Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/TW5J4bruizvzgQzeJRYaiGaOVDk.roa
File: TW5J4bruizvzgQzeJRYaiGaOVDk.roa (raw, json)
Hash identifier: bR64SddIp//w5nfoCa6jY2gkuwfJ7Sp1YfJcUno/Fik=
Subject key identifier: 4D:6E:49:E1:BA:EE:8B:3B:F3:81:0C:DE:25:16:1A:88:66:8E:54:39
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02E6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TW5J4bruizvzgQzeJRYaiGaOVDk.roa
Signing time: Sat 10 May 2025 22:37:52 +0000
ROA not before: Sat 10 May 2025 22:37:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 742 (0x2e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 22:37:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4D6E49E1BAEE8B3BF3810CDE25161A88668E5439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ac:81:7a:c3:68:1c:cd:87:53:64:ab:2b:eb:
1e:47:48:ef:82:9d:4a:cf:78:22:d7:51:53:dd:e8:
30:d3:9a:85:4e:9a:9c:66:33:81:d5:e2:b9:94:3d:
73:a2:ae:9d:e3:64:d3:5e:e4:a5:6e:6a:32:43:8e:
98:b9:d4:4a:02:bf:e8:ce:22:83:c1:d0:bc:28:c5:
e2:fb:2f:06:db:30:e4:75:06:6b:a3:c9:fb:8a:ba:
48:d3:ca:12:ac:d4:c9:64:63:49:58:5c:24:d3:5f:
08:0a:ce:4a:0b:3e:1e:72:ec:28:5e:b5:78:9a:ae:
33:5c:b8:c3:79:98:cb:40:7d:2b:f2:b2:58:a6:51:
f3:d0:7b:3e:17:a4:90:f9:42:3d:eb:34:19:fd:b7:
ca:39:8b:07:b4:ee:3a:ca:69:36:32:41:9b:93:25:
ef:c0:d9:53:6a:45:dd:95:51:0d:7a:7f:6b:f9:dd:
98:c6:92:a4:5e:51:9e:e8:8b:38:2c:70:71:45:a9:
f0:4d:6c:f3:25:8a:45:e1:86:e9:4c:54:75:29:bc:
ab:e1:60:73:17:89:d6:fa:e5:a9:07:6b:31:be:64:
d8:22:2a:01:44:81:d9:fa:24:27:fe:6f:cd:37:b8:
7b:b8:37:a2:b3:aa:61:29:b2:98:c6:b2:02:af:0a:
1d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6E:49:E1:BA:EE:8B:3B:F3:81:0C:DE:25:16:1A:88:66:8E:54:39
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/TW5J4bruizvzgQzeJRYaiGaOVDk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:de:fa:7c:86:a1:ee:ae:7f:ab:97:df:38:b1:50:ed:65:67:
86:5e:d0:5f:1a:01:52:66:33:c7:34:7c:93:54:4a:bd:16:fd:
bf:09:cd:fa:ad:a9:90:bf:82:9a:bf:97:a7:74:e4:7e:de:97:
96:3b:fa:54:b6:e3:73:17:d7:cf:54:ff:97:29:c6:f1:28:41:
87:47:85:36:c6:9a:01:85:4b:e6:86:8e:88:4a:07:10:9a:52:
22:e6:92:7a:69:aa:25:80:6d:67:90:b2:1b:31:41:ac:23:ab:
29:71:0b:48:95:a7:fb:30:f4:86:61:c0:7e:59:a1:df:40:62:
67:69:7a:3d:4a:08:10:47:fa:ce:02:a6:d2:11:7f:5f:d4:74:
c5:10:c5:61:60:f7:47:05:d8:f2:74:43:ee:3d:01:fe:66:49:
d3:4e:9c:c2:fc:aa:d2:89:04:93:c1:a3:c8:19:5c:2d:d7:b6:
c8:4e:7b:e0:5d:a7:21:b3:25:0b:23:80:ed:38:cb:20:d5:3e:
c8:f5:6d:f0:89:ea:0a:52:97:0b:04:0d:9f:db:06:d4:6d:93:
13:1c:58:8b:e3:f9:9b:f8:32:b4:25:08:12:d0:7f:5b:c8:bd:
60:a0:6f:e6:fb:84:28:ed:71:d9:4d:1f:a0:0d:a1:b7:6a:1f:
33:88:c3:db
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAuYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAy
MjM3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRENkU0OUUxQkFFRThC
M0JGMzgxMENERTI1MTYxQTg4NjY4RTU0MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1rIF6w2gczYdTZKsr6x5HSO+CnUrPeCLXUVPd6DDTmoVOmpxm
M4HV4rmUPXOirp3jZNNe5KVuajJDjpi51EoCv+jOIoPB0LwoxeL7LwbbMOR1Bmuj
yfuKukjTyhKs1MlkY0lYXCTTXwgKzkoLPh5y7ChetXiarjNcuMN5mMtAfSvyslim
UfPQez4XpJD5Qj3rNBn9t8o5iwe07jrKaTYyQZuTJe/A2VNqRd2VUQ16f2v53ZjG
kqReUZ7oizgscHFFqfBNbPMlikXhhulMVHUpvKvhYHMXidb65akHazG+ZNgiKgFE
gdn6JCf+b803uHu4N6KzqmEpspjGsgKvCh2TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTW5J4bruizvzgQzeJRYaiGaOVDkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UVzVKNGJydWl6dnpnUXpl
SlJZYWlHYU9WRGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKDe+nyGoe6uf6uX3zixUO1lZ4Ze0F8aAVJm
M8c0fJNUSr0W/b8JzfqtqZC/gpq/l6d05H7el5Y7+lS243MX189U/5cpxvEoQYdH
hTbGmgGFS+aGjohKBxCaUiLmknppqiWAbWeQshsxQawjqylxC0iVp/sw9IZhwH5Z
od9AYmdpej1KCBBH+s4CptIRf1/UdMUQxWFg90cF2PJ0Q+49Af5mSdNOnML8qtKJ
BJPBo8gZXC3XtshOe+BdpyGzJQsjgO04yyDVPsj1bfCJ6gpSlwsEDZ/bBtRtkxMc
WIvj+Zv4MrQlCBLQf1vIvWCgb+b7hCjtcdlNH6ANobdqHzOIw9s=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:29 2025 by rpki-client