Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ls6NQAjmbB2F3XMHSVE95GnW--g.roa
File: Ls6NQAjmbB2F3XMHSVE95GnW--g.roa (raw, json)
Hash identifier: PnzwVuV76eWqirKmU4jvqSvs2ABdfbONuR2AduPix20=
Subject key identifier: 2E:CE:8D:40:08:E6:6C:1D:85:DD:73:07:49:51:3D:E4:69:D6:FB:E8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 055A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ls6NQAjmbB2F3XMHSVE95GnW--g.roa
Signing time: Wed 14 May 2025 05:08:01 +0000
ROA not before: Wed 14 May 2025 05:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1370 (0x55a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 05:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2ECE8D4008E66C1D85DD730749513DE469D6FBE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:74:99:4d:fe:31:95:bc:4e:da:38:29:8b:50:
02:43:48:96:f0:99:6b:2f:8e:ec:e2:83:a4:c0:07:
6d:6b:26:7e:36:aa:87:40:82:df:0a:d5:51:1e:cb:
f8:b6:67:80:f6:2e:21:d0:6a:08:be:1e:a4:f9:12:
2a:eb:21:a9:97:71:5c:0a:61:ba:e1:30:61:91:97:
eb:6d:a5:ca:97:60:5f:66:25:86:a4:75:4f:a2:85:
92:d5:b2:98:16:df:ce:7f:82:8b:e3:aa:3f:a3:81:
4f:2f:d0:3c:40:2a:64:2e:58:1f:ba:8a:70:b5:10:
d2:e2:5f:f8:54:59:22:77:c2:2c:81:0f:82:d8:85:
a9:e5:23:16:da:17:83:7d:3e:f4:3a:15:06:f1:2b:
e1:db:7a:64:92:44:19:e0:20:e5:6f:da:b1:0a:31:
de:3e:e0:0a:4c:d1:3f:c3:51:0e:34:60:ec:0e:64:
32:fe:85:fd:68:d6:4f:3f:f2:b6:8f:c4:31:c9:46:
66:fb:16:13:a1:bd:eb:87:a1:1b:16:2b:fe:42:ef:
d2:06:7e:04:b1:be:57:5d:79:d6:96:be:89:d9:e5:
60:10:d2:29:62:f4:89:d0:85:f1:92:48:ec:82:cb:
e4:b3:71:21:83:2e:78:68:cc:13:19:8d:7d:cf:be:
ec:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CE:8D:40:08:E6:6C:1D:85:DD:73:07:49:51:3D:E4:69:D6:FB:E8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ls6NQAjmbB2F3XMHSVE95GnW--g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:8c:dc:c7:5b:70:7a:d9:d5:b0:50:51:73:07:53:85:8d:a6:
ae:11:13:3b:76:df:fd:ab:4d:3b:7d:bb:4d:86:e1:39:17:9b:
b2:2c:a7:27:f4:96:0f:51:a8:50:5b:7d:3a:03:bb:0c:46:84:
75:ca:72:48:2f:75:85:02:79:69:8f:7e:eb:2a:f1:dc:3c:60:
a7:b0:d4:72:7f:53:50:4e:5d:77:38:67:e6:b4:6d:69:b4:d3:
a7:27:48:a3:b3:54:00:e2:c1:7a:9e:56:43:10:4f:6c:0e:94:
0b:72:ed:3c:8e:2f:f0:60:3e:2b:5a:53:10:b4:a3:f2:18:78:
74:82:0b:66:04:a9:1c:f0:a5:ee:92:06:9d:a0:c3:44:45:6b:
f6:3c:1c:c5:34:54:7a:83:ac:40:a1:dc:4c:ed:8c:b9:30:5c:
5e:23:aa:d4:16:58:f2:63:1c:2c:a8:79:cc:95:13:4f:63:f1:
89:d7:d5:8f:4d:05:a2:21:9b:33:eb:25:f6:b2:89:44:dc:25:
1d:8b:41:d5:7f:39:d7:29:fb:e2:71:a3:8f:5d:b1:df:17:56:
86:41:bf:b4:36:43:ba:c0:fd:8c:7c:f3:5a:4d:d5:ed:5a:29:
e9:d2:b2:f5:cd:04:26:96:04:6e:e9:67:0f:b4:4f:6e:39:13:
ab:97:b0:a4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NTA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJFQ0U4RDQwMDhFNjZD
MUQ4NURENzMwNzQ5NTEzREU0NjlENkZCRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZdJlN/jGVvE7aOCmLUAJDSJbwmWsvjuzig6TAB21rJn42qodA
gt8K1VEey/i2Z4D2LiHQagi+HqT5EirrIamXcVwKYbrhMGGRl+ttpcqXYF9mJYak
dU+ihZLVspgW385/govjqj+jgU8v0DxAKmQuWB+6inC1ENLiX/hUWSJ3wiyBD4LY
hanlIxbaF4N9PvQ6FQbxK+HbemSSRBngIOVv2rEKMd4+4ApM0T/DUQ40YOwOZDL+
hf1o1k8/8raPxDHJRmb7FhOhveuHoRsWK/5C79IGfgSxvlddedaWvonZ5WAQ0ili
9InQhfGSSOyCy+SzcSGDLnhozBMZjX3PvuwfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULs6NQAjmbB2F3XMHSVE95GnW++gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MczZOUUFqbWJCMkYzWE1I
U1ZFOTVHblctLWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADmM3MdbcHrZ1bBQUXMHU4WNpq4REzt23/2r
TTt9u02G4TkXm7Ispyf0lg9RqFBbfToDuwxGhHXKckgvdYUCeWmPfusq8dw8YKew
1HJ/U1BOXXc4Z+a0bWm006cnSKOzVADiwXqeVkMQT2wOlAty7TyOL/BgPitaUxC0
o/IYeHSCC2YEqRzwpe6SBp2gw0RFa/Y8HMU0VHqDrECh3EztjLkwXF4jqtQWWPJj
HCyoecyVE09j8YnX1Y9NBaIhmzPrJfayiUTcJR2LQdV/Odcp++Jxo49dsd8XVoZB
v7Q2Q7rA/Yx881pN1e1aKenSsvXNBCaWBG7pZw+0T245E6uXsKQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:35:20 2025 by rpki-client