Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Q6T3d0U7V9Mvf6U4Gs3F7RNlFO4.roa
File: Q6T3d0U7V9Mvf6U4Gs3F7RNlFO4.roa (raw, json)
Hash identifier: L6PMSLuwdPWfBMdLDEVz0/E5FmjdQlwYgaM4Ko36CKU=
Subject key identifier: 43:A4:F7:77:45:3B:57:D3:2F:7F:A5:38:1A:CD:C5:ED:13:65:14:EE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01B2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Q6T3d0U7V9Mvf6U4Gs3F7RNlFO4.roa
Signing time: Fri 09 May 2025 08:07:47 +0000
ROA not before: Fri 09 May 2025 08:07:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 434 (0x1b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 08:07:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=43A4F777453B57D32F7FA5381ACDC5ED136514EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ab:3c:d9:dd:cc:7b:05:fa:6d:51:ea:c8:5d:
62:7c:7e:a9:85:d1:3a:8b:e6:bb:05:1d:14:98:30:
a9:56:95:c1:b1:36:9a:ad:8e:6e:4d:bb:1f:14:8a:
2e:a3:22:64:d3:20:75:39:57:e9:be:a5:db:97:c4:
d7:54:d9:3d:3a:e5:4a:f7:26:04:1f:d6:0f:6d:e6:
fd:1d:cf:91:d5:80:bd:11:4f:4e:36:9f:91:83:32:
e2:f6:0b:60:65:7a:b8:c5:02:e8:20:2a:1c:38:73:
79:10:24:5d:d1:cb:1c:b2:8f:ee:7b:a4:92:af:4c:
27:50:d5:1c:ce:bc:28:96:be:a6:af:b7:0a:04:c2:
ed:4a:c3:fc:5f:8d:63:bf:0e:5b:bf:40:a8:39:eb:
8f:a1:39:8d:b8:49:93:cb:d2:51:77:e1:d6:75:4b:
cb:f9:49:52:da:aa:e8:d6:c7:6c:d8:15:bc:d3:1a:
1d:92:e9:54:9f:27:5e:d9:0e:57:b4:34:a4:fd:69:
87:45:d9:13:84:bc:3c:7c:e0:26:37:94:7a:a0:5c:
42:94:65:7f:3e:f6:51:7c:d6:8b:85:b9:11:8d:38:
cb:41:64:74:5c:7d:80:02:17:3b:da:50:30:e6:bc:
44:02:f0:e1:d8:df:dd:e4:7f:e9:b7:03:7d:0e:35:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A4:F7:77:45:3B:57:D3:2F:7F:A5:38:1A:CD:C5:ED:13:65:14:EE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Q6T3d0U7V9Mvf6U4Gs3F7RNlFO4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:92:21:ea:e3:15:c5:76:81:40:69:9c:14:01:4c:b8:1a:3e:
3f:f9:cc:55:3a:0a:77:62:a6:b3:6f:f2:86:f5:05:9b:bd:ed:
05:84:2f:93:8b:07:e1:e2:67:a1:a5:9c:8c:fe:bf:0c:e3:8b:
29:32:69:e9:6f:3a:4a:16:de:75:80:ad:b6:2c:3d:30:fb:b8:
1e:de:43:ef:9f:ec:54:d1:ba:4c:bb:d5:c1:82:8c:12:e0:ab:
0b:b6:61:61:2b:70:84:b9:57:67:fb:c0:ca:af:6b:e6:16:ba:
4a:6e:49:cd:9e:b3:81:e6:4f:e4:6b:57:75:68:cc:2e:a2:69:
d3:96:09:2b:c6:6a:d8:21:0f:c7:08:24:3f:06:72:3b:18:d7:
7c:da:5e:25:f9:f1:d3:6d:82:1e:a5:31:61:09:d3:c0:ce:78:
3b:2b:64:99:c6:9c:3f:41:26:fa:0a:c6:20:9b:30:2a:52:d4:
f0:9f:8b:c6:a5:c4:09:46:8c:c8:c8:db:c1:ee:9c:01:09:d5:
52:cb:fb:d1:07:ea:3b:63:13:30:66:c8:c5:dc:81:ab:25:f8:
37:67:38:9b:f8:d5:25:fe:2a:c9:3f:0a:c3:7f:f1:b0:2c:8b:
84:a6:06:de:b7:0f:d2:62:34:dc:c9:7b:fd:d8:ac:45:14:7f:
24:c1:48:56
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
ODA3NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQzQTRGNzc3NDUzQjU3
RDMyRjdGQTUzODFBQ0RDNUVEMTM2NTE0RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvqzzZ3cx7BfptUerIXWJ8fqmF0TqL5rsFHRSYMKlWlcGxNpqt
jm5Nux8Uii6jImTTIHU5V+m+pduXxNdU2T065Ur3JgQf1g9t5v0dz5HVgL0RT042
n5GDMuL2C2BlerjFAuggKhw4c3kQJF3Ryxyyj+57pJKvTCdQ1RzOvCiWvqavtwoE
wu1Kw/xfjWO/Dlu/QKg564+hOY24SZPL0lF34dZ1S8v5SVLaqujWx2zYFbzTGh2S
6VSfJ17ZDle0NKT9aYdF2ROEvDx84CY3lHqgXEKUZX8+9lF81ouFuRGNOMtBZHRc
fYACFzvaUDDmvEQC8OHY393kf+m3A30ONXv5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQ6T3d0U7V9Mvf6U4Gs3F7RNlFO4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RNlQzZDBVN1Y5TXZmNlU0
R3MzRjdSTmxGTzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFGSIerjFcV2gUBpnBQBTLgaPj/5zFU6Cndi
prNv8ob1BZu97QWEL5OLB+HiZ6GlnIz+vwzjiykyaelvOkoW3nWArbYsPTD7uB7e
Q++f7FTRuky71cGCjBLgqwu2YWErcIS5V2f7wMqva+YWukpuSc2es4HmT+RrV3Vo
zC6iadOWCSvGatghD8cIJD8GcjsY13zaXiX58dNtgh6lMWEJ08DOeDsrZJnGnD9B
JvoKxiCbMCpS1PCfi8alxAlGjMjI28HunAEJ1VLL+9EH6jtjEzBmyMXcgasl+Ddn
OJv41SX+Ksk/CsN/8bAsi4SmBt63D9JiNNzJe/3YrEUUfyTBSFY=
-----END CERTIFICATE-----
Generated at Sun May 18 04:52:03 2025 by rpki-client