Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KjjoIHk6rZJ5aZ87IN4X9EtHZKY.roa
File: KjjoIHk6rZJ5aZ87IN4X9EtHZKY.roa (raw, json)
Hash identifier: Oua0I4DvXQ0UMNFYp2u13O19WtDNgTN56ARaBpMhqYU=
Subject key identifier: 2A:38:E8:20:79:3A:AD:92:79:69:9F:3B:20:DE:17:F4:4B:47:64:A6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 019A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KjjoIHk6rZJ5aZ87IN4X9EtHZKY.roa
Signing time: Fri 09 May 2025 05:07:44 +0000
ROA not before: Fri 09 May 2025 05:07:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 410 (0x19a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 05:07:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2A38E820793AAD9279699F3B20DE17F44B4764A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:42:06:88:e5:01:b4:f1:af:51:96:2a:8f:75:
9e:bc:fd:1c:b2:58:2c:54:95:90:cd:06:3f:75:e5:
72:84:e9:05:1e:ca:81:9c:b3:f2:88:ef:a8:2e:fd:
a7:8a:7c:20:a0:95:f8:32:78:b8:67:1e:89:3a:ad:
f1:32:f1:15:dc:7c:1b:c1:4b:28:55:4f:eb:7d:65:
fa:c0:be:6c:65:4c:ef:61:af:40:27:11:08:89:8d:
1a:3e:58:3a:e2:fb:8a:f9:e3:0c:11:2e:0a:23:24:
65:7a:0c:db:0c:1c:da:f3:f9:21:3e:71:4d:91:94:
ea:e0:1b:c6:13:cd:dd:d8:85:ce:f3:34:96:5b:93:
8a:fe:74:30:eb:17:c1:f1:41:21:42:1b:9d:3b:b1:
07:22:83:ee:5a:0b:a5:46:5d:56:d2:5a:7d:5c:f2:
28:0e:bc:cb:ac:0a:7c:74:73:46:f7:cd:f5:af:c8:
ed:a2:77:f7:1a:08:a0:41:48:5b:c8:48:04:80:8e:
38:c4:ed:6c:18:84:98:82:a8:24:75:9e:77:bd:0a:
b0:e0:07:0f:8b:b9:28:b9:5f:e1:4b:1b:7d:e8:0f:
37:47:25:f6:86:65:1a:10:02:17:b2:b7:e7:1b:bd:
f7:d7:c2:89:a4:19:d3:f4:e8:40:55:33:e5:97:88:
42:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:38:E8:20:79:3A:AD:92:79:69:9F:3B:20:DE:17:F4:4B:47:64:A6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KjjoIHk6rZJ5aZ87IN4X9EtHZKY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:8a:29:48:ce:77:91:09:38:0a:06:49:17:75:c7:e4:17:9d:
10:49:bf:72:26:33:0b:b6:3f:91:d3:78:25:ad:94:67:e1:42:
fc:20:51:f7:e0:97:d6:d2:0b:78:d4:72:46:71:86:4f:34:f2:
ab:57:ca:b5:c7:c3:6f:e7:9c:af:ce:c6:64:9e:5b:74:cc:09:
bb:8c:e1:d4:46:6d:b1:85:49:76:d3:eb:04:5a:0e:53:4c:0d:
e2:a7:5a:42:22:90:17:67:0f:7f:a0:13:63:0b:3b:64:41:af:
b4:8e:dc:00:cb:53:dc:1c:aa:85:31:26:23:4b:28:d2:47:d5:
58:79:0a:4b:67:65:ac:d4:35:ce:08:88:3e:e3:90:1c:42:41:
1d:09:66:ac:01:d9:05:bf:a8:11:72:30:ce:e6:32:d2:4b:78:
99:e6:ce:1d:56:52:23:f8:ea:03:e7:60:18:75:d5:5d:77:c0:
1f:7b:f8:40:b9:c3:71:b4:08:38:2d:3e:79:fd:ea:66:84:d4:
92:72:3a:22:a0:1c:6b:29:c6:b3:3b:98:74:9d:2f:07:ad:da:
9c:d4:0f:36:2c:be:d1:60:8e:05:03:93:04:dd:b0:d6:9d:5a:
4c:9f:49:45:48:27:03:27:63:33:d5:65:c7:18:03:32:48:60:
fd:c4:18:11
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NTA3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJBMzhFODIwNzkzQUFE
OTI3OTY5OUYzQjIwREUxN0Y0NEI0NzY0QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5QgaI5QG08a9RliqPdZ68/RyyWCxUlZDNBj915XKE6QUeyoGc
s/KI76gu/aeKfCCglfgyeLhnHok6rfEy8RXcfBvBSyhVT+t9ZfrAvmxlTO9hr0An
EQiJjRo+WDri+4r54wwRLgojJGV6DNsMHNrz+SE+cU2RlOrgG8YTzd3Yhc7zNJZb
k4r+dDDrF8HxQSFCG507sQcig+5aC6VGXVbSWn1c8igOvMusCnx0c0b3zfWvyO2i
d/caCKBBSFvISASAjjjE7WwYhJiCqCR1nne9CrDgBw+LuSi5X+FLG33oDzdHJfaG
ZRoQAheyt+cbvffXwomkGdP06EBVM+WXiEInAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKjjoIHk6rZJ5aZ87IN4X9EtHZKYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LampvSUhrNnJaSjVhWjg3
SU40WDlFdEhaS1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJCKKUjOd5EJOAoGSRd1x+QXnRBJv3ImMwu2
P5HTeCWtlGfhQvwgUffgl9bSC3jUckZxhk808qtXyrXHw2/nnK/OxmSeW3TMCbuM
4dRGbbGFSXbT6wRaDlNMDeKnWkIikBdnD3+gE2MLO2RBr7SO3ADLU9wcqoUxJiNL
KNJH1Vh5CktnZazUNc4IiD7jkBxCQR0JZqwB2QW/qBFyMM7mMtJLeJnmzh1WUiP4
6gPnYBh11V13wB97+EC5w3G0CDgtPnn96maE1JJyOiKgHGspxrM7mHSdLwet2pzU
DzYsvtFgjgUDkwTdsNadWkyfSUVIJwMnYzPVZccYAzJIYP3EGBE=
-----END CERTIFICATE-----
Generated at Sat May 17 21:30:15 2025 by rpki-client