Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hNzB4Ih81K4H9VtkVCJXVk0ZYYA.roa
File: hNzB4Ih81K4H9VtkVCJXVk0ZYYA.roa (raw, json)
Hash identifier: BZXhOhmOwJokQoV04PIlEr3f+S0P175K6OvbkZOHesw=
Subject key identifier: 84:DC:C1:E0:88:7C:D4:AE:07:F5:5B:64:54:22:57:56:4D:19:61:80
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: D6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hNzB4Ih81K4H9VtkVCJXVk0ZYYA.roa
Signing time: Thu 08 May 2025 04:37:42 +0000
ROA not before: Thu 08 May 2025 04:37:42 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214 (0xd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 04:37:42 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=84DCC1E0887CD4AE07F55B64542257564D196180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e5:97:21:32:20:99:7d:c5:9b:1a:1d:17:31:
fa:f9:22:73:eb:6c:75:82:a4:9d:96:17:7a:23:ac:
c8:78:1f:f3:1b:a8:05:3a:37:1a:e1:29:88:38:78:
04:61:56:61:c0:2f:17:5c:26:09:c4:93:b1:05:ed:
c6:b8:54:84:6c:79:83:df:bd:31:49:d9:9d:94:5d:
bd:12:e5:cd:69:05:b9:9c:49:78:35:c9:f3:2c:5f:
64:a4:cf:ad:65:4e:d2:ae:c1:68:0d:64:c6:10:f4:
1b:ca:17:eb:b2:e6:df:c3:02:91:f3:76:42:ad:99:
4f:c3:51:2b:21:f2:90:0c:40:28:eb:b3:a0:13:af:
bb:db:50:20:23:87:a5:39:73:87:51:14:e4:82:95:
90:f6:04:ca:7b:19:22:60:db:23:d6:e9:4b:d7:53:
3c:10:cd:d9:b4:c5:0d:72:58:f4:b1:4c:fa:73:25:
cb:26:8d:7d:35:78:2f:39:9e:4f:c0:20:7a:0e:b1:
0c:1c:43:37:77:e1:af:06:ed:fb:d5:e1:d6:8b:1d:
25:57:e0:66:5b:f3:0f:ff:76:31:72:a8:14:22:e4:
7b:8c:88:47:be:b5:52:cb:c2:c2:59:56:ec:c8:13:
e0:06:d1:54:91:32:a8:0f:c1:50:21:bd:e4:4a:86:
ec:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DC:C1:E0:88:7C:D4:AE:07:F5:5B:64:54:22:57:56:4D:19:61:80
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hNzB4Ih81K4H9VtkVCJXVk0ZYYA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:52:43:6a:bd:cb:a5:bf:b1:b0:ea:8e:7b:7e:47:b5:5c:1c:
c2:d7:85:fb:e3:bb:04:f8:6f:64:09:19:20:bf:78:dc:70:42:
87:4b:a8:85:c8:e3:88:96:fc:b8:ea:ea:31:33:e0:26:f0:08:
cf:83:69:b6:69:c4:46:43:e1:f4:a8:bb:6d:b8:34:4b:b5:d3:
50:b4:c6:a6:b0:69:15:2f:d7:3f:ed:14:7f:48:c9:a8:65:38:
96:8d:d2:28:e1:07:53:3d:45:20:ee:f3:6c:b5:f3:fd:b8:6e:
1c:ae:4f:84:6b:ab:2a:23:09:47:be:6b:95:b2:d4:53:2f:08:
3e:74:9f:e5:33:4d:33:34:78:37:45:07:9c:d7:7b:18:11:57:
f1:53:b6:cb:dc:a1:27:d6:90:47:1e:f5:29:9e:c5:ac:47:92:
e2:e0:ae:cc:e8:ab:8c:c5:23:2f:07:f5:1e:87:aa:f5:db:76:
81:70:bb:cf:75:61:a1:63:ea:6a:e0:a4:8c:84:1b:c8:c9:b8:
4d:ab:86:92:09:c8:12:72:ee:42:12:78:44:27:fa:4d:40:d6:
90:f7:40:1f:28:f1:e8:03:d0:04:9f:8c:c2:d4:b3:32:a6:0c:
60:31:07:9e:1f:e2:c4:85:0e:9b:b1:53:27:09:19:d2:11:9e:
8f:95:99:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NDM3NDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg0RENDMUUwODg3Q0Q0
QUUwN0Y1NUI2NDU0MjI1NzU2NEQxOTYxODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf5ZchMiCZfcWbGh0XMfr5InPrbHWCpJ2WF3ojrMh4H/MbqAU6
NxrhKYg4eARhVmHALxdcJgnEk7EF7ca4VIRseYPfvTFJ2Z2UXb0S5c1pBbmcSXg1
yfMsX2Skz61lTtKuwWgNZMYQ9BvKF+uy5t/DApHzdkKtmU/DUSsh8pAMQCjrs6AT
r7vbUCAjh6U5c4dRFOSClZD2BMp7GSJg2yPW6UvXUzwQzdm0xQ1yWPSxTPpzJcsm
jX01eC85nk/AIHoOsQwcQzd34a8G7fvV4daLHSVX4GZb8w//djFyqBQi5HuMiEe+
tVLLwsJZVuzIE+AG0VSRMqgPwVAhveRKhuyfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhNzB4Ih81K4H9VtkVCJXVk0ZYYAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9oTnpCNEloODFLNEg5VnRr
VkNKWFZrMFpZWUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFBSQ2q9y6W/sbDqjnt+R7VcHMLXhfvjuwT4
b2QJGSC/eNxwQodLqIXI44iW/Ljq6jEz4CbwCM+DabZpxEZD4fSou224NEu101C0
xqawaRUv1z/tFH9IyahlOJaN0ijhB1M9RSDu82y18/24bhyuT4RrqyojCUe+a5Wy
1FMvCD50n+UzTTM0eDdFB5zXexgRV/FTtsvcoSfWkEce9SmexaxHkuLgrszoq4zF
Iy8H9R6HqvXbdoFwu891YaFj6mrgpIyEG8jJuE2rhpIJyBJy7kISeEQn+k1A1pD3
QB8o8egD0ASfjMLUszKmDGAxB54f4sSFDpuxUycJGdIRno+VmQY=
-----END CERTIFICATE-----
Generated at Sun May 18 01:59:50 2025 by rpki-client