Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/npZIOJjsvP3RxCU49CZ8LOmIYu4.roa
File: npZIOJjsvP3RxCU49CZ8LOmIYu4.roa (raw, json)
Hash identifier: yJdvb3Gh0w+A16mbMa+RqE+21+p8dLCb8Solx1sKj5E=
Subject key identifier: 9E:96:48:38:98:EC:BC:FD:D1:C4:25:38:F4:26:7C:2C:E9:88:62:EE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05F6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/npZIOJjsvP3RxCU49CZ8LOmIYu4.roa
Signing time: Thu 15 May 2025 00:38:29 +0000
ROA not before: Thu 15 May 2025 00:38:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1526 (0x5f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 00:38:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9E96483898ECBCFDD1C42538F4267C2CE98862EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:8f:f5:63:9a:2e:0f:c6:e8:78:d0:95:d1:
54:1b:9d:22:2e:56:d8:c3:c0:73:1a:36:27:12:a5:
85:57:df:e4:bc:39:a8:1b:6f:51:76:99:81:80:f9:
62:dc:a0:56:6e:2f:c2:c8:49:74:51:e0:df:61:5d:
f0:a5:33:1a:59:00:1e:ab:38:54:e9:d5:a9:4e:75:
4a:a5:5d:97:b4:e5:73:9b:b3:f4:8a:7a:81:07:05:
92:17:05:7f:cc:c1:3e:34:95:a6:e8:6f:6e:02:f6:
fe:57:f2:a2:1f:eb:e2:c8:cd:dc:83:4c:c7:0a:c3:
9d:c2:d3:cd:6e:80:6a:d6:b2:32:d8:94:c5:ee:38:
13:84:ab:23:f9:78:56:d8:fd:39:f9:26:38:9a:7d:
50:e6:51:b6:44:70:1e:96:74:57:b3:f3:bb:65:f4:
6e:1a:29:de:b7:39:42:5b:e6:82:4b:f3:05:7d:9d:
b8:de:cf:1d:03:00:07:3c:4b:8e:a1:07:9e:0a:d1:
69:4a:b4:02:3b:10:f7:70:b0:dc:e5:3f:de:ab:4f:
56:8b:6e:fe:8d:63:55:5c:5b:14:b3:17:64:b5:ac:
a9:4f:18:40:42:23:a3:90:87:7f:41:20:2d:4b:11:
09:b3:60:8a:ee:03:5a:7e:ef:12:b7:91:9d:bb:65:
b3:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:96:48:38:98:EC:BC:FD:D1:C4:25:38:F4:26:7C:2C:E9:88:62:EE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/npZIOJjsvP3RxCU49CZ8LOmIYu4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:cb:90:47:37:85:d8:11:67:34:f1:e2:2a:88:e5:75:4e:6c:
84:89:19:b5:c6:c1:2e:5d:eb:df:3f:2f:de:2b:16:52:56:e5:
ce:ad:c3:db:34:1b:10:40:5e:86:e9:0e:5f:f8:f6:7c:0a:a4:
54:03:e0:b5:54:17:f6:1d:05:43:a1:c8:98:4d:42:26:68:b2:
6b:26:65:a3:a5:5d:73:27:46:42:20:16:a2:48:da:04:99:d2:
00:e9:69:54:29:04:5a:5e:19:e4:b4:94:db:0e:49:03:29:29:
49:6c:8f:02:8a:55:35:21:c9:a3:b4:70:fb:a0:3b:8d:e6:93:
00:1d:8c:84:6e:8f:d4:30:f3:f8:45:38:c6:b3:0c:f7:50:0b:
03:b1:d6:94:cc:9a:98:81:3b:a3:4d:60:2e:15:ff:bd:7f:b8:
96:21:39:12:d0:13:ea:58:80:b8:71:b7:49:32:a6:f1:85:bd:
78:d7:0c:8d:a7:f8:2d:1e:31:9d:77:9e:22:be:6b:a5:4a:5b:
42:31:56:39:06:75:54:44:8d:4b:04:ca:c9:d8:0b:f4:62:42:
24:4a:a4:5c:b5:d1:e9:4d:ff:c2:91:ea:7b:4b:b7:a8:17:be:
13:ad:c8:e1:f2:47:e9:23:97:91:df:65:94:f5:d9:74:a5:55:
13:83:e1:c9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MDM4MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlFOTY0ODM4OThFQ0JD
RkREMUM0MjUzOEY0MjY3QzJDRTk4ODYyRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnEI/1Y5ouD8boeNCV0VQbnSIuVtjDwHMaNicSpYVX3+S8Oagb
b1F2mYGA+WLcoFZuL8LISXRR4N9hXfClMxpZAB6rOFTp1alOdUqlXZe05XObs/SK
eoEHBZIXBX/MwT40labob24C9v5X8qIf6+LIzdyDTMcKw53C081ugGrWsjLYlMXu
OBOEqyP5eFbY/Tn5JjiafVDmUbZEcB6WdFez87tl9G4aKd63OUJb5oJL8wV9nbje
zx0DAAc8S46hB54K0WlKtAI7EPdwsNzlP96rT1aLbv6NY1VcWxSzF2S1rKlPGEBC
I6OQh39BIC1LEQmzYIruA1p+7xK3kZ27ZbOZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnpZIOJjsvP3RxCU49CZ8LOmIYu4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ucFpJT0pqc3ZQM1J4Q1U0
OUNaOExPbUlZdTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGTLkEc3hdgRZzTx4iqI5XVObISJGbXGwS5d
698/L94rFlJW5c6tw9s0GxBAXobpDl/49nwKpFQD4LVUF/YdBUOhyJhNQiZosmsm
ZaOlXXMnRkIgFqJI2gSZ0gDpaVQpBFpeGeS0lNsOSQMpKUlsjwKKVTUhyaO0cPug
O43mkwAdjIRuj9Qw8/hFOMazDPdQCwOx1pTMmpiBO6NNYC4V/71/uJYhORLQE+pY
gLhxt0kypvGFvXjXDI2n+C0eMZ13niK+a6VKW0IxVjkGdVREjUsEysnYC/RiQiRK
pFy10elN/8KR6ntLt6gXvhOtyOHyR+kjl5HfZZT12XSlVROD4ck=
-----END CERTIFICATE-----
Generated at Sat May 17 22:40:24 2025 by rpki-client