Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/n0xIv4vB3SWTaTeT0haSxkEIKG4.roa
File: n0xIv4vB3SWTaTeT0haSxkEIKG4.roa (raw, json)
Hash identifier: Tt3MK3DNU/4SbrcoH8DEw0xvS2Pz3LjtI0ozQ+csGZ0=
Subject key identifier: 9F:4C:48:BF:8B:C1:DD:25:93:69:37:93:D2:16:92:C6:41:08:28:6E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 071E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/n0xIv4vB3SWTaTeT0haSxkEIKG4.roa
Signing time: Fri 16 May 2025 13:38:06 +0000
ROA not before: Fri 16 May 2025 13:38:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1822 (0x71e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 13:38:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9F4C48BF8BC1DD2593693793D21692C64108286E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:20:83:46:ea:e9:d7:b3:f2:8a:96:71:9e:8f:
d3:bb:7d:be:09:1a:64:c2:3b:d0:a8:54:9b:bf:c1:
21:04:eb:22:65:83:eb:0f:9c:98:aa:0a:69:d8:ae:
da:1f:80:6b:72:0f:ba:36:0a:8f:b6:58:dd:e6:c8:
40:a2:ae:17:cd:b9:03:bd:29:47:b6:fc:49:7a:71:
1f:38:6f:66:f3:bf:1c:0a:b6:1c:af:dc:5e:22:72:
71:85:1d:dc:12:1a:ea:7c:5f:50:13:45:cf:1b:9e:
5d:6a:66:08:2d:64:e2:95:13:e2:ec:e3:29:4c:21:
62:8d:7a:65:1f:26:48:1f:95:d8:d7:3f:0e:88:32:
ee:7f:0d:6a:6f:f5:c9:10:6c:f9:03:42:9a:26:06:
e0:76:59:78:fc:de:04:d3:4b:9e:c6:51:e3:77:33:
7f:fc:c2:ee:83:c6:0c:6a:e8:56:d6:14:da:14:cd:
a4:f4:30:8a:5e:82:8f:bc:e1:21:b1:eb:9f:2c:9b:
88:a7:a2:51:1c:75:02:27:ba:e8:cc:cc:ff:7c:a5:
16:89:56:fb:0c:98:ce:78:da:dc:22:98:a8:c8:58:
68:e5:48:cb:1b:03:e3:da:44:69:28:5e:71:95:83:
83:7e:53:82:6b:25:ed:8e:ad:e0:61:d1:9d:fe:04:
bd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4C:48:BF:8B:C1:DD:25:93:69:37:93:D2:16:92:C6:41:08:28:6E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/n0xIv4vB3SWTaTeT0haSxkEIKG4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:1b:bc:37:4c:f2:c7:09:a9:2e:58:e6:49:b7:aa:04:0d:dd:
3d:95:e6:8a:1c:91:95:36:d2:b7:4f:8c:8a:d7:e6:93:a9:a6:
5c:8a:05:06:c4:6b:55:ce:07:54:69:a1:f8:e1:42:7d:d3:8b:
1c:e3:12:7f:a7:47:bd:14:2d:13:1a:ce:b5:ee:39:18:79:5d:
e7:bb:33:1a:4c:55:fb:7c:e4:f8:1e:9d:d2:c6:a0:57:d2:9a:
65:30:06:58:5f:e7:de:0c:23:26:0d:8f:b1:cb:6c:25:dc:ec:
23:04:37:fb:0e:d7:e4:af:cd:57:d4:55:f8:12:14:c7:3e:c1:
4b:bd:ce:d5:81:a6:d8:23:43:a5:7b:a5:b9:39:d3:55:38:d8:
e6:e0:83:4f:55:e3:3a:1d:37:aa:a4:d0:02:c3:08:32:05:00:
ec:75:b3:44:4a:b4:90:ec:b2:97:66:cc:09:23:56:ce:ee:f4:
9c:9a:13:e4:45:88:7a:47:58:99:9a:0c:ad:d1:86:64:c3:52:
54:81:8f:e4:2f:a8:db:eb:25:e7:fe:ab:e6:50:51:64:7e:79:
cc:fb:6f:ee:0e:9c:e2:f4:95:1e:e0:43:02:66:85:bb:12:b7:
26:bb:66:af:23:60:e8:26:aa:99:91:d9:3d:15:2a:49:d6:f5:
5a:c7:1b:6d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MzM4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlGNEM0OEJGOEJDMURE
MjU5MzY5Mzc5M0QyMTY5MkM2NDEwODI4NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNIING6unXs/KKlnGej9O7fb4JGmTCO9CoVJu/wSEE6yJlg+sP
nJiqCmnYrtofgGtyD7o2Co+2WN3myECirhfNuQO9KUe2/El6cR84b2bzvxwKthyv
3F4icnGFHdwSGup8X1ATRc8bnl1qZggtZOKVE+Ls4ylMIWKNemUfJkgfldjXPw6I
Mu5/DWpv9ckQbPkDQpomBuB2WXj83gTTS57GUeN3M3/8wu6Dxgxq6FbWFNoUzaT0
MIpego+84SGx658sm4inolEcdQInuujMzP98pRaJVvsMmM542twimKjIWGjlSMsb
A+PaRGkoXnGVg4N+U4JrJe2OreBh0Z3+BL0PAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUn0xIv4vB3SWTaTeT0haSxkEIKG4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9uMHhJdjR2QjNTV1RhVGVU
MGhhU3hrRUlLRzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJAbvDdM8scJqS5Y5km3qgQN3T2V5oockZU2
0rdPjIrX5pOpplyKBQbEa1XOB1RpofjhQn3TixzjEn+nR70ULRMazrXuORh5Xee7
MxpMVft85PgendLGoFfSmmUwBlhf594MIyYNj7HLbCXc7CMEN/sO1+SvzVfUVfgS
FMc+wUu9ztWBptgjQ6V7pbk501U42Obgg09V4zodN6qk0ALDCDIFAOx1s0RKtJDs
spdmzAkjVs7u9JyaE+RFiHpHWJmaDK3RhmTDUlSBj+QvqNvrJef+q+ZQUWR+ecz7
b+4OnOL0lR7gQwJmhbsStya7Zq8jYOgmqpmR2T0VKknW9VrHG20=
-----END CERTIFICATE-----
Generated at Sat May 17 23:14:19 2025 by rpki-client