Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/WF1NNDuEKdGkn8G4AVzBkS2a66s.roa
File: WF1NNDuEKdGkn8G4AVzBkS2a66s.roa (raw, json)
Hash identifier: MdPcNPHKxVfU31jGfsex031PIhz5iCeI6iUCkzmtNRY=
Subject key identifier: 58:5D:4D:34:3B:84:29:D1:A4:9F:C1:B8:01:5C:C1:91:2D:9A:EB:AB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02F2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WF1NNDuEKdGkn8G4AVzBkS2a66s.roa
Signing time: Sun 11 May 2025 00:07:51 +0000
ROA not before: Sun 11 May 2025 00:07:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 754 (0x2f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 00:07:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=585D4D343B8429D1A49FC1B8015CC1912D9AEBAB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e1:77:96:97:06:86:16:fd:43:48:c4:4d:cc:
c3:29:a4:04:5f:8f:4b:45:a0:df:2b:cf:b4:aa:ea:
30:41:18:81:16:15:af:da:46:4f:c1:8c:f7:19:66:
50:8d:59:70:16:28:76:5c:da:d3:64:99:03:ea:e2:
4c:26:d5:4b:47:92:cd:9e:72:2c:a6:87:ee:2a:8c:
47:d8:3d:cf:99:35:57:dd:fd:84:3a:4c:46:71:dd:
73:9d:f0:4c:cd:c6:99:6a:8c:14:61:08:c9:f0:85:
5c:b4:4a:62:c3:1b:6f:91:10:a2:7f:c9:ea:20:cd:
eb:21:c0:70:f8:20:b2:eb:b9:5f:b4:f3:3e:af:74:
eb:bd:44:64:1a:ec:fa:af:e7:c9:4d:77:1f:6b:85:
ba:23:c6:ed:f4:26:d6:28:f8:62:b2:5f:e0:36:25:
ab:86:ad:64:78:4b:5b:b5:c9:f0:b6:75:f5:ad:e9:
3f:61:57:5b:cb:ca:a8:23:bc:69:47:30:82:e1:49:
35:3a:34:f3:e4:20:f0:5d:7c:56:c0:c6:2e:97:a7:
18:2e:5e:0c:d4:69:c1:bb:ad:b6:65:f4:3a:50:ff:
82:0a:17:90:a0:42:2a:58:76:ab:b2:df:e7:de:0b:
af:82:9d:be:f2:8a:62:02:da:37:df:39:de:77:13:
0e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:5D:4D:34:3B:84:29:D1:A4:9F:C1:B8:01:5C:C1:91:2D:9A:EB:AB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WF1NNDuEKdGkn8G4AVzBkS2a66s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:dc:66:90:b8:28:6d:78:22:09:0c:79:06:f6:82:89:0a:62:
52:c1:67:6d:04:4d:6d:06:b1:db:19:4a:04:3f:a4:cd:99:7e:
6a:f4:31:fb:ff:c8:27:31:79:5d:cb:34:f9:40:a0:44:7b:23:
da:97:f3:e1:27:ba:02:79:bc:c0:52:c0:b2:d7:5f:20:bd:c5:
25:e7:24:91:e4:49:0c:f3:e6:47:f3:f1:ff:45:3f:21:66:4c:
cc:86:94:5f:ea:37:30:07:b9:92:ab:51:1c:e8:a8:4c:fd:ef:
cf:67:54:f7:e2:0e:99:13:e7:0b:27:57:69:64:1c:f5:7c:ec:
d9:4e:72:f6:ba:c5:8a:b5:e5:fb:d6:7e:e5:bf:8c:c9:1d:51:
0f:5d:b1:f7:20:fb:78:dc:dd:ec:ea:da:1e:ba:81:41:86:cd:
20:8f:cf:a7:ef:c4:5b:1a:32:83:06:56:32:0a:7c:20:aa:00:
00:18:cf:64:b5:a8:d7:b9:7b:36:57:a9:22:1a:3d:cf:d0:b4:
f1:e4:82:9b:e9:61:49:f9:70:c9:41:82:8f:0f:fa:6f:b1:bf:
68:ac:4a:fc:dc:f2:65:17:ce:62:39:19:17:06:1b:fa:26:97:
ff:31:f4:fc:de:9e:83:7c:d1:bf:59:a2:ff:c2:bf:41:0f:ae:
68:73:e9:81
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
MDA3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU4NUQ0RDM0M0I4NDI5
RDFBNDlGQzFCODAxNUNDMTkxMkQ5QUVCQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK4XeWlwaGFv1DSMRNzMMppARfj0tFoN8rz7Sq6jBBGIEWFa/a
Rk/BjPcZZlCNWXAWKHZc2tNkmQPq4kwm1UtHks2eciymh+4qjEfYPc+ZNVfd/YQ6
TEZx3XOd8EzNxplqjBRhCMnwhVy0SmLDG2+REKJ/yeogzeshwHD4ILLruV+08z6v
dOu9RGQa7Pqv58lNdx9rhbojxu30JtYo+GKyX+A2JauGrWR4S1u1yfC2dfWt6T9h
V1vLyqgjvGlHMILhSTU6NPPkIPBdfFbAxi6XpxguXgzUacG7rbZl9DpQ/4IKF5Cg
QipYdquy3+feC6+Cnb7yimIC2jffOd53Ew6vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWF1NNDuEKdGkn8G4AVzBkS2a66swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XRjFOTkR1RUtkR2tuOEc0
QVZ6QmtTMmE2NnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKzcZpC4KG14IgkMeQb2gokKYlLBZ20ETW0G
sdsZSgQ/pM2Zfmr0Mfv/yCcxeV3LNPlAoER7I9qX8+EnugJ5vMBSwLLXXyC9xSXn
JJHkSQzz5kfz8f9FPyFmTMyGlF/qNzAHuZKrURzoqEz9789nVPfiDpkT5wsnV2lk
HPV87NlOcva6xYq15fvWfuW/jMkdUQ9dsfcg+3jc3ezq2h66gUGGzSCPz6fvxFsa
MoMGVjIKfCCqAAAYz2S1qNe5ezZXqSIaPc/QtPHkgpvpYUn5cMlBgo8P+m+xv2is
Svzc8mUXzmI5GRcGG/oml/8x9PzenoN80b9Zov/Cv0EPrmhz6YE=
-----END CERTIFICATE-----
Generated at Sun May 18 04:47:41 2025 by rpki-client