Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ht2iTGXajiVIxIwX46I9Y6MITMk.roa
File: ht2iTGXajiVIxIwX46I9Y6MITMk.roa (raw, json)
Hash identifier: Ssm4SgEzN8GVJKE/YAs4OeLCKHlwsTQEWP/aqiPdyrM=
Subject key identifier: 86:DD:A2:4C:65:DA:8E:25:48:C4:8C:17:E3:A2:3D:63:A3:08:4C:C9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 015E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ht2iTGXajiVIxIwX46I9Y6MITMk.roa
Signing time: Thu 08 May 2025 21:37:45 +0000
ROA not before: Thu 08 May 2025 21:37:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 350 (0x15e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 21:37:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86DDA24C65DA8E2548C48C17E3A23D63A3084CC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cc:4f:80:40:ab:98:0f:89:b4:41:4f:5a:1f:
56:39:38:1e:7f:fc:55:44:01:aa:a4:90:55:63:3a:
4c:e4:ea:51:5f:c2:f1:ef:71:db:44:c6:b3:7c:48:
eb:d8:87:20:b7:9d:4b:81:46:a2:0c:69:30:73:e0:
b4:b6:24:49:99:82:66:26:79:e0:35:40:7d:fa:f7:
1d:04:f7:e3:20:36:3b:42:ac:f3:a4:30:2f:5e:51:
c1:37:d7:a4:ff:f0:a1:c7:c3:cc:0f:49:a0:6e:c7:
e9:b4:49:9a:9b:22:95:af:0d:95:1c:56:05:57:13:
c0:bb:37:50:5d:bd:e6:fe:b0:1c:44:b6:cb:db:2c:
86:ae:96:62:4d:02:2f:55:cc:84:23:65:76:19:2e:
83:f8:a4:5a:c6:71:87:3b:37:2f:87:ac:ad:dc:c3:
01:b3:12:05:75:bd:34:e5:37:6b:73:3b:13:d9:66:
4b:d8:6a:d5:50:34:bb:26:3e:12:b8:43:a1:cd:b2:
a0:ec:3f:81:61:d6:71:0e:92:21:88:f6:62:6c:d3:
a9:53:0b:28:2a:fc:6f:0e:88:c8:89:1b:08:51:2e:
18:6f:9a:a5:96:1e:c5:63:02:62:bf:d2:53:e5:ab:
9b:02:fd:40:0f:db:4f:4f:c9:ff:d0:f6:9b:4a:a5:
2c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DD:A2:4C:65:DA:8E:25:48:C4:8C:17:E3:A2:3D:63:A3:08:4C:C9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ht2iTGXajiVIxIwX46I9Y6MITMk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
63:ab:d7:15:29:42:c8:ec:1a:a6:87:67:27:71:89:59:ba:8a:
95:ef:fb:b4:b6:c4:10:4e:68:89:15:a5:b0:d9:eb:62:0d:34:
9a:40:b3:0a:ab:67:01:9f:f8:f3:26:e2:e2:de:31:a2:f4:fc:
09:93:41:bc:07:9f:d2:81:9c:a1:7a:f6:70:b4:d6:ca:f0:69:
dc:02:16:fe:76:fe:b0:02:8a:34:82:41:1f:b7:3e:58:13:32:
4a:e9:37:93:15:e8:18:43:b3:5f:d0:25:9e:14:1c:92:c7:a2:
2e:94:43:31:29:81:6c:64:55:3b:ab:22:64:f3:f0:a8:e3:c1:
09:16:0b:40:55:fd:ef:ac:2a:e3:b8:b8:b3:ef:a6:6f:e0:67:
14:8c:77:a8:86:9a:a5:6d:4c:6c:c0:05:80:84:7f:db:31:6c:
d3:1b:fe:7a:35:57:b1:93:ed:e2:ef:c5:2c:ee:dc:e4:72:a0:
5f:7c:86:e2:53:6f:f7:a4:dc:5f:ef:9e:30:ce:75:d7:68:5a:
64:18:48:ec:7c:b3:6a:0c:ce:93:df:9d:91:28:54:86:aa:0f:
ed:3d:ba:70:26:25:6e:95:b4:43:79:28:c3:2c:25:b7:ee:45:
3a:67:6a:9b:8c:34:ff:34:81:cc:2b:e9:bf:ce:47:65:5c:88:
a1:a3:b5:aa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAV4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgy
MTM3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2RERBMjRDNjVEQThF
MjU0OEM0OEMxN0UzQTIzRDYzQTMwODRDQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6zE+AQKuYD4m0QU9aH1Y5OB5//FVEAaqkkFVjOkzk6lFfwvHv
cdtExrN8SOvYhyC3nUuBRqIMaTBz4LS2JEmZgmYmeeA1QH369x0E9+MgNjtCrPOk
MC9eUcE316T/8KHHw8wPSaBux+m0SZqbIpWvDZUcVgVXE8C7N1Bdveb+sBxEtsvb
LIaulmJNAi9VzIQjZXYZLoP4pFrGcYc7Ny+HrK3cwwGzEgV1vTTlN2tzOxPZZkvY
atVQNLsmPhK4Q6HNsqDsP4Fh1nEOkiGI9mJs06lTCygq/G8OiMiJGwhRLhhvmqWW
HsVjAmK/0lPlq5sC/UAP209Pyf/Q9ptKpSytAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUht2iTGXajiVIxIwX46I9Y6MITMkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9odDJpVEdYYWppVkl4SXdY
NDZJOVk2TUlUTWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGOr1xUpQsjsGqaHZydxiVm6ipXv+7S2xBBO
aIkVpbDZ62INNJpAswqrZwGf+PMm4uLeMaL0/AmTQbwHn9KBnKF69nC01srwadwC
Fv52/rACijSCQR+3PlgTMkrpN5MV6BhDs1/QJZ4UHJLHoi6UQzEpgWxkVTurImTz
8KjjwQkWC0BV/e+sKuO4uLPvpm/gZxSMd6iGmqVtTGzABYCEf9sxbNMb/no1V7GT
7eLvxSzu3ORyoF98huJTb/ek3F/vnjDOdddoWmQYSOx8s2oMzpPfnZEoVIaqD+09
unAmJW6VtEN5KMMsJbfuRTpnapuMNP80gcwr6b/OR2VciKGjtao=
-----END CERTIFICATE-----
Generated at Sun May 18 01:58:43 2025 by rpki-client