Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/gjhRDd7poiaQNG3Gt0SJnEix4B4.roa
File: gjhRDd7poiaQNG3Gt0SJnEix4B4.roa (raw, json)
Hash identifier: kON2PDIwF2LxOevIzIrKiYodeG+YecBYJTYmsH7espc=
Subject key identifier: 82:38:51:0D:DE:E9:A2:26:90:34:6D:C6:B7:44:89:9C:48:B1:E0:1E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 052A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gjhRDd7poiaQNG3Gt0SJnEix4B4.roa
Signing time: Tue 13 May 2025 23:08:03 +0000
ROA not before: Tue 13 May 2025 23:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1322 (0x52a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 23:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8238510DDEE9A22690346DC6B744899C48B1E01E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:8a:a7:44:d4:9b:ba:0d:93:2f:05:e0:51:90:
dd:6c:db:6b:36:7d:a9:c3:d3:e9:04:e9:f1:54:57:
8d:d7:da:fe:46:a7:86:12:c4:f7:20:f4:11:16:ca:
1f:71:7a:09:57:bc:0f:5a:45:83:7e:87:fe:17:46:
46:cb:98:df:8e:16:46:1a:df:b4:51:e9:2d:3a:20:
27:54:6e:61:a1:c5:b2:9b:90:d6:03:42:e9:04:2d:
8f:b3:04:6f:98:1e:82:7b:a6:ff:26:25:47:4a:10:
e5:eb:42:ea:dd:19:f5:0a:20:38:63:8b:9a:73:5d:
7b:37:17:ba:5b:7f:cf:b6:c9:98:a9:1d:53:ef:e0:
04:3b:c8:f6:75:73:7e:cd:d8:bc:6c:e3:84:75:ed:
1c:c7:67:c9:c5:84:82:c7:b1:7f:ba:f5:bb:04:fb:
d6:c7:72:14:a1:c3:a5:5d:be:a5:11:5f:0e:9b:28:
60:79:06:55:c7:8a:59:d1:37:08:23:58:47:47:30:
fc:17:b3:bc:52:85:6c:00:33:b7:0c:24:0d:41:c4:
46:c4:bc:4e:39:3d:7a:bd:27:c6:5f:ce:8e:59:6c:
06:0a:35:5a:d1:4a:5d:76:43:a7:da:da:04:6c:88:
f5:c4:11:0c:62:de:58:5a:01:57:75:27:35:63:95:
b4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:38:51:0D:DE:E9:A2:26:90:34:6D:C6:B7:44:89:9C:48:B1:E0:1E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/gjhRDd7poiaQNG3Gt0SJnEix4B4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
22:83:8d:1e:e2:fa:85:91:78:e5:de:ca:2f:e6:0b:ca:cf:d2:
11:98:8b:cb:29:43:6c:43:50:cc:87:57:27:db:6f:00:28:27:
a7:64:c3:74:a1:5f:ab:fd:64:90:b9:ec:fa:78:ae:94:13:ee:
38:13:85:68:07:83:ba:c9:93:0e:ed:a8:60:c0:1f:bc:42:a9:
07:5f:57:07:2b:9c:e4:f0:4a:e8:dd:f9:7b:6b:f4:4b:4c:a0:
9c:2f:c2:8a:4f:33:37:ad:db:11:ae:19:49:3e:75:9f:10:1c:
1a:49:44:84:f0:8d:d5:99:bf:21:dd:64:d2:cb:ff:bd:fe:b5:
07:53:57:35:3c:88:d8:06:14:af:27:f2:36:25:d4:a8:7b:3c:
fd:cb:e0:cb:b8:da:0b:ba:ec:33:1b:47:3e:40:c9:ef:07:f0:
17:87:c4:5a:84:61:3a:49:51:59:90:5a:fa:ae:e7:ca:5f:3f:
8b:1f:f5:06:64:de:74:93:00:55:03:3a:db:7e:cd:82:25:44:
81:f2:3e:e3:f1:a0:ad:42:96:ff:b8:79:b7:47:fd:7f:00:ed:
9a:9f:37:c2:8f:67:71:4f:64:6c:ad:12:22:ad:d1:f4:b5:3f:
3f:35:e2:4a:39:91:60:86:74:21:da:0c:f9:ec:25:93:86:da:
15:2a:21:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBSowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MzA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDgyMzg1MTBEREVFOUEy
MjY5MDM0NkRDNkI3NDQ4OTlDNDhCMUUwMUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtiqdE1Ju6DZMvBeBRkN1s22s2fanD0+kE6fFUV43X2v5Gp4YS
xPcg9BEWyh9xeglXvA9aRYN+h/4XRkbLmN+OFkYa37RR6S06ICdUbmGhxbKbkNYD
QukELY+zBG+YHoJ7pv8mJUdKEOXrQurdGfUKIDhji5pzXXs3F7pbf8+2yZipHVPv
4AQ7yPZ1c37N2Lxs44R17RzHZ8nFhILHsX+69bsE+9bHchShw6VdvqURXw6bKGB5
BlXHilnRNwgjWEdHMPwXs7xShWwAM7cMJA1BxEbEvE45PXq9J8Zfzo5ZbAYKNVrR
Sl12Q6fa2gRsiPXEEQxi3lhaAVd1JzVjlbSFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUgjhRDd7poiaQNG3Gt0SJnEix4B4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9namhSRGQ3cG9pYVFORzNH
dDBTSm5FaXg0QjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACKDjR7i+oWReOXeyi/mC8rP0hGYi8spQ2xD
UMyHVyfbbwAoJ6dkw3ShX6v9ZJC57Pp4rpQT7jgThWgHg7rJkw7tqGDAH7xCqQdf
VwcrnOTwSujd+Xtr9EtMoJwvwopPMzet2xGuGUk+dZ8QHBpJRITwjdWZvyHdZNLL
/73+tQdTVzU8iNgGFK8n8jYl1Kh7PP3L4Mu42gu67DMbRz5Aye8H8BeHxFqEYTpJ
UVmQWvqu58pfP4sf9QZk3nSTAFUDOtt+zYIlRIHyPuPxoK1Clv+4ebdH/X8A7Zqf
N8KPZ3FPZGytEiKt0fS1Pz814ko5kWCGdCHaDPnsJZOG2hUqIZI=
-----END CERTIFICATE-----
Generated at Sun May 18 20:01:01 2025 by rpki-client