Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Z__h9QVdhl1qVi3HK9LXIyxwP_w.roa
File: Z__h9QVdhl1qVi3HK9LXIyxwP_w.roa (raw, json)
Hash identifier: qir29TT48Oxv0W36PJUGWmuW4w6tDzmIeRk59DHZFX0=
Subject key identifier: 67:FF:E1:F5:05:5D:86:5D:6A:56:2D:C7:2B:D2:D7:23:2C:70:3F:FC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01BA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Z__h9QVdhl1qVi3HK9LXIyxwP_w.roa
Signing time: Fri 09 May 2025 09:07:46 +0000
ROA not before: Fri 09 May 2025 09:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 442 (0x1ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 09:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=67FFE1F5055D865D6A562DC72BD2D7232C703FFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:03:a8:7a:df:9a:9a:3c:2e:9a:34:70:37:55:
72:e2:15:71:2d:3e:dd:ae:37:c3:c9:40:cd:3b:bb:
2a:c5:e7:92:1c:64:c3:ea:24:a6:8a:95:9e:df:0d:
f9:65:30:16:99:64:a4:b4:d7:ce:d6:e7:b3:ee:44:
1a:7e:10:62:1f:04:08:60:d3:1b:40:bf:88:f8:2c:
6c:0c:b7:a2:34:e8:14:fd:e5:e5:9e:49:63:4a:2c:
fd:7f:ca:9b:ae:72:f1:d8:98:1d:f6:22:61:1b:09:
72:ab:2f:e1:27:fc:50:0e:a0:8f:11:19:48:18:c1:
5c:3c:3e:9e:55:6a:7e:ce:e0:c4:f9:81:bf:b7:aa:
09:81:4c:4b:e6:b2:d6:c5:90:84:8f:e2:27:df:21:
13:93:87:ac:b4:4a:95:eb:07:66:45:69:c4:e0:ce:
be:2b:35:17:f7:b5:e3:56:31:fa:22:04:9a:25:ab:
93:30:da:62:d1:a6:40:13:1b:07:95:3a:f5:00:61:
95:ae:02:06:ae:9e:ab:e3:5c:9a:38:9f:c1:26:7f:
36:7a:23:77:ee:2f:0d:df:d4:2c:0d:95:1e:5a:64:
8d:42:1e:39:91:b0:90:ee:b8:86:1e:2a:7f:db:81:
34:69:8a:a8:1b:e7:c2:70:c5:e8:c8:65:aa:98:b4:
a7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FF:E1:F5:05:5D:86:5D:6A:56:2D:C7:2B:D2:D7:23:2C:70:3F:FC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Z__h9QVdhl1qVi3HK9LXIyxwP_w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
62:91:af:f2:00:88:27:7d:61:6d:ce:aa:3b:3c:e5:ad:51:84:
af:8a:1c:ad:ec:85:c9:21:8a:2b:57:88:22:21:9f:5a:9b:50:
6d:0a:bd:5f:bf:2b:03:ca:59:97:84:71:b0:76:8e:ab:17:43:
c7:ad:f5:0c:b9:53:46:19:59:81:48:b2:b8:61:a3:93:b0:74:
52:47:e8:86:df:d0:8b:7e:70:77:99:05:2b:2f:f7:ab:42:ed:
fd:d6:7e:69:3b:3e:d4:6f:63:d4:b3:25:2e:98:0d:7c:f4:01:
90:8f:ec:c5:d7:63:a5:23:86:1a:88:fa:d2:6f:f2:60:59:2a:
1d:81:cc:67:a8:4e:b4:14:75:ab:59:40:36:bf:7d:7c:95:3e:
ca:a1:f0:18:75:40:f7:e9:0c:11:18:f4:cb:c4:65:1c:d8:e3:
bb:6b:58:0e:9f:03:e5:34:3c:3a:fa:dc:9b:74:d0:fa:43:1b:
06:eb:27:48:98:81:7a:9d:b7:66:24:29:24:8a:4d:4f:ab:1e:
d6:f7:37:38:e4:36:99:36:45:1c:37:d9:25:5e:05:48:43:4d:
57:11:ca:73:a6:36:b5:c6:60:de:58:d5:b6:44:3e:12:ba:83:
6f:dc:6b:68:ca:05:e7:d3:a1:d8:70:43:60:5a:aa:45:81:6c:
cc:1d:07:64
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAbowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
OTA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY3RkZFMUY1MDU1RDg2
NUQ2QTU2MkRDNzJCRDJENzIzMkM3MDNGRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChA6h635qaPC6aNHA3VXLiFXEtPt2uN8PJQM07uyrF55IcZMPq
JKaKlZ7fDfllMBaZZKS0187W57PuRBp+EGIfBAhg0xtAv4j4LGwMt6I06BT95eWe
SWNKLP1/ypuucvHYmB32ImEbCXKrL+En/FAOoI8RGUgYwVw8Pp5Van7O4MT5gb+3
qgmBTEvmstbFkISP4iffIROTh6y0SpXrB2ZFacTgzr4rNRf3teNWMfoiBJolq5Mw
2mLRpkATGweVOvUAYZWuAgaunqvjXJo4n8EmfzZ6I3fuLw3f1CwNlR5aZI1CHjmR
sJDuuIYeKn/bgTRpiqgb58JwxejIZaqYtKcvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZ//h9QVdhl1qVi3HK9LXIyxwP/wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aX19oOVFWZGhsMXFWaTNI
SzlMWEl5eHdQX3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGKRr/IAiCd9YW3Oqjs85a1RhK+KHK3shckh
iitXiCIhn1qbUG0KvV+/KwPKWZeEcbB2jqsXQ8et9Qy5U0YZWYFIsrhho5OwdFJH
6Ibf0It+cHeZBSsv96tC7f3Wfmk7PtRvY9SzJS6YDXz0AZCP7MXXY6UjhhqI+tJv
8mBZKh2BzGeoTrQUdatZQDa/fXyVPsqh8Bh1QPfpDBEY9MvEZRzY47trWA6fA+U0
PDr63Jt00PpDGwbrJ0iYgXqdt2YkKSSKTU+rHtb3NzjkNpk2RRw32SVeBUhDTVcR
ynOmNrXGYN5Y1bZEPhK6g2/ca2jKBefTodhwQ2BaqkWBbMwdB2Q=
-----END CERTIFICATE-----
Generated at Sun May 18 19:57:18 2025 by rpki-client