Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/SfJfiEGTal5rbVav9_JlOoHmNVo.roa
File: SfJfiEGTal5rbVav9_JlOoHmNVo.roa (raw, json)
Hash identifier: Pq39OtN52RBzYkMfdQd5sadIDPf9rCGCDkfFRvuz9bM=
Subject key identifier: 49:F2:5F:88:41:93:6A:5E:6B:6D:56:AF:F7:F2:65:3A:81:E6:35:5A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 012E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/SfJfiEGTal5rbVav9_JlOoHmNVo.roa
Signing time: Thu 08 May 2025 15:37:46 +0000
ROA not before: Thu 08 May 2025 15:37:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302 (0x12e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 15:37:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=49F25F8841936A5E6B6D56AFF7F2653A81E6355A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0a:27:eb:89:1b:9b:59:c4:c4:c7:c7:f0:41:
7c:ed:c7:15:37:9f:4e:b6:9b:97:f6:8b:bf:59:d7:
8d:f9:a9:b7:54:81:e2:86:99:d8:34:11:77:83:75:
6e:d3:74:5b:7f:49:1f:6d:84:bb:04:6d:b2:dc:ac:
0b:25:68:64:f0:aa:20:bf:3c:55:54:2c:71:b7:e3:
a4:1f:03:2f:4f:57:46:0e:e4:f8:84:38:71:4b:ea:
2b:da:77:e4:48:12:3f:5b:f9:33:36:4b:a2:59:9f:
d2:5f:e8:8c:b9:65:e0:74:41:7c:79:e1:e4:a4:7d:
fc:b4:ac:01:55:3c:8a:19:71:46:76:13:59:64:18:
2a:41:70:9e:62:ec:1b:1f:b6:2f:1a:02:91:b5:9b:
a2:1f:fc:be:c9:5c:c2:6e:a8:5f:4d:70:42:67:b6:
53:79:43:b4:0a:05:08:e6:ff:79:a1:e4:b0:81:b3:
59:9e:7b:90:b6:b9:eb:cf:c4:1a:f1:34:78:23:a7:
2b:56:13:d2:35:3a:0f:48:13:c9:57:bc:81:3b:af:
ab:6a:95:b5:e9:49:ec:58:1f:d0:e5:2a:29:94:6f:
d2:6c:2b:d9:44:d2:e7:b2:88:67:a2:f2:e1:0b:e1:
6c:6b:9a:62:4b:0c:ea:f9:a8:b8:c4:72:fe:cd:48:
8f:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F2:5F:88:41:93:6A:5E:6B:6D:56:AF:F7:F2:65:3A:81:E6:35:5A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/SfJfiEGTal5rbVav9_JlOoHmNVo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:4e:99:14:66:75:e4:02:49:5a:94:59:46:76:f9:da:b8:c1:
d3:1a:9a:09:3d:ee:c0:f5:6e:65:14:05:60:f6:84:e8:fa:6b:
cb:2a:db:47:d6:6b:0b:86:2a:52:ac:c3:85:47:ef:75:03:f5:
9f:37:f4:80:31:a2:28:ae:96:9c:c5:69:55:f9:29:3f:8d:16:
bc:09:3a:4e:b9:71:d4:05:d3:df:4d:a4:42:fb:50:76:ab:8c:
04:5b:38:3a:82:06:32:4f:12:89:dc:79:98:81:25:c1:da:47:
2e:43:27:ef:97:b1:f8:15:9d:aa:8a:7e:c3:95:76:03:74:75:
b6:a9:05:7d:22:ae:63:4c:53:25:75:68:9c:2e:ef:7f:5a:5e:
02:07:8c:f1:ba:da:3b:0f:fd:ec:09:8e:b9:75:55:2a:4b:e4:
3e:2f:ad:6d:18:84:1f:f6:9e:5f:63:20:ad:31:41:de:2d:97:
c0:29:60:31:e4:0b:87:7c:47:0c:4a:04:8e:87:23:89:f4:21:
b0:d2:06:6c:d3:c0:a1:24:bc:b3:fc:64:a2:51:09:33:1b:07:
1c:30:db:3d:65:e3:71:30:65:3b:b1:22:c7:9c:56:c6:38:61:
3a:e3:4f:b8:c6:79:79:5c:07:03:fe:ff:77:e6:75:72:d5:94:
0e:b4:20:1b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
NTM3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ5RjI1Rjg4NDE5MzZB
NUU2QjZENTZBRkY3RjI2NTNBODFFNjM1NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuCifriRubWcTEx8fwQXztxxU3n062m5f2i79Z1435qbdUgeKG
mdg0EXeDdW7TdFt/SR9thLsEbbLcrAslaGTwqiC/PFVULHG346QfAy9PV0YO5PiE
OHFL6ivad+RIEj9b+TM2S6JZn9Jf6Iy5ZeB0QXx54eSkffy0rAFVPIoZcUZ2E1lk
GCpBcJ5i7Bsfti8aApG1m6If/L7JXMJuqF9NcEJntlN5Q7QKBQjm/3mh5LCBs1me
e5C2uevPxBrxNHgjpytWE9I1Og9IE8lXvIE7r6tqlbXpSexYH9DlKimUb9JsK9lE
0ueyiGei8uEL4WxrmmJLDOr5qLjEcv7NSI+FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUSfJfiEGTal5rbVav9/JlOoHmNVowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9TZkpmaUVHVGFsNXJiVmF2
OV9KbE9vSG1OVm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ9OmRRmdeQCSVqUWUZ2+dq4wdMamgk97sD1
bmUUBWD2hOj6a8sq20fWawuGKlKsw4VH73UD9Z839IAxoiiulpzFaVX5KT+NFrwJ
Ok65cdQF099NpEL7UHarjARbODqCBjJPEonceZiBJcHaRy5DJ++XsfgVnaqKfsOV
dgN0dbapBX0irmNMUyV1aJwu739aXgIHjPG62jsP/ewJjrl1VSpL5D4vrW0YhB/2
nl9jIK0xQd4tl8ApYDHkC4d8RwxKBI6HI4n0IbDSBmzTwKEkvLP8ZKJRCTMbBxww
2z1l43EwZTuxIsecVsY4YTrjT7jGeXlcBwP+/3fmdXLVlA60IBs=
-----END CERTIFICATE-----
Generated at Sat May 17 23:22:21 2025 by rpki-client