Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/oN2A3rUz8p9zTR2ewxwAo3LRQAQ.roa
File: oN2A3rUz8p9zTR2ewxwAo3LRQAQ.roa (raw, json)
Hash identifier: 6EjypumhM3olc7Kg9nsW83RHosYnrjCkq96IxeUwIFk=
Subject key identifier: A0:DD:80:DE:B5:33:F2:9F:73:4D:1D:9E:C3:1C:00:A3:72:D1:40:04
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0286
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oN2A3rUz8p9zTR2ewxwAo3LRQAQ.roa
Signing time: Sat 10 May 2025 10:37:49 +0000
ROA not before: Sat 10 May 2025 10:37:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 646 (0x286)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 10:37:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A0DD80DEB533F29F734D1D9EC31C00A372D14004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2e:92:a3:43:80:29:f3:8d:8e:98:80:c7:0d:
43:29:5a:19:f9:00:c4:65:75:41:6d:c1:67:6d:be:
d1:75:5f:44:7b:76:c5:d0:48:57:4d:dd:61:e6:c1:
02:88:9f:ff:e0:6d:a0:34:07:21:9d:ce:14:2a:51:
f5:92:5b:39:07:b5:cd:f7:86:14:98:3f:b1:20:2b:
6d:d4:0a:a4:2f:a8:43:39:6b:55:3a:ac:0f:ba:71:
bc:f2:af:89:6b:6a:dd:9a:33:34:11:0a:f9:5a:6a:
2a:4c:c7:17:30:6e:e1:86:a5:08:83:87:97:77:12:
27:a4:9b:f7:37:3c:6b:a4:a0:39:36:2e:51:38:27:
de:8c:6d:6d:26:f5:0e:87:c4:1e:15:cb:ef:a4:4e:
c2:ab:0f:de:85:ac:0e:f5:48:1e:ac:8c:3b:81:4b:
f5:a1:c6:a0:64:89:06:f0:49:91:eb:b5:32:68:71:
66:34:68:bb:3c:94:fc:2f:64:90:f2:da:90:09:4c:
39:fb:23:b1:fc:b4:19:80:22:c2:59:a4:c6:b3:93:
8b:a7:89:6a:99:51:1d:28:88:3f:d7:58:7f:fb:f2:
e3:4c:da:aa:7e:f6:84:cd:15:a4:15:bb:d4:cb:2b:
3e:bb:52:bc:d7:9e:6d:72:f5:13:3b:20:0e:32:3d:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DD:80:DE:B5:33:F2:9F:73:4D:1D:9E:C3:1C:00:A3:72:D1:40:04
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oN2A3rUz8p9zTR2ewxwAo3LRQAQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:4c:d0:7b:a3:d3:0e:3a:5c:c3:bf:4c:57:e6:f6:51:c0:8d:
96:6d:69:a5:b8:18:7b:b2:56:86:b2:a0:6a:0a:ab:25:f8:17:
5d:ad:a2:21:5a:2f:3a:f5:c3:8a:67:8c:dc:31:ab:45:ff:a1:
92:f5:39:b5:2e:df:2c:eb:b4:83:2f:6f:20:da:66:51:ba:78:
b9:51:66:b1:f0:f0:7d:24:54:4c:05:43:a0:13:ad:b3:ae:43:
0f:4c:b4:08:0a:c8:8b:fd:c1:cf:81:9b:b9:3a:a6:d9:05:ac:
d1:bb:ce:b9:7e:9d:8d:33:24:f8:df:78:80:73:1b:fd:37:c9:
bd:a7:d5:d4:0d:90:18:3f:b1:be:9a:6a:08:be:6f:ee:52:7f:
d3:a0:57:60:61:8a:1f:01:15:c5:78:4e:89:1e:b1:71:3c:1e:
3a:1b:4f:22:ce:db:7b:99:f9:df:47:7f:aa:36:b3:9c:71:4f:
36:fa:5d:19:74:da:33:e8:50:ce:55:68:4b:8e:7c:cf:5a:3a:
59:22:cf:be:87:03:40:74:30:dc:2e:59:17:f9:69:fe:15:4b:
a5:b2:9e:35:d4:7a:9c:49:ef:db:b3:fc:ca:cc:54:06:df:34:
7c:a1:a4:b5:a1:78:26:e5:08:72:a7:ed:c6:c9:b2:10:e5:de:
df:92:f6:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
MDM3NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEwREQ4MERFQjUzM0Yy
OUY3MzREMUQ5RUMzMUMwMEEzNzJEMTQwMDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNLpKjQ4Ap842OmIDHDUMpWhn5AMRldUFtwWdtvtF1X0R7dsXQ
SFdN3WHmwQKIn//gbaA0ByGdzhQqUfWSWzkHtc33hhSYP7EgK23UCqQvqEM5a1U6
rA+6cbzyr4lrat2aMzQRCvlaaipMxxcwbuGGpQiDh5d3Eiekm/c3PGukoDk2LlE4
J96MbW0m9Q6HxB4Vy++kTsKrD96FrA71SB6sjDuBS/WhxqBkiQbwSZHrtTJocWY0
aLs8lPwvZJDy2pAJTDn7I7H8tBmAIsJZpMazk4uniWqZUR0oiD/XWH/78uNM2qp+
9oTNFaQVu9TLKz67UrzXnm1y9RM7IA4yPRhlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoN2A3rUz8p9zTR2ewxwAo3LRQAQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vTjJBM3JVejhwOXpUUjJl
d3h3QW8zTFJRQVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJRM0Huj0w46XMO/TFfm9lHAjZZtaaW4GHuy
VoayoGoKqyX4F12toiFaLzr1w4pnjNwxq0X/oZL1ObUu3yzrtIMvbyDaZlG6eLlR
ZrHw8H0kVEwFQ6ATrbOuQw9MtAgKyIv9wc+Bm7k6ptkFrNG7zrl+nY0zJPjfeIBz
G/03yb2n1dQNkBg/sb6aagi+b+5Sf9OgV2Bhih8BFcV4TokesXE8HjobTyLO23uZ
+d9Hf6o2s5xxTzb6XRl02jPoUM5VaEuOfM9aOlkiz76HA0B0MNwuWRf5af4VS6Wy
njXUepxJ79uz/MrMVAbfNHyhpLWheCblCHKn7cbJshDl3t+S9gY=
-----END CERTIFICATE-----
Generated at Mon May 19 00:18:01 2025 by rpki-client