d:01:36:e5:fc:c8:b1:46:ea:c1:85:
62:9f:a1:02:5b:17:07:1c:7e:0d:01:5b:31:ad:42:cb:eb:af:
04:fb:60:fd:2c:8b:16:26:d9:32:f1:32:a1:b0:97:c3:f0:08:
ca:68:ef:8a:c8:38:0e:d6:85:12:71:72:21:a9:16:9e:56:f4:
c6:c6:9c:a5:75:f6:9c:89:3c:61:1b:28:8f:16:52:33:66:ac:
6a:28:9a:8a:73:3d:1d:42:b8:fe:ec:03:60:12:c8:33:11:cf:
07:42:ba:8a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
OTM3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI1MUUyRjIxREZGODA5
OTcwM0JENjc4MTA5N0U2MDUwNDM0N0NEQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8pjQNAYm8dV36lng31h6ykRgKrqs/Srou7SHEuo51eufukeDn
cPraAG33zGUgDJaN/DfhEjwc3Y7CR9CCkg9gHYSXu0ZeIVSy4lRH43YvFdV6psku
cHMkqohs8Ri5jp+NKejzP9jRJl17N6rkZdqVdvYJmmrdxWhRSlhb03YI1zTCPwb6
KPi8ZyBZXXkhrZcUWn+QE9ikwcWLSPj9FD/z0CgYAw3IDutwZ5f6FIFP5s+RX7gt
Wme9Yr3OInhWwnSfPcBNRFeW7o1Zq/8cz3gWWXFA5BiY8tj+odrJliCaW+SAXr5N
tcMcYF2blcQXc40FyWa8Xo6iIFQ7JFDLqOJrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUJR4vId/4CZcDvWeBCX5gUENHzbIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9KUjR2SWRfNENaY0R2V2VC
Q1g1Z1VFTkh6Ykkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEUspmdA8cnAj4SqGEj/i54FDsBHDS2Eaaa1
TdgR7AdebCbz7TH9WiJQ2mjeDjUF9xYHSs2er2jXAbG3NL/vmcBdlBsi+Ie1asKq
c/n6L6aoE6eVTAFguDqzW9i3g4CpyqxdDjpLDbymfVEBkOyqedbs2cWQ4uz6317M
plcugNar14O3TsQPL1H51BHbugr42D6rKk46gw99ATbl/MixRurBhWKfoQJbFwcc
fg0BWzGtQsvrrwT7YP0sixYm2TLxMqGwl8PwCMpo74rIOA7WhRJxciGpFp5W9MbG
nKV19pyJPGEbKI8WUjNmrGoomopzPR1CuP7sA2ASyDMRzwdCuoo=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:09 2025 by rpki-client