Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Tp8SKRGjKO389GKiZtCnkmuYB44.roa
File: Tp8SKRGjKO389GKiZtCnkmuYB44.roa (raw, json)
Hash identifier: XdD11OY4OQUr23SZ8FFjZGbENze9ql9Dzt0a2+vBpPQ=
Subject key identifier: 4E:9F:12:29:11:A3:28:ED:FC:F4:62:A2:66:D0:A7:92:6B:98:07:8E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0562
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Tp8SKRGjKO389GKiZtCnkmuYB44.roa
Signing time: Wed 14 May 2025 06:08:52 +0000
ROA not before: Wed 14 May 2025 06:08:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1378 (0x562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 06:08:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=4E9F122911A328EDFCF462A266D0A7926B98078E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:b0:1f:fd:84:67:51:33:bc:39:87:da:28:
bc:50:fd:3b:0a:a0:07:24:88:a5:26:50:2d:39:bf:
b4:d7:f3:b8:0e:89:df:64:c0:8b:b6:89:cf:b3:bb:
05:cd:51:1a:08:2f:25:1f:bf:68:87:98:37:a4:14:
39:4c:f1:e7:80:ba:e7:34:88:77:56:21:3d:a8:92:
6b:6c:a9:c2:84:10:4e:7f:39:53:ba:69:62:91:dc:
b5:d7:bb:7a:33:d6:ce:fe:20:32:e7:99:dd:f6:0a:
76:73:54:12:15:4c:58:d0:b8:06:36:c3:3a:fb:91:
6a:9f:7e:56:0b:61:00:b0:db:46:70:1c:3e:40:42:
ea:ab:37:60:0d:a5:f5:74:cd:1e:3a:11:aa:f1:47:
ec:a7:f9:6d:9a:00:6e:35:99:e6:58:bd:b8:a2:f6:
36:2c:83:39:ea:eb:de:d6:1d:b3:f8:55:72:e7:00:
f8:ac:e3:f8:9b:f8:cc:ee:00:50:cb:8b:be:11:ea:
64:44:d8:be:fa:f7:1d:ae:f7:f5:37:a3:19:44:91:
2e:8e:b4:1c:71:e1:a0:4d:06:8d:fb:a3:93:a9:63:
5f:ca:cf:c6:f2:5d:cb:b6:00:92:b2:4b:9d:34:bd:
79:f1:a2:91:76:f0:3b:de:73:a5:bb:ea:42:d0:05:
b9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9F:12:29:11:A3:28:ED:FC:F4:62:A2:66:D0:A7:92:6B:98:07:8E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Tp8SKRGjKO389GKiZtCnkmuYB44.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:ae:2d:b0:ad:24:8a:e2:b5:40:83:99:f2:e0:cb:9a:3b:46:
c7:5c:d6:1f:9f:7e:5a:4d:20:fb:0a:42:55:c4:28:ef:4f:9b:
47:4b:ed:5e:7e:db:12:9f:a2:6b:db:dd:b8:7c:1e:80:5a:be:
a9:ce:2d:75:27:23:4d:4c:7c:da:86:96:0c:a4:ba:34:22:ac:
b3:55:97:88:c7:b7:c5:75:ad:9c:b0:11:2d:5e:25:e2:fe:3a:
1c:a9:8c:df:ba:52:00:b8:55:31:92:a2:10:e1:11:26:9b:6f:
cb:c2:cd:08:f2:30:a7:8d:d0:45:72:32:84:1f:7f:0c:ab:f3:
5c:31:57:7e:78:63:d1:aa:5d:f8:cc:ec:6a:08:d5:22:e9:b2:
63:00:60:00:df:fe:b5:02:d0:2e:61:08:2d:8f:54:4c:73:0b:
ce:63:53:d2:66:4d:86:0b:bd:64:8c:e2:5f:83:48:e1:50:d5:
04:a8:53:15:24:75:18:57:1e:08:77:01:1b:49:ee:0f:8e:bd:
77:cc:46:78:3f:ba:a8:ed:00:22:74:aa:e9:a0:ec:d5:fd:43:
74:28:30:28:31:a7:b9:da:a6:c2:1f:30:9b:0e:4d:bd:ef:0f:
42:60:73:d1:55:90:bf:3c:4d:7e:a4:5a:61:82:f5:c0:a4:18:
8b:dc:44:85
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NjA4NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDRFOUYxMjI5MTFBMzI4
RURGQ0Y0NjJBMjY2RDBBNzkyNkI5ODA3OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKGbAf/YRnUTO8OYfaKLxQ/TsKoAckiKUmUC05v7TX87gOid9k
wIu2ic+zuwXNURoILyUfv2iHmDekFDlM8eeAuuc0iHdWIT2okmtsqcKEEE5/OVO6
aWKR3LXXu3oz1s7+IDLnmd32CnZzVBIVTFjQuAY2wzr7kWqfflYLYQCw20ZwHD5A
QuqrN2ANpfV0zR46EarxR+yn+W2aAG41meZYvbii9jYsgznq697WHbP4VXLnAPis
4/ib+MzuAFDLi74R6mRE2L769x2u9/U3oxlEkS6OtBxx4aBNBo37o5OpY1/Kz8by
Xcu2AJKyS500vXnxopF28Dvec6W76kLQBbmhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUTp8SKRGjKO389GKiZtCnkmuYB44wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9UcDhTS1JHaktPMzg5R0tp
WnRDbmttdVlCNDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABSuLbCtJIritUCDmfLgy5o7Rsdc1h+fflpN
IPsKQlXEKO9Pm0dL7V5+2xKfomvb3bh8HoBavqnOLXUnI01MfNqGlgykujQirLNV
l4jHt8V1rZywES1eJeL+OhypjN+6UgC4VTGSohDhESabb8vCzQjyMKeN0EVyMoQf
fwyr81wxV354Y9GqXfjM7GoI1SLpsmMAYADf/rUC0C5hCC2PVExzC85jU9JmTYYL
vWSM4l+DSOFQ1QSoUxUkdRhXHgh3ARtJ7g+OvXfMRng/uqjtACJ0qumg7NX9Q3Qo
MCgxp7napsIfMJsOTb3vD0Jgc9FVkL88TX6kWmGC9cCkGIvcRIU=
-----END CERTIFICATE-----
Generated at Mon May 19 00:19:05 2025 by rpki-client