Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/g-HCvPdgyFE3y0J8Z90-SqdCF34.roa
File: g-HCvPdgyFE3y0J8Z90-SqdCF34.roa (raw, json)
Hash identifier: ec/tp9hvTcaxVWb+JOHbb21mBVDFMjQiz45YVsIzhVo=
Subject key identifier: 83:E1:C2:BC:F7:60:C8:51:37:CB:42:7C:67:DD:3E:4A:A7:42:17:7E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0166
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g-HCvPdgyFE3y0J8Z90-SqdCF34.roa
Signing time: Thu 08 May 2025 22:37:45 +0000
ROA not before: Thu 08 May 2025 22:37:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 358 (0x166)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 22:37:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=83E1C2BCF760C85137CB427C67DD3E4AA742177E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:d1:5d:13:26:7c:d6:18:e8:a7:60:7d:7c:
b1:82:b9:4b:f6:b5:73:b5:a2:48:f7:e0:31:6e:51:
1e:2e:fc:47:99:50:31:ad:84:ef:ca:66:a2:01:6c:
d6:37:13:39:d6:38:27:5d:23:0f:4a:e5:c9:cc:78:
02:a1:ad:12:8d:65:80:3d:66:bd:40:fa:90:d8:0d:
b9:81:7e:46:a8:67:70:e1:60:47:5a:1d:87:8d:3c:
c6:8b:72:ef:39:60:4b:e7:93:46:3b:f4:c7:ef:3d:
e1:20:46:f4:f9:52:c8:80:e8:7f:ff:38:e4:67:ff:
36:bc:b9:98:92:f3:af:ac:c9:f3:10:bb:4e:74:bc:
68:12:29:38:8c:7d:c7:e0:93:b7:37:8c:22:7c:cf:
80:82:7e:93:51:e3:31:4a:da:a3:39:67:0e:d8:e6:
d4:5e:24:37:88:c7:ed:e4:96:d8:2d:cd:c3:11:6a:
bb:02:29:72:99:64:dd:4a:c0:6f:0d:ac:a7:12:0f:
08:8c:8f:1d:ed:6a:38:fc:98:69:97:65:33:03:a2:
d7:59:48:ef:02:d5:df:a6:12:f9:80:de:fc:5f:cf:
ec:ba:55:29:ec:24:39:2f:87:09:a7:a0:02:01:5b:
7f:b0:fb:e5:30:9c:71:cb:72:73:46:2d:a4:eb:e4:
08:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:E1:C2:BC:F7:60:C8:51:37:CB:42:7C:67:DD:3E:4A:A7:42:17:7E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/g-HCvPdgyFE3y0J8Z90-SqdCF34.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:ec:a3:43:a1:b2:f3:4c:a0:e7:38:dd:a1:7e:06:4e:2a:45:
65:35:6a:db:fe:df:8c:bd:5a:a5:bf:ba:88:cb:42:c4:47:05:
5d:ea:ac:40:83:d7:70:03:95:aa:6d:b0:82:32:e7:ba:b1:28:
28:d9:de:1f:47:24:60:b9:c6:b3:f3:15:76:5a:3f:e9:79:cb:
08:3d:8c:43:af:d7:f5:c7:7d:d5:96:7c:6f:fb:e2:79:b8:50:
b3:92:51:93:b9:40:90:fd:1b:fb:b8:f1:84:7e:7f:4c:b3:a6:
f7:33:25:4f:6b:88:2f:f3:f0:f9:75:a5:17:85:54:7d:6e:17:
36:ef:31:f9:4d:22:88:64:e5:5a:c6:d1:32:86:ff:b5:cc:77:
18:eb:08:5c:ef:97:c2:7a:6b:59:ab:0a:54:b7:39:ed:8e:27:
87:b3:76:a6:da:ea:d7:80:83:f9:fc:ff:77:e1:38:8f:6e:8c:
ae:c2:9d:c6:d7:29:77:40:f5:fc:bb:8d:07:6e:73:fd:ea:a3:
ab:8f:af:0a:bc:7b:ae:e1:10:aa:94:97:67:3c:99:01:28:9f:
a0:c2:d2:e6:6c:ce:48:ef:b6:a4:20:ce:f1:f5:7a:73:32:ca:
19:5b:c9:43:49:a8:ae:99:e7:59:67:a3:f3:5d:af:a6:80:86:
6b:98:95:01
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAWYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgy
MjM3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgzRTFDMkJDRjc2MEM4
NTEzN0NCNDI3QzY3REQzRTRBQTc0MjE3N0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9lNFdEyZ81hjop2B9fLGCuUv2tXO1okj34DFuUR4u/EeZUDGt
hO/KZqIBbNY3EznWOCddIw9K5cnMeAKhrRKNZYA9Zr1A+pDYDbmBfkaoZ3DhYEda
HYeNPMaLcu85YEvnk0Y79MfvPeEgRvT5UsiA6H//OORn/za8uZiS86+syfMQu050
vGgSKTiMfcfgk7c3jCJ8z4CCfpNR4zFK2qM5Zw7Y5tReJDeIx+3kltgtzcMRarsC
KXKZZN1KwG8NrKcSDwiMjx3tajj8mGmXZTMDotdZSO8C1d+mEvmA3vxfz+y6VSns
JDkvhwmnoAIBW3+w++UwnHHLcnNGLaTr5Ai7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUg+HCvPdgyFE3y0J8Z90+SqdCF34wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nLUhDdlBkZ3lGRTN5MEo4
WjkwLVNxZENGMzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFXso0OhsvNMoOc43aF+Bk4qRWU1atv+34y9
WqW/uojLQsRHBV3qrECD13ADlaptsIIy57qxKCjZ3h9HJGC5xrPzFXZaP+l5ywg9
jEOv1/XHfdWWfG/74nm4ULOSUZO5QJD9G/u48YR+f0yzpvczJU9riC/z8Pl1pReF
VH1uFzbvMflNIohk5VrG0TKG/7XMdxjrCFzvl8J6a1mrClS3Oe2OJ4ezdqba6teA
g/n8/3fhOI9ujK7CncbXKXdA9fy7jQduc/3qo6uPrwq8e67hEKqUl2c8mQEon6DC
0uZszkjvtqQgzvH1enMyyhlbyUNJqK6Z51lno/Ndr6aAhmuYlQE=
-----END CERTIFICATE-----
Generated at Sun May 18 23:18:16 2025 by rpki-client