Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VBcaTzvfZ4TbE4CD_im6ReYQ_xA.roa
File: VBcaTzvfZ4TbE4CD_im6ReYQ_xA.roa (raw, json)
Hash identifier: 39B4zE/I1EXcFVdlzaBmQSM42CIpNbObxFiPKpkd6IM=
Subject key identifier: 54:17:1A:4F:3B:DF:67:84:DB:13:80:83:FE:29:BA:45:E6:10:FF:10
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 037A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VBcaTzvfZ4TbE4CD_im6ReYQ_xA.roa
Signing time: Sun 11 May 2025 17:07:58 +0000
ROA not before: Sun 11 May 2025 17:07:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 890 (0x37a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 17:07:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=54171A4F3BDF6784DB138083FE29BA45E610FF10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:59:fb:28:a3:d8:e8:f4:96:46:33:aa:49:56:
82:e3:b8:a4:ad:c8:97:c2:92:ac:d6:8e:e2:8e:0e:
70:c1:0d:da:97:11:e1:21:2a:81:81:2f:c5:e5:47:
a6:e2:30:26:ff:90:16:f6:20:1d:22:80:3b:8a:02:
54:ce:67:66:c3:29:0e:69:ea:50:d9:ec:69:12:b7:
13:6f:6d:76:6f:da:dd:74:b2:aa:df:f7:d4:9c:ac:
ff:69:54:26:f8:9a:e1:fd:4a:ee:c2:f5:5d:e0:a4:
82:6d:da:08:6f:f9:72:47:87:24:26:a4:67:e1:65:
98:13:b4:e9:cd:77:24:fc:3e:a9:01:1a:e0:00:ff:
59:79:87:eb:5c:2d:9c:3e:6e:78:f7:4a:81:15:f4:
e0:54:2b:5f:56:80:ff:98:bf:c6:29:28:b7:6b:c1:
50:1e:be:df:83:93:28:3f:16:e0:3f:72:75:f3:31:
7b:59:cb:db:11:20:ca:08:ff:9f:ec:be:89:40:46:
66:a3:51:42:e4:9e:20:d8:29:1e:0f:1e:b1:36:9f:
fa:f8:ae:9f:5d:c2:7d:c8:c1:3c:a9:b6:4c:82:97:
cf:86:01:6c:95:6e:41:19:bf:c5:f2:b7:54:6b:3b:
b4:a4:c6:ce:82:f1:19:db:04:a5:40:a1:ec:66:df:
41:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:17:1A:4F:3B:DF:67:84:DB:13:80:83:FE:29:BA:45:E6:10:FF:10
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VBcaTzvfZ4TbE4CD_im6ReYQ_xA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:6f:a9:5a:55:62:5c:9d:f7:94:72:13:28:72:b9:04:e5:3b:
45:79:4b:cb:bd:29:c0:47:d3:93:dd:01:4e:f3:28:27:ae:d4:
95:ac:49:2d:fa:3a:a9:1d:20:a3:95:d2:61:1e:cc:45:b0:a2:
89:01:d9:fa:26:f4:a8:d7:6e:ef:b0:97:d4:c4:e3:f5:24:f2:
a3:d4:9e:a6:8b:69:ac:40:1e:c7:02:6f:1c:9b:28:47:47:f4:
b5:9f:cc:bf:2a:f5:ad:69:6f:96:19:e7:2a:f5:0f:a8:e5:ea:
ad:08:f6:e6:59:33:a2:cb:d3:53:1a:3f:c5:76:97:78:b7:07:
45:ad:a2:67:2a:e3:a3:dc:a9:ec:d6:f2:e8:4e:e2:d2:7d:e9:
41:26:16:0e:4a:d0:74:b1:85:33:4d:88:b6:e9:4e:7d:9b:c9:
a6:59:b6:f6:aa:a7:3b:6e:79:72:fc:b6:b5:34:a2:a2:9f:23:
d8:8d:f5:82:f6:ea:8f:04:8b:61:8d:69:57:77:35:00:80:4a:
17:fd:cc:85:7d:65:67:cf:94:9f:ec:16:f3:9c:36:6c:ce:d8:
20:72:75:08:15:ad:42:c5:ea:32:d7:69:25:09:27:06:14:96:
4f:30:34:ad:c7:0d:52:7f:21:ec:3f:f6:73:a0:c1:c2:cc:2d:
2b:72:01:e6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NzA3NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0MTcxQTRGM0JERjY3
ODREQjEzODA4M0ZFMjlCQTQ1RTYxMEZGMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvWfsoo9jo9JZGM6pJVoLjuKStyJfCkqzWjuKODnDBDdqXEeEh
KoGBL8XlR6biMCb/kBb2IB0igDuKAlTOZ2bDKQ5p6lDZ7GkStxNvbXZv2t10sqrf
99ScrP9pVCb4muH9Su7C9V3gpIJt2ghv+XJHhyQmpGfhZZgTtOnNdyT8PqkBGuAA
/1l5h+tcLZw+bnj3SoEV9OBUK19WgP+Yv8YpKLdrwVAevt+Dkyg/FuA/cnXzMXtZ
y9sRIMoI/5/svolARmajUULkniDYKR4PHrE2n/r4rp9dwn3IwTyptkyCl8+GAWyV
bkEZv8Xyt1RrO7Skxs6C8RnbBKVAoexm30EvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVBcaTzvfZ4TbE4CD/im6ReYQ/xAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WQmNhVHp2Zlo0VGJFNENE
X2ltNlJlWVFfeEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABZvqVpVYlyd95RyEyhyuQTlO0V5S8u9KcBH
05PdAU7zKCeu1JWsSS36OqkdIKOV0mEezEWwookB2fom9KjXbu+wl9TE4/Uk8qPU
nqaLaaxAHscCbxybKEdH9LWfzL8q9a1pb5YZ5yr1D6jl6q0I9uZZM6LL01MaP8V2
l3i3B0Wtomcq46PcqezW8uhO4tJ96UEmFg5K0HSxhTNNiLbpTn2byaZZtvaqpztu
eXL8trU0oqKfI9iN9YL26o8Ei2GNaVd3NQCAShf9zIV9ZWfPlJ/sFvOcNmzO2CBy
dQgVrULF6jLXaSUJJwYUlk8wNK3HDVJ/Iew/9nOgwcLMLStyAeY=
-----END CERTIFICATE-----
Generated at Sat May 17 19:51:09 2025 by rpki-client