Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fpfQm9XIESKCR1l3BUy8hCI24Bw.roa
File: fpfQm9XIESKCR1l3BUy8hCI24Bw.roa (raw, json)
Hash identifier: WcirpXaw+UGrocERg8eq7C1WewTI5/4hcq0Ci50699g=
Subject key identifier: 7E:97:D0:9B:D5:C8:11:22:82:47:59:77:05:4C:BC:84:22:36:E0:1C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04DA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fpfQm9XIESKCR1l3BUy8hCI24Bw.roa
Signing time: Tue 13 May 2025 13:08:02 +0000
ROA not before: Tue 13 May 2025 13:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1242 (0x4da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 13:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7E97D09BD5C8112282475977054CBC842236E01C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:43:60:58:d4:91:a1:cf:3f:64:a8:ee:96:0c:
6b:76:c2:42:26:69:82:d5:f3:02:0c:65:e8:fc:2e:
a3:90:c7:6a:5e:94:b2:52:61:c2:df:a8:95:4f:d0:
74:00:67:2f:8f:08:9b:1e:04:f8:14:c9:96:fe:3c:
2d:d0:d8:87:f1:e5:9f:e7:2c:82:a9:30:3d:72:7a:
c9:de:fe:da:03:4b:54:27:ea:f9:98:56:dc:c9:7c:
49:a7:59:c5:60:e2:6d:54:59:8e:23:75:4f:a2:8b:
f8:bd:86:42:67:4b:48:36:1c:a2:ff:61:e4:ef:d6:
ec:e4:e6:09:d2:0c:47:84:26:eb:0a:61:ac:a5:0c:
e8:75:af:46:f7:fb:af:99:6e:76:4e:8f:e7:81:07:
a1:d2:68:28:ef:cf:61:b8:f9:96:98:d0:88:d0:2f:
e8:df:d0:67:21:15:7c:f6:c4:ae:8c:5c:08:ca:60:
2c:33:a4:24:25:4a:69:64:fa:23:ba:97:0b:20:27:
ae:83:67:ca:cf:cb:b9:0e:1f:a5:03:18:99:c1:c3:
1b:04:e7:7e:67:5c:8e:ae:a7:0c:be:73:da:4f:bf:
7c:12:5c:15:b2:77:88:13:5e:a7:3f:a5:1f:51:b3:
40:a4:eb:db:ab:2c:8a:16:c3:fa:a4:34:b3:40:87:
74:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:97:D0:9B:D5:C8:11:22:82:47:59:77:05:4C:BC:84:22:36:E0:1C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fpfQm9XIESKCR1l3BUy8hCI24Bw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:6b:60:ef:c3:27:ed:95:7c:a6:c4:4f:12:83:76:cb:41:03:
50:a8:53:0e:34:27:2f:fd:c3:ce:39:89:5d:ed:93:6f:51:e4:
70:0c:da:03:97:6b:db:9d:7c:40:0b:8c:a5:1c:81:d3:21:bb:
94:f4:83:c9:8d:ba:df:ac:7c:55:65:c3:06:b7:42:a8:36:05:
ec:47:00:65:82:c9:5c:ef:9d:1a:82:52:76:31:02:28:8a:d6:
e4:a4:06:97:97:48:d5:b2:e0:0f:b2:59:d9:b2:d9:59:4a:3b:
5d:cf:75:ce:d8:63:7e:37:31:8b:fb:99:93:91:04:51:17:79:
1e:c6:8f:8f:7f:a0:84:49:d1:05:77:20:9e:53:7e:0c:02:7c:
92:5b:07:25:26:83:b9:80:c2:a4:2d:ec:98:2a:85:2f:22:53:
a3:92:4a:3a:08:f4:92:89:07:af:d1:ef:e2:0c:c6:5c:ef:e6:
b7:45:b4:b2:c5:be:85:70:e7:3d:39:ef:56:2d:f9:73:33:00:
ff:49:9f:7e:1f:8b:5a:1f:bf:b3:34:1f:b9:1c:9f:77:05:83:
e1:3a:07:0a:9a:70:aa:41:5d:23:26:33:b0:0f:9a:9e:bb:4a:
aa:08:f5:a6:5e:d3:81:3f:4e:8e:80:93:d0:2c:b9:d4:5a:b9:
23:f5:a4:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBNowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
MzA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdFOTdEMDlCRDVDODEx
MjI4MjQ3NTk3NzA1NENCQzg0MjIzNkUwMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOQ2BY1JGhzz9kqO6WDGt2wkImaYLV8wIMZej8LqOQx2pelLJS
YcLfqJVP0HQAZy+PCJseBPgUyZb+PC3Q2Ifx5Z/nLIKpMD1yesne/toDS1Qn6vmY
VtzJfEmnWcVg4m1UWY4jdU+ii/i9hkJnS0g2HKL/YeTv1uzk5gnSDEeEJusKYayl
DOh1r0b3+6+ZbnZOj+eBB6HSaCjvz2G4+ZaY0IjQL+jf0GchFXz2xK6MXAjKYCwz
pCQlSmlk+iO6lwsgJ66DZ8rPy7kOH6UDGJnBwxsE535nXI6upwy+c9pPv3wSXBWy
d4gTXqc/pR9Rs0Ck69urLIoWw/qkNLNAh3T7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfpfQm9XIESKCR1l3BUy8hCI24BwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mcGZRbTlYSUVTS0NSMWwz
QlV5OGhDSTI0Qncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF5rYO/DJ+2VfKbETxKDdstBA1CoUw40Jy/9
w845iV3tk29R5HAM2gOXa9udfEALjKUcgdMhu5T0g8mNut+sfFVlwwa3Qqg2BexH
AGWCyVzvnRqCUnYxAiiK1uSkBpeXSNWy4A+yWdmy2VlKO13Pdc7YY343MYv7mZOR
BFEXeR7Gj49/oIRJ0QV3IJ5TfgwCfJJbByUmg7mAwqQt7JgqhS8iU6OSSjoI9JKJ
B6/R7+IMxlzv5rdFtLLFvoVw5z0571Yt+XMzAP9Jn34fi1ofv7M0H7kcn3cFg+E6
BwqacKpBXSMmM7APmp67SqoI9aZe04E/To6Ak9AsudRauSP1pKE=
-----END CERTIFICATE-----
Generated at Sat May 17 19:53:47 2025 by rpki-client