Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/WeG7IqLTHXZ64N4A8g3nRhzqKcM.roa
File: WeG7IqLTHXZ64N4A8g3nRhzqKcM.roa (raw, json)
Hash identifier: PNaikGBx4RGiGFvS2582ZLQ2jnqryakPEIuGy3c0QMA=
Subject key identifier: 59:E1:BB:22:A2:D3:1D:76:7A:E0:DE:00:F2:0D:E7:46:1C:EA:29:C3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04C6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WeG7IqLTHXZ64N4A8g3nRhzqKcM.roa
Signing time: Tue 13 May 2025 10:37:57 +0000
ROA not before: Tue 13 May 2025 10:37:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1222 (0x4c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 10:37:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=59E1BB22A2D31D767AE0DE00F20DE7461CEA29C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:97:f8:09:e0:0b:c4:8b:c5:5d:9e:bd:b4:cf:
1f:19:ed:a8:ab:d2:0e:c9:37:a3:a7:01:ee:d2:8d:
2e:9d:c0:f3:7a:f4:76:20:8c:f4:50:43:66:17:17:
c2:a4:cc:ab:62:f4:f5:60:3c:af:79:1e:af:7c:bc:
c7:d6:7e:9a:8a:2f:49:30:56:b7:99:57:60:71:65:
c5:af:ce:35:99:36:73:97:5f:2c:15:a3:00:fc:b1:
95:22:86:d7:7b:01:ea:45:1e:cf:e8:cd:90:02:5e:
14:67:f4:20:52:51:0a:10:f3:81:9c:70:15:52:63:
4a:57:8c:f9:ac:86:13:02:d2:04:a3:2e:64:33:57:
5a:93:d8:7f:d0:7f:4a:4c:dc:bc:f8:9f:4f:9a:8a:
d9:af:18:13:43:d0:3f:f1:23:51:9f:ae:05:50:b2:
ed:df:7c:bc:6f:1f:ca:d8:ab:fe:06:c9:b5:84:13:
b5:10:74:9f:20:b5:24:22:ec:eb:10:58:65:df:ba:
db:4a:b2:70:9d:bf:dd:05:07:49:67:98:ef:cc:99:
f9:f8:0a:e9:ac:03:04:3d:e5:74:9c:65:4a:f4:77:
94:04:a2:9d:4c:02:b3:7b:55:51:89:3a:98:02:b1:
92:8d:4b:fa:bf:59:0f:27:6d:7e:57:94:4a:94:5f:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:E1:BB:22:A2:D3:1D:76:7A:E0:DE:00:F2:0D:E7:46:1C:EA:29:C3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WeG7IqLTHXZ64N4A8g3nRhzqKcM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:fa:ec:ce:87:21:7e:b3:aa:8d:9f:b2:bf:64:d0:7d:11:55:
85:1d:83:cb:e7:2a:25:bb:6f:a4:c5:93:71:6b:cd:0c:62:a1:
f0:db:0f:a2:a1:53:6b:1a:8a:67:0c:b3:a8:99:23:62:2c:f5:
4e:9b:da:0b:8e:09:67:a6:46:0e:ed:ca:d5:02:84:fd:fd:bc:
d4:91:de:9b:44:21:e8:6b:cb:bd:fc:60:ca:6c:0c:86:e3:dd:
42:db:4a:13:f1:bb:48:ed:07:f7:f5:76:7d:ac:be:86:d0:38:
e6:3d:2b:52:fe:38:5b:3b:d4:04:66:5e:0e:57:4e:ac:93:55:
2b:bf:1c:18:02:02:2a:d5:70:1e:21:ea:16:94:e6:e3:bd:fe:
17:28:fa:8a:2b:c1:e8:c5:39:d4:dc:f4:d5:1a:c9:78:6f:af:
80:f7:c9:8c:9b:e8:d9:02:3f:d3:af:db:51:22:ac:16:61:f9:
89:83:3e:ac:2b:80:be:07:9d:dd:aa:d2:96:68:5c:15:38:1b:
59:a1:b0:53:43:bd:c7:99:45:cd:fa:ee:d3:d5:1d:31:33:72:
e4:14:13:7a:a9:28:4e:58:8b:ff:06:7b:02:b1:ab:39:75:d8:
62:13:83:7c:d4:ab:5e:54:4a:95:d9:b2:92:14:57:a4:55:a0:
32:d9:30:d4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
MDM3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU5RTFCQjIyQTJEMzFE
NzY3QUUwREUwMEYyMERFNzQ2MUNFQTI5QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDl/gJ4AvEi8Vdnr20zx8Z7air0g7JN6OnAe7SjS6dwPN69HYg
jPRQQ2YXF8KkzKti9PVgPK95Hq98vMfWfpqKL0kwVreZV2BxZcWvzjWZNnOXXywV
owD8sZUihtd7AepFHs/ozZACXhRn9CBSUQoQ84GccBVSY0pXjPmshhMC0gSjLmQz
V1qT2H/Qf0pM3Lz4n0+aitmvGBND0D/xI1GfrgVQsu3ffLxvH8rYq/4GybWEE7UQ
dJ8gtSQi7OsQWGXfuttKsnCdv90FB0lnmO/Mmfn4CumsAwQ95XScZUr0d5QEop1M
ArN7VVGJOpgCsZKNS/q/WQ8nbX5XlEqUX2WjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWeG7IqLTHXZ64N4A8g3nRhzqKcMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XZUc3SXFMVEhYWjY0TjRB
OGczblJoenFLY00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADT67M6HIX6zqo2fsr9k0H0RVYUdg8vnKiW7
b6TFk3FrzQxiofDbD6KhU2saimcMs6iZI2Is9U6b2guOCWemRg7tytUChP39vNSR
3ptEIehry738YMpsDIbj3ULbShPxu0jtB/f1dn2svobQOOY9K1L+OFs71ARmXg5X
TqyTVSu/HBgCAirVcB4h6haU5uO9/hco+oorwejFOdTc9NUayXhvr4D3yYyb6NkC
P9Ov21EirBZh+YmDPqwrgL4Hnd2q0pZoXBU4G1mhsFNDvceZRc367tPVHTEzcuQU
E3qpKE5Yi/8GewKxqzl12GITg3zUq15USpXZspIUV6RVoDLZMNQ=
-----END CERTIFICATE-----
Generated at Sat May 17 19:45:20 2025 by rpki-client