Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/h0hUqGwBHnFT0jq1i9znUKYRMEM.roa
File: h0hUqGwBHnFT0jq1i9znUKYRMEM.roa (raw, json)
Hash identifier: hYqWdgP47SfPI+5ExL9av3FatfNUdl+xTOHZobkscIU=
Subject key identifier: 87:48:54:A8:6C:01:1E:71:53:D2:3A:B5:8B:DC:E7:50:A6:11:30:43
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 073A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/h0hUqGwBHnFT0jq1i9znUKYRMEM.roa
Signing time: Fri 16 May 2025 17:08:47 +0000
ROA not before: Fri 16 May 2025 17:08:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1850 (0x73a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 17:08:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=874854A86C011E7153D23AB58BDCE750A6113043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2c:00:a0:3e:e7:5a:42:49:40:a7:d1:be:14:
49:a8:d4:57:4e:cb:f0:d1:c1:4d:f8:fa:f7:76:db:
fd:5a:b9:0a:94:77:53:88:56:3c:7e:dc:c5:b2:55:
47:d4:40:d0:af:47:89:c7:67:58:fb:58:3d:d8:53:
35:6f:67:05:06:f2:ea:50:6c:8c:2e:7b:55:ca:a9:
38:51:2a:f8:74:37:12:0c:97:da:49:30:fa:82:98:
74:97:f9:95:cc:ff:6f:3f:e9:9e:48:54:cd:8c:f7:
8e:7d:67:59:16:51:fd:ce:ae:6e:0d:83:1c:4d:da:
93:79:86:46:52:2f:71:f4:6a:d9:0f:17:9d:3d:b8:
bc:1b:6a:1b:41:31:c3:2d:93:da:e9:83:fc:92:c0:
8e:95:03:1b:3b:32:ea:80:5c:1a:34:da:cc:48:91:
0d:10:63:76:66:16:55:96:c4:30:19:92:9c:cb:20:
8c:29:3a:0a:ec:db:52:2b:bf:1b:36:2a:b7:85:5c:
dc:1b:07:2b:e6:9e:77:f1:24:21:9d:c9:19:d6:4e:
af:ae:71:22:4c:d1:ff:3a:36:f2:7a:28:f3:5e:e3:
1a:5a:58:08:5b:9e:5e:d7:c1:77:32:a9:1a:25:b6:
53:50:c2:fd:16:be:90:e5:9d:ac:f5:1a:7a:72:cd:
9b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:48:54:A8:6C:01:1E:71:53:D2:3A:B5:8B:DC:E7:50:A6:11:30:43
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/h0hUqGwBHnFT0jq1i9znUKYRMEM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:92:92:fe:ad:0d:81:6a:14:93:0a:fa:00:e8:41:af:73:d7:
e0:3d:bc:55:af:67:69:64:52:e0:f8:54:2d:55:e0:84:b8:82:
18:3e:bf:ad:fa:24:c3:15:19:99:48:56:72:0c:36:af:ea:c1:
de:af:58:d2:0f:00:b2:c6:e6:a3:d4:e4:40:f6:d9:46:e9:ac:
56:36:a8:41:04:03:91:b9:c1:3f:18:6a:92:0d:ea:87:25:86:
d3:9f:da:f2:9e:d0:00:0d:64:38:48:14:fc:4f:bf:e2:b0:e6:
89:f8:70:1d:a5:95:3e:bf:44:78:67:2a:61:79:74:9e:ee:26:
19:9b:13:f1:4a:1b:76:d0:63:c5:8b:c9:d7:5d:19:17:c2:09:
fd:69:fa:77:65:23:69:fc:05:2c:f4:17:0c:49:a1:d0:9f:ee:
44:37:0b:eb:b9:b1:79:88:66:65:f6:e4:81:df:bf:77:c0:de:
a5:be:62:8b:b6:3e:2e:0d:7e:91:c4:88:7b:df:f5:91:1d:2e:
6b:b9:ea:27:b7:dd:1f:87:0a:87:51:57:13:f6:6c:41:b2:0b:
ee:44:59:33:10:8b:4b:4e:68:f5:ac:7e:c1:8c:ec:4c:b5:cc:
eb:b5:6f:d9:f2:f9:c1:64:05:39:b6:9a:67:e1:88:13:c9:03:
78:2a:36:3b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBzowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
NzA4NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg3NDg1NEE4NkMwMTFF
NzE1M0QyM0FCNThCRENFNzUwQTYxMTMwNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbLACgPudaQklAp9G+FEmo1FdOy/DRwU34+vd22/1auQqUd1OI
Vjx+3MWyVUfUQNCvR4nHZ1j7WD3YUzVvZwUG8upQbIwue1XKqThRKvh0NxIMl9pJ
MPqCmHSX+ZXM/28/6Z5IVM2M9459Z1kWUf3Orm4NgxxN2pN5hkZSL3H0atkPF509
uLwbahtBMcMtk9rpg/ySwI6VAxs7MuqAXBo02sxIkQ0QY3ZmFlWWxDAZkpzLIIwp
Ogrs21Irvxs2KreFXNwbByvmnnfxJCGdyRnWTq+ucSJM0f86NvJ6KPNe4xpaWAhb
nl7XwXcyqRoltlNQwv0WvpDlnaz1GnpyzZtdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUh0hUqGwBHnFT0jq1i9znUKYRMEMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oMGhVcUd3QkhuRlQwanEx
aTl6blVLWVJNRU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAH2Skv6tDYFqFJMK+gDoQa9z1+A9vFWvZ2lk
UuD4VC1V4IS4ghg+v636JMMVGZlIVnIMNq/qwd6vWNIPALLG5qPU5ED22UbprFY2
qEEEA5G5wT8YapIN6oclhtOf2vKe0AANZDhIFPxPv+Kw5on4cB2llT6/RHhnKmF5
dJ7uJhmbE/FKG3bQY8WLydddGRfCCf1p+ndlI2n8BSz0FwxJodCf7kQ3C+u5sXmI
ZmX25IHfv3fA3qW+You2Pi4NfpHEiHvf9ZEdLmu56ie33R+HCodRVxP2bEGyC+5E
WTMQi0tOaPWsfsGM7Ey1zOu1b9ny+cFkBTm2mmfhiBPJA3gqNjs=
-----END CERTIFICATE-----
Generated at Sun May 18 20:26:16 2025 by rpki-client