Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/atls94-FYw-weAFdQhKmjepledM.roa
File: atls94-FYw-weAFdQhKmjepledM.roa (raw, json)
Hash identifier: ad16ixwrcfCif07S5Qeyd1vZyz68JWHsjU2eUELRMIM=
Subject key identifier: 6A:D9:6C:F7:8F:85:63:0F:B0:78:01:5D:42:12:A6:8D:EA:65:79:D3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0146
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/atls94-FYw-weAFdQhKmjepledM.roa
Signing time: Thu 08 May 2025 18:37:44 +0000
ROA not before: Thu 08 May 2025 18:37:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326 (0x146)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 18:37:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6AD96CF78F85630FB078015D4212A68DEA6579D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:37:72:ad:16:f9:91:53:95:6d:de:50:1a:77:
5b:96:cc:a8:a0:fb:8d:48:58:e4:bf:5e:c2:d8:c2:
ad:30:cc:4d:1e:cc:ff:0c:0b:2b:9a:89:18:ad:8c:
3f:0f:17:92:41:d4:58:dc:70:90:2b:ee:e1:3b:5a:
3b:8f:21:05:99:80:6d:a1:32:f6:a5:eb:56:85:69:
a1:25:53:19:86:d0:32:c8:ee:6c:0b:26:f9:21:17:
ee:78:cb:46:63:2c:7e:4f:6d:ba:d5:40:b4:6b:d7:
0c:9d:7e:b1:42:a4:21:97:3b:d9:ac:de:89:a1:19:
ef:da:d9:9e:8d:69:d8:17:be:ca:c6:7b:2c:08:6d:
b7:00:49:92:3c:86:3d:d6:3a:f9:75:20:c8:ed:15:
7f:ed:e4:c6:a4:08:e0:a0:ab:c1:6d:cd:a4:29:af:
5f:5b:aa:38:cf:7a:30:52:23:44:e9:a3:29:fd:95:
92:88:8a:53:60:9c:36:6d:92:07:b7:97:56:29:42:
a7:b4:e2:45:d6:20:08:a5:9e:51:00:5b:9e:c8:ec:
e7:f7:9a:c7:01:e6:f3:ac:37:0a:8a:db:7e:dd:dc:
4c:dd:f2:64:46:7b:32:52:ce:64:5d:88:56:6c:92:
00:6e:21:57:1e:58:fd:02:3f:67:2d:db:01:bc:af:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D9:6C:F7:8F:85:63:0F:B0:78:01:5D:42:12:A6:8D:EA:65:79:D3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/atls94-FYw-weAFdQhKmjepledM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:c5:8d:f5:2a:5c:27:95:68:b8:ec:87:97:ac:2d:2c:9c:bf:
57:a4:da:8c:02:95:03:b5:78:41:5e:91:2d:02:12:e1:f2:be:
3b:ad:b4:08:96:ce:74:0a:05:52:2b:e4:54:6b:b9:d5:f5:ca:
98:3d:a4:c6:a4:7f:9f:e8:43:41:d4:7b:9f:90:99:5f:54:d9:
83:03:7e:60:55:e2:03:8c:af:5e:1f:4d:05:d7:36:a2:2a:2e:
37:8e:8c:cf:de:5f:ae:a8:4c:bd:b7:0e:61:55:60:29:43:e5:
ce:f5:06:24:33:58:fe:19:8a:b1:c8:f5:90:6e:f4:e1:1b:64:
3a:49:9f:0a:d5:a0:9d:56:64:8b:98:64:66:a6:77:22:0e:79:
5c:e0:f9:7f:b5:56:be:24:a9:b4:2c:d4:be:cb:f9:61:97:1e:
91:33:73:4f:74:7b:aa:b1:70:a4:94:ea:39:a9:1f:9b:af:7e:
2e:6a:78:6c:a4:c3:5b:33:01:65:e6:19:ac:ed:9c:46:66:96:
ff:c3:9a:0f:d5:eb:a1:fd:87:3b:0a:2e:58:67:e2:d2:46:01:
18:e4:9d:ec:13:25:3e:dd:7e:42:78:24:54:ff:0c:f8:e9:21:
f5:17:fa:56:2a:fa:75:ae:4f:d9:8d:61:90:a0:11:a5:e8:04:
5e:e3:c8:bc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAUYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
ODM3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZBRDk2Q0Y3OEY4NTYz
MEZCMDc4MDE1RDQyMTJBNjhERUE2NTc5RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzN3KtFvmRU5Vt3lAad1uWzKig+41IWOS/XsLYwq0wzE0ezP8M
CyuaiRitjD8PF5JB1FjccJAr7uE7WjuPIQWZgG2hMval61aFaaElUxmG0DLI7mwL
JvkhF+54y0ZjLH5PbbrVQLRr1wydfrFCpCGXO9ms3omhGe/a2Z6NadgXvsrGeywI
bbcASZI8hj3WOvl1IMjtFX/t5MakCOCgq8FtzaQpr19bqjjPejBSI0Tpoyn9lZKI
ilNgnDZtkge3l1YpQqe04kXWIAilnlEAW57I7Of3mscB5vOsNwqK237d3Ezd8mRG
ezJSzmRdiFZskgBuIVceWP0CP2ct2wG8r8VNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUatls94+FYw+weAFdQhKmjepledMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hdGxzOTQtRll3LXdlQUZk
UWhLbWplcGxlZE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAzFjfUqXCeVaLjsh5esLSycv1ek2owClQO1
eEFekS0CEuHyvjuttAiWznQKBVIr5FRrudX1ypg9pMakf5/oQ0HUe5+QmV9U2YMD
fmBV4gOMr14fTQXXNqIqLjeOjM/eX66oTL23DmFVYClD5c71BiQzWP4ZirHI9ZBu
9OEbZDpJnwrVoJ1WZIuYZGamdyIOeVzg+X+1Vr4kqbQs1L7L+WGXHpEzc090e6qx
cKSU6jmpH5uvfi5qeGykw1szAWXmGaztnEZmlv/Dmg/V66H9hzsKLlhn4tJGARjk
newTJT7dfkJ4JFT/DPjpIfUX+lYq+nWuT9mNYZCgEaXoBF7jyLw=
-----END CERTIFICATE-----
Generated at Sun May 18 02:02:44 2025 by rpki-client