Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_Q5DnGt5qygJqufGfGZC4C8wHfk.roa
File: _Q5DnGt5qygJqufGfGZC4C8wHfk.roa (raw, json)
Hash identifier: sPxbH4iKj5l6A1MRQEe6+y8lYQf29Orn4KTHP3EZIZg=
Subject key identifier: FD:0E:43:9C:6B:79:AB:28:09:AA:E7:C6:7C:66:42:E0:2F:30:1D:F9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06D2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Q5DnGt5qygJqufGfGZC4C8wHfk.roa
Signing time: Fri 16 May 2025 04:08:03 +0000
ROA not before: Fri 16 May 2025 04:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1746 (0x6d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 04:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD0E439C6B79AB2809AAE7C67C6642E02F301DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:91:cb:1f:0a:52:e8:58:cb:e6:2c:51:1e:f5:
2b:05:5e:f0:e8:f1:5d:ed:8d:b4:3e:6c:46:16:97:
e6:51:4c:8b:93:ac:04:40:6b:af:aa:da:db:53:b1:
58:a0:c7:2e:37:65:b8:8b:b6:3c:92:8e:45:7c:35:
65:ec:19:34:87:d5:e2:3a:9c:ab:53:41:39:45:d6:
6f:70:97:9c:d7:7a:57:2d:a3:88:62:be:d1:76:33:
a5:5b:f7:60:e3:f5:68:ff:0e:d7:50:1c:92:91:3a:
ae:12:07:cc:27:ce:1a:b9:14:2b:1e:09:79:39:6d:
f9:48:c5:b1:9e:a2:0a:45:2d:29:36:5a:af:ed:d2:
bb:8a:78:b6:97:9c:8b:f9:c3:9d:b3:1e:ff:e2:f7:
c4:48:7f:24:25:2f:30:87:c6:d1:a7:14:85:3a:57:
64:85:bc:38:4c:2e:9d:a0:1f:d2:7d:7e:0f:88:8c:
86:83:13:fb:b1:b5:75:71:47:64:39:c9:5f:e0:83:
13:ea:08:2f:3c:16:f2:51:1a:54:42:00:a9:9e:36:
6b:b8:da:a1:0b:46:6e:98:a5:97:8c:c6:55:fa:15:
dc:65:09:88:48:8c:de:bc:f7:c3:7d:3e:1b:e5:89:
03:60:31:80:42:ab:de:7e:bf:49:93:74:36:a6:2a:
a9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:0E:43:9C:6B:79:AB:28:09:AA:E7:C6:7C:66:42:E0:2F:30:1D:F9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Q5DnGt5qygJqufGfGZC4C8wHfk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:b2:7c:7b:7d:c2:2e:cd:e2:ea:9a:fe:a6:ce:96:d7:be:a0:
9a:d4:c2:b7:76:e5:b9:02:1f:51:31:42:20:49:bd:6c:e1:89:
fa:70:df:a3:d5:bf:97:ea:e7:26:29:38:25:41:bd:2c:99:80:
fa:12:84:86:98:4e:e4:fe:22:82:51:84:60:50:da:17:18:16:
b4:f4:84:eb:ae:c1:a0:f2:35:e3:01:63:1c:4f:fa:18:a8:9b:
0c:58:0e:4e:51:9a:4b:94:23:f2:d2:55:13:63:f4:c7:c7:8f:
a6:c9:fc:79:3b:e2:b1:5d:6f:1d:91:47:fc:a4:1b:94:21:25:
15:c4:e8:ff:c7:25:45:e9:74:af:90:f9:91:53:00:38:8d:d3:
dc:dd:78:10:0e:7a:b7:8c:f1:f1:63:aa:05:b0:b1:2a:e7:bd:
70:48:92:5a:cf:c6:e0:fb:ff:b3:12:8e:e2:7e:c9:64:1f:6b:
09:18:97:d9:56:dc:26:2f:13:24:84:3b:c6:4a:5d:fa:a5:7c:
22:f6:14:6c:d4:2a:0c:6e:9c:2a:3d:6a:d2:5f:44:9f:64:c8:
80:6e:3b:ad:5d:78:00:34:4c:e6:f0:65:5a:97:71:87:50:53:
d2:de:59:09:d6:f5:59:5d:95:94:33:24:8c:3b:f5:00:16:91:
e4:ea:07:45
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
NDA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZEMEU0MzlDNkI3OUFC
MjgwOUFBRTdDNjdDNjY0MkUwMkYzMDFERjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvkcsfClLoWMvmLFEe9SsFXvDo8V3tjbQ+bEYWl+ZRTIuTrARA
a6+q2ttTsVigxy43ZbiLtjySjkV8NWXsGTSH1eI6nKtTQTlF1m9wl5zXelcto4hi
vtF2M6Vb92Dj9Wj/DtdQHJKROq4SB8wnzhq5FCseCXk5bflIxbGeogpFLSk2Wq/t
0ruKeLaXnIv5w52zHv/i98RIfyQlLzCHxtGnFIU6V2SFvDhMLp2gH9J9fg+IjIaD
E/uxtXVxR2Q5yV/ggxPqCC88FvJRGlRCAKmeNmu42qELRm6YpZeMxlX6FdxlCYhI
jN6898N9PhvliQNgMYBCq95+v0mTdDamKqnDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/Q5DnGt5qygJqufGfGZC4C8wHfkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fUTVEbkd0NXF5Z0pxdWZH
ZkdaQzRDOHdIZmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAA6yfHt9wi7N4uqa/qbOlte+oJrUwrd25bkC
H1ExQiBJvWzhifpw36PVv5fq5yYpOCVBvSyZgPoShIaYTuT+IoJRhGBQ2hcYFrT0
hOuuwaDyNeMBYxxP+hiomwxYDk5RmkuUI/LSVRNj9MfHj6bJ/Hk74rFdbx2RR/yk
G5QhJRXE6P/HJUXpdK+Q+ZFTADiN09zdeBAOereM8fFjqgWwsSrnvXBIklrPxuD7
/7MSjuJ+yWQfawkYl9lW3CYvEySEO8ZKXfqlfCL2FGzUKgxunCo9atJfRJ9kyIBu
O61deAA0TObwZVqXcYdQU9LeWQnW9VldlZQzJIw79QAWkeTqB0U=
-----END CERTIFICATE-----
Generated at Sat May 17 20:57:14 2025 by rpki-client