Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_t4cEfy__f4NeyekEZG442XC1vY.roa
File: _t4cEfy__f4NeyekEZG442XC1vY.roa (raw, json)
Hash identifier: pWQ/15bEDSz1/j7j19BnayoN8j14IpBkp1LVd57WC2Y=
Subject key identifier: FE:DE:1C:11:FC:BF:FD:FE:0D:7B:27:A4:11:91:B8:E3:65:C2:D6:F6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 075E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_t4cEfy__f4NeyekEZG442XC1vY.roa
Signing time: Fri 16 May 2025 21:38:07 +0000
ROA not before: Fri 16 May 2025 21:38:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1886 (0x75e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 21:38:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FEDE1C11FCBFFDFE0D7B27A41191B8E365C2D6F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e4:ea:ba:80:dc:b2:f8:23:7e:b1:5f:51:4a:
18:26:01:ce:5e:51:cf:1e:f6:47:77:f5:61:ff:d7:
1c:97:58:66:39:03:3d:33:e3:fa:66:0f:98:95:92:
84:c0:c5:f2:59:e5:dd:0d:83:bc:f7:5d:b8:82:f7:
54:90:cd:e7:9f:59:34:c3:77:2f:20:59:40:0b:1c:
06:42:5f:1c:1b:75:12:02:67:d8:d1:2e:eb:d7:01:
48:1f:cf:2c:34:c9:30:da:a8:e6:cb:e7:ea:45:6f:
f4:01:09:e1:9e:87:de:50:dc:a2:9a:05:60:77:8c:
23:db:ac:cb:c0:f8:3d:4d:b6:1c:49:ee:1f:6b:7f:
5a:0e:68:be:41:78:77:57:9b:d8:67:32:24:1a:45:
5b:aa:90:0a:1c:36:43:8e:67:c1:f3:78:fb:5e:b5:
45:e3:d9:27:0f:73:0e:3e:91:be:e7:51:b0:e9:5b:
8d:a3:a0:20:07:04:6a:7f:68:29:98:57:06:39:a2:
eb:af:d8:5e:b3:99:74:5d:71:4c:bf:9e:13:6d:7f:
98:fb:a7:ad:ff:e5:a6:b3:4b:f4:c9:87:45:03:ab:
06:4a:07:f9:1c:94:94:37:99:aa:4a:43:89:7d:0e:
cf:be:86:ea:19:e7:22:c6:e9:9f:47:d6:2a:56:17:
96:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DE:1C:11:FC:BF:FD:FE:0D:7B:27:A4:11:91:B8:E3:65:C2:D6:F6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_t4cEfy__f4NeyekEZG442XC1vY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:51:8d:68:82:86:aa:7a:4a:cf:92:2e:29:ad:32:89:73:53:
d6:0c:a1:e4:e5:ed:cd:49:3b:85:62:19:3e:aa:f3:6f:2f:28:
d3:bb:41:f4:c5:c4:ee:e6:39:a7:c0:bd:12:b3:20:14:d9:16:
f9:28:61:ae:60:57:c7:ae:72:4b:ed:a8:c1:56:7f:fe:c3:5d:
2b:75:2a:b2:cc:1d:aa:50:e8:b3:b3:a7:4b:f8:93:3f:7c:87:
1c:c8:33:d7:82:0f:a0:74:f0:3e:34:3d:f5:68:6a:ed:89:e4:
33:81:39:89:2b:51:7e:34:83:5c:dc:03:b6:d5:6c:3f:33:9e:
0f:27:ba:ff:e7:08:d0:39:a3:76:37:89:e4:54:25:1f:c5:06:
13:e6:32:50:14:99:aa:15:44:41:c4:67:a2:14:78:42:76:35:
ae:81:c9:db:d1:9c:21:63:28:58:69:78:75:d0:f9:11:5f:af:
c0:93:b4:37:14:71:9a:08:e2:cf:56:b3:bc:c3:fc:91:69:2b:
58:14:cd:cf:55:d5:7f:45:02:8c:7c:8f:f7:08:c4:7d:64:a1:
41:1d:8b:1b:85:9d:76:16:eb:53:39:be:1b:00:24:23:0b:a2:
ce:7d:ca:8e:93:a6:67:10:03:42:42:a7:bd:e5:bf:43:7d:67:
0d:c6:fe:63
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB14wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYy
MTM4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZFREUxQzExRkNCRkZE
RkUwRDdCMjdBNDExOTFCOEUzNjVDMkQ2RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG5Oq6gNyy+CN+sV9RShgmAc5eUc8e9kd39WH/1xyXWGY5Az0z
4/pmD5iVkoTAxfJZ5d0Ng7z3XbiC91SQzeefWTTDdy8gWUALHAZCXxwbdRICZ9jR
LuvXAUgfzyw0yTDaqObL5+pFb/QBCeGeh95Q3KKaBWB3jCPbrMvA+D1NthxJ7h9r
f1oOaL5BeHdXm9hnMiQaRVuqkAocNkOOZ8HzePtetUXj2ScPcw4+kb7nUbDpW42j
oCAHBGp/aCmYVwY5ouuv2F6zmXRdcUy/nhNtf5j7p63/5aazS/TJh0UDqwZKB/kc
lJQ3mapKQ4l9Ds++huoZ5yLG6Z9H1ipWF5a9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/t4cEfy//f4NeyekEZG442XC1vYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fdDRjRWZ5X19mNE5leWVr
RVpHNDQyWEMxdlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAABRjWiChqp6Ss+SLimtMolzU9YMoeTl7c1J
O4ViGT6q828vKNO7QfTFxO7mOafAvRKzIBTZFvkoYa5gV8euckvtqMFWf/7DXSt1
KrLMHapQ6LOzp0v4kz98hxzIM9eCD6B08D40PfVoau2J5DOBOYkrUX40g1zcA7bV
bD8zng8nuv/nCNA5o3Y3ieRUJR/FBhPmMlAUmaoVREHEZ6IUeEJ2Na6BydvRnCFj
KFhpeHXQ+RFfr8CTtDcUcZoI4s9Ws7zD/JFpK1gUzc9V1X9FAox8j/cIxH1koUEd
ixuFnXYW61M5vhsAJCMLos59yo6TpmcQA0JCp73lv0N9Zw3G/mM=
-----END CERTIFICATE-----
Generated at Sat May 17 23:44:16 2025 by rpki-client