Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/QXdZRjP9NeJLg-6ke0kCP0gThaM.roa
File: QXdZRjP9NeJLg-6ke0kCP0gThaM.roa (raw, json)
Hash identifier: SDn02fW1i2/wmae1LfI3z20Bb7XGkO9onTxIVSiVF2w=
Subject key identifier: 41:77:59:46:33:FD:35:E2:4B:83:EE:A4:7B:49:02:3F:48:13:85:A3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06F6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QXdZRjP9NeJLg-6ke0kCP0gThaM.roa
Signing time: Fri 16 May 2025 08:38:05 +0000
ROA not before: Fri 16 May 2025 08:38:05 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1782 (0x6f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 08:38:05 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4177594633FD35E24B83EEA47B49023F481385A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5c:ed:70:f0:73:f5:34:2b:30:4d:91:6a:a1:
9d:a4:f4:55:b6:46:c2:6e:1e:bf:51:f0:90:5b:2e:
f4:dc:49:cc:2e:1a:0f:b9:5b:e0:21:b1:37:61:29:
fd:6b:d9:4c:e5:07:9f:a2:4e:80:06:a3:7d:09:e8:
93:5c:ca:c3:33:fd:47:39:d6:94:c2:f8:48:eb:4d:
9b:56:0a:c8:81:82:74:9d:1f:fd:ad:eb:65:2b:8f:
fa:4c:33:82:d6:b6:fd:b4:5b:ce:26:92:7a:e7:fc:
69:9d:59:8e:4c:2e:84:f8:fa:f8:07:ac:a8:fc:e1:
63:4c:1b:0b:e1:f7:62:a3:9e:82:c4:ca:4f:10:88:
3d:d1:75:0c:e2:90:d0:d0:f8:9c:a0:ab:57:53:98:
3d:ea:43:7f:0b:da:7b:cb:48:d6:e9:03:70:f2:0b:
63:85:a1:af:3e:32:48:60:89:ff:ec:53:91:20:a7:
15:87:cb:c7:68:79:8b:e4:b8:fb:b5:93:1e:a8:10:
b7:d2:a7:b4:10:58:2a:b6:39:d9:c1:8d:d9:f8:87:
2a:7d:8e:1c:94:9f:66:a5:1a:a3:c9:39:5c:55:f7:
ec:13:53:e0:d1:66:94:ed:f0:9b:c5:69:7b:fd:64:
1f:3b:d6:50:23:92:d9:9d:2e:7c:a6:df:fc:93:c8:
a6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:77:59:46:33:FD:35:E2:4B:83:EE:A4:7B:49:02:3F:48:13:85:A3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/QXdZRjP9NeJLg-6ke0kCP0gThaM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:77:28:f9:af:9c:dc:61:ba:5e:95:43:53:84:97:2e:b2:f4:
af:b1:56:af:59:f6:f8:13:d5:e4:65:2e:8a:67:4e:2f:a9:b7:
84:9c:e5:60:1b:ca:f9:54:19:b3:a3:ef:44:54:b3:a5:95:7d:
13:6e:51:52:c2:f0:5c:72:e3:11:be:17:42:cd:9f:b6:54:e9:
73:4b:50:d3:c8:02:42:bd:2b:00:a6:08:cb:2a:50:9a:3c:1a:
b4:10:5c:89:d3:00:a5:f8:be:ee:0d:ff:d4:f8:d7:4b:e0:71:
94:23:9d:dc:19:ee:5e:db:da:31:b6:66:cd:87:36:f0:39:0f:
38:6f:e3:1f:9b:c4:39:72:ba:15:63:16:01:1f:53:56:79:31:
5b:a0:6c:58:27:be:ca:09:e8:3c:c0:cc:83:c3:06:50:4c:96:
39:61:d9:9d:bb:a3:c1:44:c5:a8:bf:57:69:97:e0:39:c4:31:
91:8c:f5:da:1f:b8:b1:79:53:3f:f9:33:6e:ac:92:09:27:1f:
e1:39:c8:fb:bd:61:e9:e0:a2:6c:47:4f:3e:47:b8:80:72:9b:
76:ac:3b:81:bf:fd:5e:b0:e8:28:f3:8f:82:07:d8:60:e7:19:
e1:e1:5d:6f:be:da:bb:f9:fc:c1:23:2b:35:8b:7d:3b:6a:ea:
8f:27:38:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
ODM4MDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQxNzc1OTQ2MzNGRDM1
RTI0QjgzRUVBNDdCNDkwMjNGNDgxMzg1QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGXO1w8HP1NCswTZFqoZ2k9FW2RsJuHr9R8JBbLvTcScwuGg+5
W+AhsTdhKf1r2UzlB5+iToAGo30J6JNcysMz/Uc51pTC+EjrTZtWCsiBgnSdH/2t
62Urj/pMM4LWtv20W84mknrn/GmdWY5MLoT4+vgHrKj84WNMGwvh92KjnoLEyk8Q
iD3RdQzikNDQ+Jygq1dTmD3qQ38L2nvLSNbpA3DyC2OFoa8+Mkhgif/sU5EgpxWH
y8doeYvkuPu1kx6oELfSp7QQWCq2OdnBjdn4hyp9jhyUn2alGqPJOVxV9+wTU+DR
ZpTt8JvFaXv9ZB871lAjktmdLnym3/yTyKZlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUQXdZRjP9NeJLg+6ke0kCP0gThaMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9RWGRaUmpQOU5lSkxnLTZr
ZTBrQ1AwZ1RoYU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKl3KPmvnNxhul6VQ1OEly6y9K+xVq9Z9vgT
1eRlLopnTi+pt4Sc5WAbyvlUGbOj70RUs6WVfRNuUVLC8Fxy4xG+F0LNn7ZU6XNL
UNPIAkK9KwCmCMsqUJo8GrQQXInTAKX4vu4N/9T410vgcZQjndwZ7l7b2jG2Zs2H
NvA5Dzhv4x+bxDlyuhVjFgEfU1Z5MVugbFgnvsoJ6DzAzIPDBlBMljlh2Z27o8FE
xai/V2mX4DnEMZGM9dofuLF5Uz/5M26skgknH+E5yPu9YengomxHTz5HuIBym3as
O4G//V6w6Cjzj4IH2GDnGeHhXW++2rv5/MEjKzWLfTtq6o8nOCw=
-----END CERTIFICATE-----
Generated at Sun May 18 03:06:22 2025 by rpki-client