Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fkPwEc2VU9u9syb5IxdZGoQzhRU.roa
File: fkPwEc2VU9u9syb5IxdZGoQzhRU.roa (raw, json)
Hash identifier: 71dcOLOnYW/Tz4PYAIuvrekNuVcmAD16GTyD/Y3sgYc=
Subject key identifier: 7E:43:F0:11:CD:95:53:DB:BD:B3:26:F9:23:17:59:1A:84:33:85:15
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01CA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fkPwEc2VU9u9syb5IxdZGoQzhRU.roa
Signing time: Fri 09 May 2025 11:07:46 +0000
ROA not before: Fri 09 May 2025 11:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 458 (0x1ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 11:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7E43F011CD9553DBBDB326F92317591A84338515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:00:e3:80:f1:91:17:1d:9e:8e:c3:3b:36:12:
40:b3:e0:c0:8a:06:ae:9f:aa:4b:b4:9c:02:da:c8:
e9:5b:2d:33:2d:c9:f6:2e:d8:9a:1e:63:04:9c:c8:
2a:5e:89:aa:33:df:fc:54:89:13:f2:a1:d1:fa:bc:
56:0c:ef:6d:57:b6:42:18:51:57:bd:99:f1:6c:2a:
01:95:cb:d9:05:ee:a1:9d:03:f8:8d:55:96:37:0d:
8f:70:9e:d0:37:a2:cc:2a:d7:74:a5:2c:1d:3d:c6:
8c:e3:64:32:03:aa:a2:bb:ec:67:6c:d8:2e:16:22:
3c:70:ca:d8:71:99:a3:59:b0:a3:97:26:79:57:99:
bf:88:81:97:0e:fa:ca:76:bc:6a:89:17:49:3c:92:
b6:85:7e:9d:17:ab:b5:35:06:65:ec:54:83:3f:4e:
c2:04:cc:5e:dd:12:1d:5d:0d:e3:b2:be:49:34:82:
e9:ba:33:9a:38:5c:7f:c6:42:1c:cd:b2:67:d7:45:
9d:e3:77:66:d3:3b:07:35:d8:2b:31:72:34:bc:8c:
5d:19:17:be:c9:21:ae:0b:a6:61:eb:00:d7:a9:97:
ba:7a:cb:fe:52:ed:14:f4:15:90:e3:73:35:c0:22:
9a:50:d1:09:a0:56:ef:10:d3:89:7d:86:60:03:83:
45:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:43:F0:11:CD:95:53:DB:BD:B3:26:F9:23:17:59:1A:84:33:85:15
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fkPwEc2VU9u9syb5IxdZGoQzhRU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:18:b5:ec:32:78:b8:ea:0f:fa:be:a8:54:bc:6e:97:7b:5e:
d5:7f:04:f4:ec:0e:92:b9:62:42:c2:1f:c0:d7:85:ac:a2:57:
03:08:18:03:55:93:77:7b:3f:a6:3b:51:19:89:78:2e:39:c7:
17:21:c7:10:04:b6:60:5b:c6:49:74:e8:d0:75:7b:61:d4:51:
8b:82:3d:e9:bb:ce:eb:ac:3f:f7:7a:47:e3:a5:b2:db:c5:6b:
f1:5a:ec:92:2f:87:cc:d9:c9:05:cd:0a:d1:e0:dd:f3:39:4c:
8a:56:c7:7c:1b:0d:7d:58:ae:2b:dd:f1:b1:16:d8:ea:6c:1a:
56:40:b8:29:b2:b8:34:36:cc:99:a0:d3:72:3a:42:e9:20:bb:
c2:86:06:8a:68:74:e4:f1:ae:a1:60:bc:b1:ee:5a:c5:47:b5:
84:38:3d:aa:4d:40:79:5c:cc:95:97:1a:a0:81:cc:99:3d:5d:
b2:d2:2c:88:09:78:3b:97:07:71:3e:65:72:8c:da:21:4d:fb:
be:97:9a:eb:53:82:4a:73:b0:b3:11:4e:af:24:24:3f:26:1b:
81:cf:db:e5:7c:d9:a3:7d:ee:0a:76:25:78:8e:8d:a7:74:6b:
4e:0d:8f:d7:62:60:f5:b2:d9:55:4a:d3:59:cc:36:ed:44:75:
7b:34:97:ac
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
MTA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdFNDNGMDExQ0Q5NTUz
REJCREIzMjZGOTIzMTc1OTFBODQzMzg1MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDAOOA8ZEXHZ6Owzs2EkCz4MCKBq6fqku0nALayOlbLTMtyfYu
2JoeYwScyCpeiaoz3/xUiRPyodH6vFYM721XtkIYUVe9mfFsKgGVy9kF7qGdA/iN
VZY3DY9wntA3oswq13SlLB09xozjZDIDqqK77Gds2C4WIjxwythxmaNZsKOXJnlX
mb+IgZcO+sp2vGqJF0k8kraFfp0Xq7U1BmXsVIM/TsIEzF7dEh1dDeOyvkk0gum6
M5o4XH/GQhzNsmfXRZ3jd2bTOwc12CsxcjS8jF0ZF77JIa4LpmHrANepl7p6y/5S
7RT0FZDjczXAIppQ0QmgVu8Q04l9hmADg0XbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfkPwEc2VU9u9syb5IxdZGoQzhRUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ma1B3RWMyVlU5dTlzeWI1
SXhkWkdvUXpoUlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKwYtewyeLjqD/q+qFS8bpd7XtV/BPTsDpK5
YkLCH8DXhayiVwMIGANVk3d7P6Y7URmJeC45xxchxxAEtmBbxkl06NB1e2HUUYuC
Pem7zuusP/d6R+OlstvFa/Fa7JIvh8zZyQXNCtHg3fM5TIpWx3wbDX1Yrivd8bEW
2OpsGlZAuCmyuDQ2zJmg03I6Qukgu8KGBopodOTxrqFgvLHuWsVHtYQ4PapNQHlc
zJWXGqCBzJk9XbLSLIgJeDuXB3E+ZXKM2iFN+76XmutTgkpzsLMRTq8kJD8mG4HP
2+V82aN97gp2JXiOjad0a04Nj9diYPWy2VVK01nMNu1EdXs0l6w=
-----END CERTIFICATE-----
Generated at Sat May 17 21:46:55 2025 by rpki-client