Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Og8GZDnX4kUfSopWLyMbLRtt_7I.roa
File: Og8GZDnX4kUfSopWLyMbLRtt_7I.roa (raw, json)
Hash identifier: aCrin2wXHpM7hoEzEiVEvhpr9uyq3AEwR8JJBxNmdDs=
Subject key identifier: 3A:0F:06:64:39:D7:E2:45:1F:4A:8A:56:2F:23:1B:2D:1B:6D:FF:B2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0712
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Og8GZDnX4kUfSopWLyMbLRtt_7I.roa
Signing time: Fri 16 May 2025 12:08:07 +0000
ROA not before: Fri 16 May 2025 12:08:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1810 (0x712)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 12:08:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3A0F066439D7E2451F4A8A562F231B2D1B6DFFB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:34:09:3a:2d:65:7d:cf:65:74:8c:91:a9:
5d:9a:72:c6:a7:b8:ab:88:18:5c:fc:6b:1f:41:ab:
f2:bc:f2:fd:0d:55:6c:b0:fd:07:f0:09:96:71:49:
87:92:3a:d8:c9:fc:01:82:26:9f:a1:e5:8e:dd:69:
cc:48:90:e6:70:3a:7d:d3:cc:46:d1:4b:7a:ff:ed:
cd:b8:90:55:4b:f1:73:5e:8c:6e:d6:5c:1f:08:71:
7f:67:2e:a0:44:dd:f3:c4:0f:e0:45:93:9d:10:3b:
be:1a:27:5d:31:6f:31:fc:f1:39:21:c4:ac:b0:06:
ff:db:e1:b1:de:28:39:33:ad:f9:e7:e1:28:1a:f2:
31:c4:c0:b3:2d:b2:10:64:7a:fd:a9:c2:e1:19:f6:
cc:af:8a:6d:18:44:b7:87:7d:a8:50:7a:a3:f7:58:
4a:ed:70:a3:d3:03:58:e9:66:cd:70:2b:d4:15:e0:
f6:2c:b9:cb:e5:72:0f:4f:a8:3a:4d:58:82:52:9b:
c7:cf:50:ac:ac:d1:85:2d:9c:ec:46:ae:24:ef:d5:
5c:28:f8:7a:8a:97:9f:f1:61:f0:d7:f9:d3:67:bb:
3e:4d:45:e0:9f:df:1a:37:6d:d2:2c:fd:62:fb:50:
d6:ba:5f:07:f0:6c:4e:f8:93:30:15:6c:d6:d4:e7:
7f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:0F:06:64:39:D7:E2:45:1F:4A:8A:56:2F:23:1B:2D:1B:6D:FF:B2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Og8GZDnX4kUfSopWLyMbLRtt_7I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:41:02:4f:e4:2e:bb:a4:5c:96:d6:2b:09:30:0c:40:1c:88:
3b:90:b0:f6:ef:0f:1b:b7:7b:e5:2e:0d:84:a9:1b:79:35:84:
cd:12:65:e2:94:c1:5d:78:d1:9c:22:6f:12:40:0c:a8:25:64:
93:5b:ff:05:15:f3:77:e0:28:9c:ee:62:e9:93:ca:6b:57:4a:
29:8b:e9:2e:c9:37:f2:77:09:8f:7e:06:05:68:1d:ad:c9:d3:
bd:ce:8f:2f:62:e0:cf:6f:ff:6b:89:9c:1c:b1:72:de:53:0e:
cc:92:0c:c7:25:c7:2c:ec:7e:da:47:fa:1f:86:da:15:b2:10:
e3:5f:56:62:94:29:53:92:f6:9a:b2:04:8e:0c:a4:4a:2d:59:
83:19:d8:ab:aa:fa:cf:c1:f7:38:9f:50:4d:3a:41:e4:e6:b3:
54:2f:b8:db:6d:ec:28:b0:74:e4:0d:c5:43:66:01:dc:85:23:
09:84:7e:11:31:4d:52:58:97:03:2a:2e:e2:f9:30:1d:63:1a:
2f:07:e5:1c:32:92:20:60:9c:5d:68:1e:9e:0a:3d:3d:69:bf:
b9:bf:42:38:5d:dd:9a:17:21:14:94:e0:c8:01:62:f3:b8:e6:
31:cc:c8:8a:9e:cc:f3:89:0c:de:f5:5d:b8:26:34:e7:00:65:
de:60:20:da
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBxIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MjA4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNBMEYwNjY0MzlEN0Uy
NDUxRjRBOEE1NjJGMjMxQjJEMUI2REZGQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlUzQJOi1lfc9ldIyRqV2acsanuKuIGFz8ax9Bq/K88v0NVWyw
/QfwCZZxSYeSOtjJ/AGCJp+h5Y7dacxIkOZwOn3TzEbRS3r/7c24kFVL8XNejG7W
XB8IcX9nLqBE3fPED+BFk50QO74aJ10xbzH88TkhxKywBv/b4bHeKDkzrfnn4Sga
8jHEwLMtshBkev2pwuEZ9syvim0YRLeHfahQeqP3WErtcKPTA1jpZs1wK9QV4PYs
ucvlcg9PqDpNWIJSm8fPUKys0YUtnOxGriTv1Vwo+HqKl5/xYfDX+dNnuz5NReCf
3xo3bdIs/WL7UNa6XwfwbE74kzAVbNbU53/ZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOg8GZDnX4kUfSopWLyMbLRtt/7IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PZzhHWkRuWDRrVWZTb3BX
THlNYkxSdHRfN0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKRBAk/kLrukXJbWKwkwDEAciDuQsPbvDxu3
e+UuDYSpG3k1hM0SZeKUwV140ZwibxJADKglZJNb/wUV83fgKJzuYumTymtXSimL
6S7JN/J3CY9+BgVoHa3J073Ojy9i4M9v/2uJnByxct5TDsySDMclxyzsftpH+h+G
2hWyEONfVmKUKVOS9pqyBI4MpEotWYMZ2Kuq+s/B9zifUE06QeTms1QvuNtt7Ciw
dOQNxUNmAdyFIwmEfhExTVJYlwMqLuL5MB1jGi8H5RwykiBgnF1oHp4KPT1pv7m/
Qjhd3ZoXIRSU4MgBYvO45jHMyIqezPOJDN71XbgmNOcAZd5gINo=
-----END CERTIFICATE-----
Generated at Sun May 18 09:12:19 2025 by rpki-client