Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/R_ZYxPLpbzKP02fngdVFHuCmj10.roa
File: R_ZYxPLpbzKP02fngdVFHuCmj10.roa (raw, json)
Hash identifier: xt8wykvwjkLJN0TM+ZdoxJB9WAgO8ww9ZEyyvO45LUA=
Subject key identifier: 47:F6:58:C4:F2:E9:6F:32:8F:D3:67:E7:81:D5:45:1E:E0:A6:8F:5D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 056A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/R_ZYxPLpbzKP02fngdVFHuCmj10.roa
Signing time: Wed 14 May 2025 07:08:02 +0000
ROA not before: Wed 14 May 2025 07:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1386 (0x56a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 07:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=47F658C4F2E96F328FD367E781D5451EE0A68F5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cb:a7:5c:7f:0f:8b:5b:8c:fd:6f:7f:68:a1:
6f:35:49:56:7f:da:3b:35:cb:8f:14:4c:ee:1b:6b:
92:82:26:92:77:7b:fe:22:7c:f5:61:f3:ca:3e:48:
de:6d:27:18:ac:1e:b9:49:f4:f5:e1:6c:f6:89:b8:
4a:68:7c:1d:9c:af:eb:e7:8b:74:23:81:82:e1:c4:
ff:09:62:e7:5f:c3:57:c5:9a:f2:a6:88:f7:83:a5:
c9:8a:3e:5f:3d:59:08:e4:0c:81:44:08:cb:bd:a1:
ac:76:91:06:a6:32:4b:c4:a7:a8:8a:b1:d2:62:52:
a6:0c:a6:12:5c:fa:30:5e:31:74:ab:28:7d:eb:58:
bc:ff:81:0b:1d:e7:03:d4:31:33:b4:e2:2b:36:04:
38:8b:d7:e1:fb:c3:e2:df:16:00:1e:55:4b:d7:9b:
07:77:a2:f9:eb:ad:82:c5:cd:e2:9b:5b:6e:df:a7:
99:51:d5:b5:b1:8e:88:91:f4:a6:2e:51:fc:fd:17:
93:6a:5e:5a:3e:13:28:e2:36:f6:7a:a6:ad:94:18:
d9:a2:3d:21:f6:87:bb:7d:6c:e5:50:52:c9:8a:65:
f1:d6:0b:ef:9b:b2:50:84:41:e2:cb:73:52:4a:22:
05:7f:62:02:1d:e4:78:00:80:f1:fa:8f:66:de:08:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F6:58:C4:F2:E9:6F:32:8F:D3:67:E7:81:D5:45:1E:E0:A6:8F:5D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/R_ZYxPLpbzKP02fngdVFHuCmj10.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:15:dc:f1:8a:b4:38:d0:f6:28:aa:2d:47:6d:9c:22:c5:bf:
4b:ac:e4:74:e8:c0:7a:59:96:61:d4:19:c1:1e:4a:12:93:15:
0d:3f:9b:05:b6:d1:19:0d:5b:04:ab:a8:53:d8:48:ec:ac:92:
b2:93:f6:c5:e6:4d:7c:45:f5:89:b1:18:19:c8:34:91:e7:6d:
b4:9b:37:e5:bf:ca:08:3b:71:82:0d:d9:b0:5b:45:1d:75:ab:
3c:02:70:df:b9:74:87:51:1a:02:ad:a2:97:69:56:e8:d1:2a:
05:4d:70:af:22:3d:1e:c9:e0:bc:25:df:74:9e:e6:90:6a:eb:
4e:0f:98:8b:de:ae:f6:f9:c9:94:95:84:25:93:5a:e2:9a:16:
26:e8:cc:27:23:65:84:92:8f:10:64:ec:9a:88:c5:32:24:02:
48:e0:c7:a0:07:ad:0a:43:d3:53:b7:c7:a8:2d:48:41:c9:86:
bb:ac:74:bb:b8:17:9b:eb:2f:7b:bf:2f:04:9f:99:eb:d8:2a:
1a:23:1a:3b:2c:10:81:17:95:a4:9c:8e:e0:42:74:fa:43:65:
ca:68:7a:d0:f8:81:01:f4:f1:74:60:b2:22:ef:d4:72:f3:9d:
0d:91:87:0b:6a:cd:d3:06:0a:3f:eb:30:e1:4f:27:31:84:43:
ef:d2:1f:a0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBWowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ3RjY1OEM0RjJFOTZG
MzI4RkQzNjdFNzgxRDU0NTFFRTBBNjhGNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGy6dcfw+LW4z9b39ooW81SVZ/2js1y48UTO4ba5KCJpJ3e/4i
fPVh88o+SN5tJxisHrlJ9PXhbPaJuEpofB2cr+vni3QjgYLhxP8JYudfw1fFmvKm
iPeDpcmKPl89WQjkDIFECMu9oax2kQamMkvEp6iKsdJiUqYMphJc+jBeMXSrKH3r
WLz/gQsd5wPUMTO04is2BDiL1+H7w+LfFgAeVUvXmwd3ovnrrYLFzeKbW27fp5lR
1bWxjoiR9KYuUfz9F5NqXlo+EyjiNvZ6pq2UGNmiPSH2h7t9bOVQUsmKZfHWC++b
slCEQeLLc1JKIgV/YgId5HgAgPH6j2beCAH9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUR/ZYxPLpbzKP02fngdVFHuCmj10wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SX1pZeFBMcGJ6S1AwMmZu
Z2RWRkh1Q21qMTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJoV3PGKtDjQ9iiqLUdtnCLFv0us5HTowHpZ
lmHUGcEeShKTFQ0/mwW20RkNWwSrqFPYSOyskrKT9sXmTXxF9YmxGBnINJHnbbSb
N+W/ygg7cYIN2bBbRR11qzwCcN+5dIdRGgKtopdpVujRKgVNcK8iPR7J4Lwl33Se
5pBq604PmIvervb5yZSVhCWTWuKaFibozCcjZYSSjxBk7JqIxTIkAkjgx6AHrQpD
01O3x6gtSEHJhrusdLu4F5vrL3u/LwSfmevYKhojGjssEIEXlaScjuBCdPpDZcpo
etD4gQH08XRgsiLv1HLznQ2RhwtqzdMGCj/rMOFPJzGEQ+/SH6A=
-----END CERTIFICATE-----
Generated at Sat May 17 22:40:21 2025 by rpki-client