Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gLcWvOrGt7gY5Se8xf8HDaH_Tf4.roa
File: gLcWvOrGt7gY5Se8xf8HDaH_Tf4.roa (raw, json)
Hash identifier: xUAS2QrAKbhU98/hS5zQyWxy1x/hplxZ5pcDTTKYzs4=
Subject key identifier: 80:B7:16:BC:EA:C6:B7:B8:18:E5:27:BC:C5:FF:07:0D:A1:FF:4D:FE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 017E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gLcWvOrGt7gY5Se8xf8HDaH_Tf4.roa
Signing time: Fri 09 May 2025 01:37:46 +0000
ROA not before: Fri 09 May 2025 01:37:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 382 (0x17e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 01:37:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=80B716BCEAC6B7B818E527BCC5FF070DA1FF4DFE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8e:9e:1d:7a:34:f2:eb:bf:79:1e:36:0f:f5:
15:70:72:dc:09:71:af:a3:26:8e:41:fc:d3:05:a0:
74:5b:33:83:54:44:3b:c3:56:8e:53:32:e8:74:da:
93:ed:4a:90:ca:0a:dd:d3:04:e1:87:95:81:35:6e:
74:25:11:df:fa:52:71:2f:e3:b0:2f:f4:75:2b:45:
dd:e9:9d:bc:ef:a3:16:e5:cb:02:81:88:32:42:0a:
7e:f5:60:62:7b:54:c5:0d:d5:ab:5c:b8:f0:4a:cd:
0c:b5:b2:b0:d9:72:df:9d:a2:ca:fa:45:2a:11:f0:
c4:3b:d7:f8:ed:82:a0:e7:5f:b3:46:d2:03:59:44:
82:90:f7:dd:8d:90:3e:0a:2e:6f:c9:97:95:a5:b8:
72:2b:20:9a:73:c1:a7:00:88:88:56:eb:66:9f:21:
13:28:af:d2:47:ab:28:2c:a4:3f:00:cd:bf:02:7d:
ad:4c:dd:2b:e2:36:ad:0c:78:c2:00:32:ae:c8:df:
b1:1a:9e:de:35:70:41:4b:9e:db:85:75:26:76:f0:
c4:7a:6b:84:21:9a:4c:b2:52:62:a7:4e:08:cb:ce:
74:54:f4:4c:c8:55:f3:32:47:fa:88:79:b6:c8:f9:
ee:e3:97:50:43:e9:78:d5:63:b6:e4:86:ac:5c:20:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:B7:16:BC:EA:C6:B7:B8:18:E5:27:BC:C5:FF:07:0D:A1:FF:4D:FE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gLcWvOrGt7gY5Se8xf8HDaH_Tf4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:24:f4:c3:29:f2:f6:08:ed:8e:18:d8:3f:d0:c9:8c:13:93:
26:67:7c:49:f1:bf:f7:d0:67:26:e5:b9:a8:f1:74:d8:07:34:
79:1c:4b:e8:30:3b:31:79:b9:df:c4:b6:15:ae:7d:90:bd:2f:
5b:24:05:28:14:9a:bd:27:d9:c7:46:3d:ff:5e:f4:a9:18:c4:
dc:49:24:f4:24:a5:9b:46:7c:86:9b:07:62:f9:12:18:d5:29:
5e:17:1d:59:c8:2f:0c:dc:ae:d4:14:4b:64:01:8c:91:cb:f6:
c3:23:ec:8f:4b:c9:73:2b:54:d3:21:4b:0e:6f:6e:1d:0f:ce:
ce:6e:c5:31:db:05:09:46:dc:2d:db:06:02:93:c1:ac:2e:54:
15:40:a0:c0:45:06:9d:3e:fb:d5:e8:08:5c:ce:df:c5:dd:d0:
53:3f:b2:97:e1:4d:8e:c1:1c:db:66:44:b8:5f:a1:c9:2d:31:
54:0d:1d:da:9a:b1:1d:b6:1b:b4:fd:66:3f:d0:9f:a0:34:c7:
b8:39:e2:fd:3f:32:dd:68:15:20:68:b3:1a:da:e9:44:fc:2e:
a7:fe:8a:c3:e5:26:27:d9:00:19:df:15:9a:09:29:54:f1:d0:
47:29:c7:bc:ed:5b:b7:b0:e7:3b:ee:c3:89:48:b9:bf:17:f7:
15:2a:b5:02
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAX4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
MTM3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgwQjcxNkJDRUFDNkI3
QjgxOEU1MjdCQ0M1RkYwNzBEQTFGRjRERkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCjp4dejTy6795HjYP9RVwctwJca+jJo5B/NMFoHRbM4NURDvD
Vo5TMuh02pPtSpDKCt3TBOGHlYE1bnQlEd/6UnEv47Av9HUrRd3pnbzvoxblywKB
iDJCCn71YGJ7VMUN1atcuPBKzQy1srDZct+dosr6RSoR8MQ71/jtgqDnX7NG0gNZ
RIKQ992NkD4KLm/Jl5WluHIrIJpzwacAiIhW62afIRMor9JHqygspD8Azb8Cfa1M
3SviNq0MeMIAMq7I37Eant41cEFLntuFdSZ28MR6a4QhmkyyUmKnTgjLznRU9EzI
VfMyR/qIebbI+e7jl1BD6XjVY7bkhqxcIO2tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgLcWvOrGt7gY5Se8xf8HDaH/Tf4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9nTGNXdk9yR3Q3Z1k1U2U4
eGY4SERhSF9UZjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAA0k9MMp8vYI7Y4Y2D/QyYwTkyZnfEnxv/fQ
ZybluajxdNgHNHkcS+gwOzF5ud/EthWufZC9L1skBSgUmr0n2cdGPf9e9KkYxNxJ
JPQkpZtGfIabB2L5EhjVKV4XHVnILwzcrtQUS2QBjJHL9sMj7I9LyXMrVNMhSw5v
bh0Pzs5uxTHbBQlG3C3bBgKTwawuVBVAoMBFBp0++9XoCFzO38Xd0FM/spfhTY7B
HNtmRLhfocktMVQNHdqasR22G7T9Zj/Qn6A0x7g54v0/Mt1oFSBosxra6UT8Lqf+
isPlJifZABnfFZoJKVTx0Ecpx7ztW7ew5zvuw4lIub8X9xUqtQI=
-----END CERTIFICATE-----
Generated at Sat May 17 21:13:10 2025 by rpki-client