Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VP__4Yk30WlB02_hkmcBO1tP1NA.roa
File: VP__4Yk30WlB02_hkmcBO1tP1NA.roa (raw, json)
Hash identifier: QJjwALvjICR//uvQNpsispwZmR4GQyzTdGdX6o/urDs=
Subject key identifier: 54:FF:FF:E1:89:37:D1:69:41:D3:6F:E1:92:67:01:3B:5B:4F:D4:D0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 025A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VP__4Yk30WlB02_hkmcBO1tP1NA.roa
Signing time: Sat 10 May 2025 05:08:22 +0000
ROA not before: Sat 10 May 2025 05:08:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 602 (0x25a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 05:08:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=54FFFFE18937D16941D36FE19267013B5B4FD4D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4a:3b:d9:d8:f6:06:8a:00:6f:21:e5:12:34:
8f:1c:d3:37:2a:c7:e5:fb:af:f4:a4:de:9c:3f:c1:
39:92:33:8f:e6:75:03:78:0c:c0:7d:0a:7f:a1:c5:
22:f8:e0:f5:49:60:83:ce:f6:3e:4e:13:2d:d5:50:
5f:34:90:da:5d:17:75:27:6c:9b:ab:ee:32:56:28:
6a:ff:e9:6f:c5:b6:bb:3b:37:a7:f4:35:e9:94:fd:
e2:f0:10:ad:f2:16:cb:13:16:74:ca:b9:73:19:e6:
40:cb:4d:92:92:66:52:d9:6e:b9:92:50:c0:8e:0c:
ee:c0:65:0d:aa:25:27:9b:9a:4a:2f:90:f4:9f:e9:
71:96:a2:17:4a:cd:6b:a8:c9:c7:2b:b6:17:18:39:
41:de:84:b2:f3:24:f8:da:df:39:e8:91:7c:b1:db:
7f:11:cf:b0:3a:55:ca:f9:23:af:02:70:e7:04:25:
7c:63:9b:54:78:cd:fb:7e:fa:70:d1:07:dc:1b:a4:
50:cb:a4:f9:36:d2:80:c0:04:d1:97:13:c6:ee:8b:
51:d1:1a:af:63:3e:03:89:cf:6c:dd:58:b9:64:dd:
bf:d1:3b:cb:b1:53:60:91:10:9c:fc:0d:a5:d9:71:
c1:6c:37:ba:7c:41:a8:c6:e6:7a:0b:dc:53:86:46:
24:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FF:FF:E1:89:37:D1:69:41:D3:6F:E1:92:67:01:3B:5B:4F:D4:D0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VP__4Yk30WlB02_hkmcBO1tP1NA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:98:5d:e4:e4:0d:6a:9e:ce:ca:2d:96:32:56:71:75:32:47:
5e:02:9d:3a:c4:3f:c2:41:aa:30:f6:af:4b:1c:1d:30:05:e0:
c0:9b:51:19:7f:62:b7:6a:95:f6:c0:ca:a4:1c:d5:2e:a9:b9:
34:49:17:d4:43:9c:55:38:46:30:c2:d2:c4:f4:7d:31:be:b2:
db:28:31:e7:60:70:da:08:cf:69:b7:09:79:55:4a:42:ab:a3:
5f:8b:a0:c7:d9:40:b4:35:71:43:09:95:14:19:2d:80:f9:ef:
46:92:1e:ee:f8:d9:9f:5e:d6:77:d0:3e:60:d0:b1:6e:cc:77:
39:a2:47:8e:34:57:98:fa:7c:90:f0:fc:0f:f0:28:4d:d9:2f:
b7:99:35:37:1d:16:7a:4a:e1:f6:cb:e8:ad:cd:7d:f7:ad:2c:
73:c8:b3:58:d3:2c:cb:eb:06:79:0d:db:91:1f:ab:e7:31:3b:
8e:b0:d5:7f:60:ca:f9:45:ed:64:1f:04:d7:8e:5d:41:eb:0e:
ca:d0:90:ba:65:28:1d:38:06:ee:f0:be:e4:8d:18:69:9b:80:
03:44:17:25:84:aa:5b:b5:b1:73:4e:ca:43:f0:e8:7d:f3:d4:
ce:05:f5:d5:2a:ba:9e:83:78:c9:42:59:7d:02:9a:67:a4:4d:
3f:11:09:c4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAlowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAw
NTA4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0RkZGRkUxODkzN0Qx
Njk0MUQzNkZFMTkyNjcwMTNCNUI0RkQ0RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbSjvZ2PYGigBvIeUSNI8c0zcqx+X7r/Sk3pw/wTmSM4/mdQN4
DMB9Cn+hxSL44PVJYIPO9j5OEy3VUF80kNpdF3UnbJur7jJWKGr/6W/Ftrs7N6f0
NemU/eLwEK3yFssTFnTKuXMZ5kDLTZKSZlLZbrmSUMCODO7AZQ2qJSebmkovkPSf
6XGWohdKzWuoyccrthcYOUHehLLzJPja3znokXyx238Rz7A6Vcr5I68CcOcEJXxj
m1R4zft++nDRB9wbpFDLpPk20oDABNGXE8bui1HRGq9jPgOJz2zdWLlk3b/RO8ux
U2CREJz8DaXZccFsN7p8QajG5noL3FOGRiTlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVP//4Yk30WlB02/hkmcBO1tP1NAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WUF9fNFlrMzBXbEIwMl9o
a21jQk8xdFAxTkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFWYXeTkDWqezsotljJWcXUyR14CnTrEP8JB
qjD2r0scHTAF4MCbURl/YrdqlfbAyqQc1S6puTRJF9RDnFU4RjDC0sT0fTG+stso
MedgcNoIz2m3CXlVSkKro1+LoMfZQLQ1cUMJlRQZLYD570aSHu742Z9e1nfQPmDQ
sW7MdzmiR440V5j6fJDw/A/wKE3ZL7eZNTcdFnpK4fbL6K3NffetLHPIs1jTLMvr
BnkN25Efq+cxO46w1X9gyvlF7WQfBNeOXUHrDsrQkLplKB04Bu7wvuSNGGmbgANE
FyWEqlu1sXNOykPw6H3z1M4F9dUqup6DeMlCWX0CmmekTT8RCcQ=
-----END CERTIFICATE-----
Generated at Sun May 18 10:28:40 2025 by rpki-client