Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/i2m6Y39dtB1O7gROxSbwvKNDn10.roa
File: i2m6Y39dtB1O7gROxSbwvKNDn10.roa (raw, json)
Hash identifier: eg9L2gN38Y4gZcjtnt4h51hMN9z9n5MiwvqGaS5Ed94=
Subject key identifier: 8B:69:BA:63:7F:5D:B4:1D:4E:EE:04:4E:C5:26:F0:BC:A3:43:9F:5D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0346
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i2m6Y39dtB1O7gROxSbwvKNDn10.roa
Signing time: Sun 11 May 2025 10:37:51 +0000
ROA not before: Sun 11 May 2025 10:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 838 (0x346)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 10:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8B69BA637F5DB41D4EEE044EC526F0BCA3439F5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:3f:ab:55:5d:8a:37:11:7e:e5:3a:12:de:
e3:21:a3:fd:bd:79:d0:c3:0c:ce:c5:21:b2:ff:36:
de:c4:39:ec:96:4c:f2:6a:be:ea:59:22:82:bd:78:
9e:5e:38:91:b2:1d:c5:aa:68:d4:4b:d7:51:04:d6:
65:96:bc:0c:1f:30:da:cc:54:a5:3b:01:e6:f1:11:
85:7a:7c:f6:d4:27:75:9d:61:5a:42:d3:38:0b:d9:
10:88:9f:6c:09:e3:e3:00:f4:a6:dd:e5:00:82:98:
f0:d2:dd:be:f2:81:e6:64:39:ce:a3:0c:f6:f5:b2:
40:e6:67:5a:dc:8e:03:b7:04:60:9d:6c:cc:8f:37:
4f:59:75:fe:c6:f9:a0:6f:41:bc:1d:c2:61:64:53:
d8:7d:25:77:28:06:5a:3b:75:55:61:d9:95:75:2f:
90:12:f0:69:5a:19:21:22:a8:b8:cf:72:a7:22:94:
f5:70:60:58:de:fe:52:e8:95:31:94:5c:90:61:36:
40:50:11:67:1b:09:d8:a6:d4:bc:b8:67:dc:9b:81:
bc:1d:40:b9:47:5a:d3:1c:cb:6c:b5:73:c0:e2:1c:
2d:61:1e:23:63:98:bd:fe:8a:96:eb:c3:ac:b5:f0:
14:ac:f8:35:31:b1:30:6f:b9:f5:84:8b:15:5a:b4:
d0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:69:BA:63:7F:5D:B4:1D:4E:EE:04:4E:C5:26:F0:BC:A3:43:9F:5D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i2m6Y39dtB1O7gROxSbwvKNDn10.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:3d:a7:b2:3d:e9:5e:35:97:ee:91:e0:d1:2b:08:c3:db:1c:
fa:be:1f:7b:23:45:39:21:84:29:b9:d7:c2:a7:06:18:0b:dc:
41:a4:cc:95:42:e4:30:b9:39:46:75:db:26:7b:57:46:b0:4c:
ad:64:b6:de:8d:74:48:a0:1f:a0:78:70:b1:e3:17:bf:cf:38:
4d:53:46:08:1a:d3:e7:4a:ff:94:33:8a:ef:89:b1:9f:98:48:
8c:35:c0:e1:22:7c:ac:c9:83:9e:41:80:5f:33:b7:84:70:69:
86:6f:d1:4e:2b:cb:d0:dd:eb:e4:f9:24:6a:03:bb:20:5c:3f:
c3:ac:7d:ff:1b:8a:fa:bc:84:ab:fb:88:87:c5:99:40:e1:75:
0f:fa:79:d8:1a:a1:0c:03:9d:28:50:e6:1e:e7:16:06:88:57:
9e:69:fc:ae:4d:2c:c2:e7:23:19:f3:7e:91:d4:e2:b9:4c:68:
71:e2:7d:8a:28:0e:ff:31:17:32:dc:78:7d:06:bd:ca:e1:dd:
e4:06:87:e6:cf:65:f3:97:09:03:67:da:68:d9:e4:3c:17:e6:
a2:89:5e:df:7f:2f:1c:5e:bd:58:ac:66:9d:c5:1a:70:d8:64:
a9:52:e2:5d:80:03:de:9c:ec:b9:b1:ff:ba:03:b9:ca:1e:79:
4b:62:fa:24
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA0YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MDM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhCNjlCQTYzN0Y1REI0
MUQ0RUVFMDQ0RUM1MjZGMEJDQTM0MzlGNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuOz+rVV2KNxF+5ToS3uMho/29edDDDM7FIbL/Nt7EOeyWTPJq
vupZIoK9eJ5eOJGyHcWqaNRL11EE1mWWvAwfMNrMVKU7AebxEYV6fPbUJ3WdYVpC
0zgL2RCIn2wJ4+MA9Kbd5QCCmPDS3b7ygeZkOc6jDPb1skDmZ1rcjgO3BGCdbMyP
N09Zdf7G+aBvQbwdwmFkU9h9JXcoBlo7dVVh2ZV1L5AS8GlaGSEiqLjPcqcilPVw
YFje/lLolTGUXJBhNkBQEWcbCdim1Ly4Z9ybgbwdQLlHWtMcy2y1c8DiHC1hHiNj
mL3+ipbrw6y18BSs+DUxsTBvufWEixVatNDDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUi2m6Y39dtB1O7gROxSbwvKNDn10wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pMm02WTM5ZHRCMU83Z1JP
eFNid3ZLTkRuMTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABU9p7I96V41l+6R4NErCMPbHPq+H3sjRTkh
hCm518KnBhgL3EGkzJVC5DC5OUZ12yZ7V0awTK1ktt6NdEigH6B4cLHjF7/POE1T
Rgga0+dK/5Qziu+JsZ+YSIw1wOEifKzJg55BgF8zt4RwaYZv0U4ry9Dd6+T5JGoD
uyBcP8Osff8bivq8hKv7iIfFmUDhdQ/6edgaoQwDnShQ5h7nFgaIV55p/K5NLMLn
IxnzfpHU4rlMaHHifYooDv8xFzLceH0Gvcrh3eQGh+bPZfOXCQNn2mjZ5DwX5qKJ
Xt9/LxxevVisZp3FGnDYZKlS4l2AA96c7Lmx/7oDucoeeUti+iQ=
-----END CERTIFICATE-----
Generated at Sun May 18 09:13:32 2025 by rpki-client