Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ilCvpiwDdbb4KgnHoa2khi3S7Co.roa
File: ilCvpiwDdbb4KgnHoa2khi3S7Co.roa (raw, json)
Hash identifier: B7fXBE9VvBxQZ8S07sVrwM+CtLuyl0Ln+pV7DEVrKAs=
Subject key identifier: 8A:50:AF:A6:2C:03:75:B6:F8:2A:09:C7:A1:AD:A4:86:2D:D2:EC:2A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 070A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ilCvpiwDdbb4KgnHoa2khi3S7Co.roa
Signing time: Fri 16 May 2025 11:08:06 +0000
ROA not before: Fri 16 May 2025 11:08:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1802 (0x70a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 11:08:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8A50AFA62C0375B6F82A09C7A1ADA4862DD2EC2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4a:4e:51:28:be:38:a9:84:57:fd:89:d2:6a:
5c:43:a3:25:e3:06:40:1d:8d:e2:02:51:98:7a:cd:
b0:3d:94:ce:cb:d7:4b:8c:d0:56:77:1e:29:db:0b:
5e:8d:cd:bf:9c:3b:98:06:5f:9d:a8:76:9b:87:d7:
a4:0a:46:e9:21:55:b6:2b:4a:45:4a:aa:d9:e6:d7:
5d:c8:c7:cc:b6:bf:88:6e:29:cd:e2:13:42:1a:b7:
74:cb:47:24:32:db:cc:e8:61:74:3d:b9:d0:44:b9:
22:57:d0:a2:5c:82:54:c0:e5:53:00:fe:b0:d1:25:
57:52:51:e3:46:09:78:13:a8:cd:18:1a:e9:2a:f9:
7e:c1:a0:4a:6b:3a:33:ca:6b:83:a0:61:d7:88:8a:
71:bd:9d:0e:49:37:e7:eb:50:82:96:66:f9:d4:19:
73:62:26:35:d8:0e:4a:25:24:df:7d:cc:bd:dc:b7:
93:ea:25:11:be:0b:65:65:b5:a4:0c:bb:28:8d:8e:
1e:b8:86:ab:c6:ab:40:19:95:f9:2c:14:9b:4b:c0:
4a:1d:20:2f:ed:e4:6c:16:9a:7f:cd:a3:d7:bd:3b:
4b:df:b4:46:6a:9a:ee:5d:e0:89:b7:c0:59:c8:9f:
f8:b3:1e:de:38:db:54:66:fb:07:e2:08:6c:a6:cd:
4d:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:50:AF:A6:2C:03:75:B6:F8:2A:09:C7:A1:AD:A4:86:2D:D2:EC:2A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ilCvpiwDdbb4KgnHoa2khi3S7Co.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:28:fe:fa:0f:cb:fc:81:9f:7a:dd:69:ae:57:4a:95:89:86:
1d:1a:9a:86:e8:67:b8:e3:57:33:00:a2:48:fc:7c:c0:97:a0:
74:90:42:d0:fc:43:d0:fa:f5:6b:aa:f3:a5:de:5d:77:b8:75:
4b:d2:c2:3c:db:80:0c:74:5a:f8:ae:2e:fe:c4:d5:67:31:cc:
33:dd:04:38:6e:ea:ab:3f:96:d8:b2:ff:f4:38:dd:e4:c5:e0:
c9:51:23:67:70:ae:cc:9c:23:7f:a4:71:83:97:a0:01:05:8d:
7f:df:43:3b:df:fc:66:d3:fd:13:32:c6:d5:8c:20:c3:f1:78:
ba:c4:ba:30:d4:0a:b8:4b:32:07:86:48:75:33:cd:f6:4d:05:
f5:39:bb:e8:1f:a0:ba:fb:65:0b:41:bd:d6:94:50:d8:4f:a0:
86:4c:4f:64:a6:b7:5d:67:6c:b3:78:36:b8:d6:73:6a:4d:6b:
e0:96:7b:90:1d:fd:32:b2:7d:9a:13:e5:bd:c1:2d:5e:be:43:
0a:c9:c3:e9:79:b1:23:d7:80:70:ae:89:2b:6a:99:62:d0:ae:
b0:52:9f:c5:54:40:fa:3a:f7:fd:76:b8:a0:10:b9:27:f3:d6:
f2:dd:08:2d:06:a2:3c:dd:ce:14:3a:81:2e:d2:de:9a:07:b7:
0f:d5:a1:7b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MTA4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhBNTBBRkE2MkMwMzc1
QjZGODJBMDlDN0ExQURBNDg2MkREMkVDMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDESk5RKL44qYRX/YnSalxDoyXjBkAdjeICUZh6zbA9lM7L10uM
0FZ3HinbC16Nzb+cO5gGX52odpuH16QKRukhVbYrSkVKqtnm113Ix8y2v4huKc3i
E0Iat3TLRyQy28zoYXQ9udBEuSJX0KJcglTA5VMA/rDRJVdSUeNGCXgTqM0YGukq
+X7BoEprOjPKa4OgYdeIinG9nQ5JN+frUIKWZvnUGXNiJjXYDkolJN99zL3ct5Pq
JRG+C2VltaQMuyiNjh64hqvGq0AZlfksFJtLwEodIC/t5GwWmn/No9e9O0vftEZq
mu5d4Im3wFnIn/izHt4421Rm+wfiCGymzU31AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUilCvpiwDdbb4KgnHoa2khi3S7CowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pbEN2cGl3RGRiYjRLZ25I
b2Eya2hpM1M3Q28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF4o/voPy/yBn3rdaa5XSpWJhh0amoboZ7jj
VzMAokj8fMCXoHSQQtD8Q9D69Wuq86XeXXe4dUvSwjzbgAx0WviuLv7E1WcxzDPd
BDhu6qs/ltiy//Q43eTF4MlRI2dwrsycI3+kcYOXoAEFjX/fQzvf/GbT/RMyxtWM
IMPxeLrEujDUCrhLMgeGSHUzzfZNBfU5u+gfoLr7ZQtBvdaUUNhPoIZMT2Smt11n
bLN4NrjWc2pNa+CWe5Ad/TKyfZoT5b3BLV6+QwrJw+l5sSPXgHCuiStqmWLQrrBS
n8VUQPo69/12uKAQuSfz1vLdCC0GojzdzhQ6gS7S3poHtw/VoXs=
-----END CERTIFICATE-----
Generated at Sat May 17 23:28:51 2025 by rpki-client