Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kvCEpxlcXBaIySeAZticlvuBN-U.roa
File: kvCEpxlcXBaIySeAZticlvuBN-U.roa (raw, json)
Hash identifier: J6TbvC8ZeD0pcqgXUBDWCTfjtwH7VgjQITsJ/n/XZBo=
Subject key identifier: 92:F0:84:A7:19:5C:5C:16:88:C9:27:80:66:D8:9C:96:FB:81:37:E5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02FE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kvCEpxlcXBaIySeAZticlvuBN-U.roa
Signing time: Sun 11 May 2025 01:37:51 +0000
ROA not before: Sun 11 May 2025 01:37:51 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 766 (0x2fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 01:37:51 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=92F084A7195C5C1688C9278066D89C96FB8137E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:0e:a3:44:8a:f7:8f:aa:a1:8a:ce:9a:e0:e9:
9f:59:f3:e3:e6:40:ce:a5:79:b7:1e:36:5a:3f:54:
04:6b:c2:8d:4f:da:e9:f1:cd:b7:04:ce:d8:37:38:
c4:49:55:88:87:32:e9:a0:e7:6f:0d:fa:a9:10:f0:
65:bd:22:47:67:c6:95:f6:96:d0:97:50:55:34:30:
c4:9e:86:d2:58:74:52:90:c8:8c:b4:b8:bc:f2:67:
be:81:05:bc:3d:f3:51:34:9a:1d:2b:d3:0a:41:48:
ab:48:db:f4:ad:2f:12:70:a2:44:50:51:0f:4b:61:
53:64:89:8f:ec:84:38:86:b6:b5:c2:e2:a1:39:df:
b3:f5:67:98:5e:bd:00:e6:f9:c2:af:0c:e7:73:0b:
0a:d9:1d:64:0a:1a:a1:09:bb:33:5c:93:dd:55:3e:
30:ce:4e:01:85:fc:e2:a3:a1:58:cb:72:16:7a:6e:
5c:00:38:cc:c7:79:38:ce:a0:20:38:d2:cc:bb:aa:
d6:31:5e:05:ba:40:70:e9:28:c7:95:7d:94:d5:7e:
28:7a:12:d0:e8:94:65:e2:e7:d8:40:ae:9c:48:20:
58:51:48:39:5f:06:92:62:89:96:5f:24:26:ba:17:
07:17:cf:05:b6:78:0e:8a:78:2c:09:13:dd:e8:6c:
ac:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F0:84:A7:19:5C:5C:16:88:C9:27:80:66:D8:9C:96:FB:81:37:E5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kvCEpxlcXBaIySeAZticlvuBN-U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:d9:0d:06:28:5b:12:db:95:cd:6c:0b:f6:4c:94:b4:ec:38:
7b:f0:d0:18:04:d5:74:d6:df:67:cf:2a:fa:14:7a:cc:d9:cf:
76:78:ee:5a:10:19:fa:41:de:70:7a:2b:0a:38:ca:98:c0:d7:
cc:df:5a:2e:46:84:43:54:24:ca:3d:fd:2c:0a:51:0a:3e:77:
15:42:8a:aa:81:b7:a9:b4:bc:93:9e:9c:da:52:2b:f3:48:e4:
b1:52:ef:7d:b7:82:e2:9a:55:b2:a2:16:cb:a4:76:9e:4c:33:
6d:7d:17:2b:4a:33:5d:2b:ed:e7:c0:1c:b8:50:a6:01:55:ec:
76:ba:41:44:ce:54:43:1f:ed:08:71:09:5f:b7:16:9a:23:35:
a7:2e:32:b6:12:d5:ee:21:a6:bc:40:f8:fb:31:fd:6c:15:93:
44:78:ba:e3:b8:41:cd:97:19:16:d8:31:fd:b2:c8:04:59:62:
b8:88:ad:f3:e7:58:94:5c:d5:4c:a7:f7:08:27:23:99:98:99:
03:26:23:91:e4:e2:31:2c:41:88:ea:1c:da:49:37:1a:c2:7c:
ae:73:cd:0a:25:51:e0:53:c4:12:be:07:d8:ca:83:4d:69:f2:
e4:32:70:d6:a7:be:04:50:a2:48:7e:f5:0e:17:43:50:93:0e:
84:ed:f8:0e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
MTM3NTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkyRjA4NEE3MTk1QzVD
MTY4OEM5Mjc4MDY2RDg5Qzk2RkI4MTM3RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwDqNEivePqqGKzprg6Z9Z8+PmQM6lebceNlo/VARrwo1P2unx
zbcEztg3OMRJVYiHMumg528N+qkQ8GW9IkdnxpX2ltCXUFU0MMSehtJYdFKQyIy0
uLzyZ76BBbw981E0mh0r0wpBSKtI2/StLxJwokRQUQ9LYVNkiY/shDiGtrXC4qE5
37P1Z5hevQDm+cKvDOdzCwrZHWQKGqEJuzNck91VPjDOTgGF/OKjoVjLchZ6blwA
OMzHeTjOoCA40sy7qtYxXgW6QHDpKMeVfZTVfih6EtDolGXi59hArpxIIFhRSDlf
BpJiiZZfJCa6FwcXzwW2eA6KeCwJE93obKxpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkvCEpxlcXBaIySeAZticlvuBN+UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9rdkNFcHhsY1hCYUl5U2VB
WnRpY2x2dUJOLVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACXZDQYoWxLblc1sC/ZMlLTsOHvw0BgE1XTW
32fPKvoUeszZz3Z47loQGfpB3nB6Kwo4ypjA18zfWi5GhENUJMo9/SwKUQo+dxVC
iqqBt6m0vJOenNpSK/NI5LFS7323guKaVbKiFsukdp5MM219FytKM10r7efAHLhQ
pgFV7Ha6QUTOVEMf7QhxCV+3FpojNacuMrYS1e4hprxA+Psx/WwVk0R4uuO4Qc2X
GRbYMf2yyARZYriIrfPnWJRc1Uyn9wgnI5mYmQMmI5Hk4jEsQYjqHNpJNxrCfK5z
zQolUeBTxBK+B9jKg01p8uQycNanvgRQokh+9Q4XQ1CTDoTt+A4=
-----END CERTIFICATE-----
Generated at Sat May 17 23:15:46 2025 by rpki-client