Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lOo8IZpekaf420UtiY1OH2CBork.roa
File: lOo8IZpekaf420UtiY1OH2CBork.roa (raw, json)
Hash identifier: 8zD9Mhh9PFmP6Vno8qgo3+BDFhk71HlfyVTFT6PZBnw=
Subject key identifier: 94:EA:3C:21:9A:5E:91:A7:F8:DB:45:2D:89:8D:4E:1F:60:81:A2:B9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 03F6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lOo8IZpekaf420UtiY1OH2CBork.roa
Signing time: Mon 12 May 2025 08:37:55 +0000
ROA not before: Mon 12 May 2025 08:37:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1014 (0x3f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 08:37:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=94EA3C219A5E91A7F8DB452D898D4E1F6081A2B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:94:a0:41:e8:54:68:25:88:6b:e6:9f:3a:c3:
b0:e7:aa:42:98:2f:e2:69:d9:9a:ee:d8:42:07:3a:
ca:fb:e6:af:96:d0:a3:d4:77:20:30:35:00:20:af:
5e:0b:ba:5c:aa:b1:e8:90:e6:7d:89:64:67:6a:9e:
a1:93:c3:97:4f:77:69:e1:c6:04:61:2d:5d:8d:f8:
fb:50:92:1f:ff:03:9d:db:19:34:c6:fe:58:4b:b5:
bd:a9:1d:18:05:24:89:d8:e7:20:2f:db:94:22:ac:
c0:0e:b5:18:b0:fc:39:1d:14:bd:31:5d:14:d2:cf:
bc:f9:61:63:aa:8a:89:04:07:93:4f:98:a4:fa:1d:
71:e4:4a:e1:f5:ab:6d:ae:09:45:84:c0:e0:25:1f:
e9:10:12:36:11:7f:e3:5b:ca:ae:28:7c:4c:ef:17:
75:b3:e5:48:c3:1a:75:d6:c4:44:ac:2a:58:53:bf:
5f:8d:bd:a2:43:4b:c8:0b:fd:dc:8b:a9:62:34:71:
78:0e:bb:bd:5d:e4:cb:70:18:bb:f1:bc:7d:2f:c6:
41:71:73:37:fa:01:08:77:e2:49:56:07:a3:7a:82:
c5:67:20:78:f3:a1:1d:5e:e2:df:4f:89:ed:2f:25:
02:25:74:46:d4:15:d6:e3:3d:26:94:b5:91:df:eb:
2a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EA:3C:21:9A:5E:91:A7:F8:DB:45:2D:89:8D:4E:1F:60:81:A2:B9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lOo8IZpekaf420UtiY1OH2CBork.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:0d:d6:9d:2b:e0:06:c2:2c:87:91:2c:de:6e:99:dd:09:f9:
b6:11:11:53:47:9a:1a:4a:3f:fc:ba:15:86:1c:cd:5d:89:ed:
ce:99:c6:8a:a0:76:05:40:fa:02:35:a6:b2:0b:59:a9:b3:53:
81:69:8b:12:62:29:d0:b6:ca:61:de:97:52:cb:fe:53:80:8a:
dc:7b:f7:95:ad:0b:11:8d:2a:d8:b9:6a:82:6e:50:4d:c2:2f:
0f:19:a1:d2:59:60:50:79:ee:ac:96:d6:ea:c6:b1:35:65:1e:
2e:3a:3e:99:5c:50:23:98:1d:cc:80:d1:e1:fb:b6:4e:5c:c1:
ba:af:ca:75:a6:48:4d:fb:77:b3:7a:af:ca:db:8c:1c:d4:dc:
04:46:11:2f:75:2a:0c:11:50:d0:50:c6:03:8d:af:08:a2:cc:
59:ec:9d:65:0d:5d:ab:89:e9:f1:47:f4:d2:25:8e:4e:a5:52:
e7:16:c2:47:59:5f:ea:1d:3f:f2:7e:c6:eb:af:62:4e:30:ea:
1a:fe:78:40:53:b7:66:a0:96:5f:49:42:b9:23:45:f8:d3:26:
e1:76:dc:08:6b:ce:3d:bc:ad:24:9f:45:9f:b8:60:eb:b4:77:
35:06:d2:0b:9a:ea:7a:e1:d8:51:b4:2c:ce:32:f1:a9:2b:45:
10:71:92:0b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIw
ODM3NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk0RUEzQzIxOUE1RTkx
QTdGOERCNDUyRDg5OEQ0RTFGNjA4MUEyQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7lKBB6FRoJYhr5p86w7DnqkKYL+Jp2Zru2EIHOsr75q+W0KPU
dyAwNQAgr14LulyqseiQ5n2JZGdqnqGTw5dPd2nhxgRhLV2N+PtQkh//A53bGTTG
/lhLtb2pHRgFJInY5yAv25QirMAOtRiw/DkdFL0xXRTSz7z5YWOqiokEB5NPmKT6
HXHkSuH1q22uCUWEwOAlH+kQEjYRf+Nbyq4ofEzvF3Wz5UjDGnXWxESsKlhTv1+N
vaJDS8gL/dyLqWI0cXgOu71d5MtwGLvxvH0vxkFxczf6AQh34klWB6N6gsVnIHjz
oR1e4t9Pie0vJQIldEbUFdbjPSaUtZHf6yrVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlOo8IZpekaf420UtiY1OH2CBorkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sT284SVpwZWthZjQyMFV0
aVkxT0gyQ0Jvcmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIgN1p0r4AbCLIeRLN5umd0J+bYREVNHmhpK
P/y6FYYczV2J7c6ZxoqgdgVA+gI1prILWamzU4FpixJiKdC2ymHel1LL/lOAitx7
95WtCxGNKti5aoJuUE3CLw8ZodJZYFB57qyW1urGsTVlHi46PplcUCOYHcyA0eH7
tk5cwbqvynWmSE37d7N6r8rbjBzU3ARGES91KgwRUNBQxgONrwiizFnsnWUNXauJ
6fFH9NIljk6lUucWwkdZX+odP/J+xuuvYk4w6hr+eEBTt2agll9JQrkjRfjTJuF2
3Ahrzj28rSSfRZ+4YOu0dzUG0gua6nrh2FG0LM4y8akrRRBxkgs=
-----END CERTIFICATE-----
Generated at Sun May 18 03:13:24 2025 by rpki-client