Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XvL0uWBQL6QdG5blZVtEdSH6MWU.roa
File: XvL0uWBQL6QdG5blZVtEdSH6MWU.roa (raw, json)
Hash identifier: J+IA9cHQgP3m1woi13HbjGvtyYH3ydxNOzay+kCJuKc=
Subject key identifier: 5E:F2:F4:B9:60:50:2F:A4:1D:1B:96:E5:65:5B:44:75:21:FA:31:65
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0522
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XvL0uWBQL6QdG5blZVtEdSH6MWU.roa
Signing time: Tue 13 May 2025 22:07:59 +0000
ROA not before: Tue 13 May 2025 22:07:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1314 (0x522)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 22:07:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5EF2F4B960502FA41D1B96E5655B447521FA3165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:7f:51:d1:47:3a:cc:f9:65:50:04:e3:e5:
f3:1f:91:fe:0e:5c:9a:3b:04:29:ec:4c:88:12:f0:
86:7c:f4:fc:26:d4:81:c6:f1:39:eb:31:06:c3:2a:
0f:2c:0b:3b:e7:c7:70:55:21:40:d1:c0:e7:31:b8:
3c:54:ff:da:50:ed:f7:ac:b9:c6:3a:2f:b9:c4:93:
4f:ee:a4:f9:6c:cf:c8:54:45:70:59:1c:76:f3:e4:
c2:a6:85:a9:09:e2:bc:0f:49:65:0f:a8:24:2e:98:
96:b1:33:85:9e:21:c7:9a:31:e6:3d:77:32:91:98:
47:fd:9d:13:c1:51:cd:08:ea:f7:58:be:d5:54:90:
59:57:f1:f0:3e:17:ab:18:68:18:45:b8:12:44:34:
fc:fa:9a:aa:05:f4:84:b3:a4:28:92:85:e5:b8:fd:
b2:a2:0f:d0:fe:40:02:1d:02:6d:bb:61:46:f5:71:
d6:4b:a9:d6:01:f1:bc:de:df:72:61:82:dc:56:91:
0f:4e:4c:a9:88:9b:fd:38:36:2e:dc:11:54:05:6e:
28:6c:32:cd:4a:c5:d8:fa:e6:b8:80:f3:07:63:63:
ba:46:cb:9c:67:c5:de:ba:b2:50:0b:7c:f0:d7:2c:
71:dd:a5:b5:e7:b2:ba:b7:42:59:5a:4c:7a:21:0f:
e4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F2:F4:B9:60:50:2F:A4:1D:1B:96:E5:65:5B:44:75:21:FA:31:65
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XvL0uWBQL6QdG5blZVtEdSH6MWU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:7e:64:ba:75:e8:63:94:8a:35:f1:13:e8:38:df:05:a5:70:
4b:5b:6a:18:5f:b2:8c:37:4e:e4:9c:bc:06:2a:b4:61:3e:20:
5a:82:73:6a:d1:2c:6c:ea:91:a6:cc:27:2a:d0:d0:a7:81:cf:
af:34:a1:55:b4:8e:f4:28:4a:e9:db:88:37:c1:4e:35:ed:27:
c1:4b:ac:43:35:f8:f5:36:bf:a8:23:86:af:9c:53:47:34:57:
29:2f:42:62:04:b7:09:5b:53:9e:c7:c5:93:6c:8f:fe:f9:03:
a0:79:b3:2c:cf:3f:98:1e:4b:b9:8f:1c:ce:12:85:27:15:e5:
f9:39:42:1f:17:7c:b6:45:33:f8:d5:ad:cb:64:89:1b:26:dc:
98:cf:f6:2e:73:c9:8f:22:02:f2:12:20:64:40:df:b0:19:f4:
0a:b7:89:88:48:15:fe:ab:27:d0:27:0f:14:49:ab:22:5a:7c:
e7:33:f0:c4:d6:77:9e:c7:a9:db:da:17:bd:e1:66:d7:c2:d0:
50:56:b9:b1:d7:4f:69:8a:7f:c9:05:18:a8:50:5d:9f:b7:5f:
f5:fd:93:ae:4b:e5:01:05:49:1a:b3:9c:bc:8a:ea:09:d9:af:
67:4c:0e:5c:e1:ff:14:cb:73:32:6c:c5:f1:ad:a0:46:4a:54:
86:db:ac:db
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBSIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MjA3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVFRjJGNEI5NjA1MDJG
QTQxRDFCOTZFNTY1NUI0NDc1MjFGQTMxNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGen9R0Uc6zPllUATj5fMfkf4OXJo7BCnsTIgS8IZ89Pwm1IHG
8TnrMQbDKg8sCzvnx3BVIUDRwOcxuDxU/9pQ7fesucY6L7nEk0/upPlsz8hURXBZ
HHbz5MKmhakJ4rwPSWUPqCQumJaxM4WeIceaMeY9dzKRmEf9nRPBUc0I6vdYvtVU
kFlX8fA+F6sYaBhFuBJENPz6mqoF9ISzpCiSheW4/bKiD9D+QAIdAm27YUb1cdZL
qdYB8bze33JhgtxWkQ9OTKmIm/04Ni7cEVQFbihsMs1Kxdj65riA8wdjY7pGy5xn
xd66slALfPDXLHHdpbXnsrq3QllaTHohD+Q7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXvL0uWBQL6QdG5blZVtEdSH6MWUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YdkwwdVdCUUw2UWRHNWJs
WlZ0RWRTSDZNV1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJl+ZLp16GOUijXxE+g43wWlcEtbahhfsow3
TuScvAYqtGE+IFqCc2rRLGzqkabMJyrQ0KeBz680oVW0jvQoSunbiDfBTjXtJ8FL
rEM1+PU2v6gjhq+cU0c0VykvQmIEtwlbU57HxZNsj/75A6B5syzPP5geS7mPHM4S
hScV5fk5Qh8XfLZFM/jVrctkiRsm3JjP9i5zyY8iAvISIGRA37AZ9Aq3iYhIFf6r
J9AnDxRJqyJafOcz8MTWd57HqdvaF73hZtfC0FBWubHXT2mKf8kFGKhQXZ+3X/X9
k65L5QEFSRqznLyK6gnZr2dMDlzh/xTLczJsxfGtoEZKVIbbrNs=
-----END CERTIFICATE-----
Generated at Sat May 17 19:40:11 2025 by rpki-client