Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/pzbNstqVhU7m75MemZY8NNj89iE.roa
File: pzbNstqVhU7m75MemZY8NNj89iE.roa (raw, json)
Hash identifier: 9Px6m6ELfssxqHvqrT6knCl423WJ+svcAQxPeqrytIs=
Subject key identifier: A7:36:CD:B2:DA:95:85:4E:E6:EF:93:1E:99:96:3C:34:D8:FC:F6:21
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 061A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pzbNstqVhU7m75MemZY8NNj89iE.roa
Signing time: Thu 15 May 2025 05:08:08 +0000
ROA not before: Thu 15 May 2025 05:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1562 (0x61a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 05:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A736CDB2DA95854EE6EF931E99963C34D8FCF621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:74:2f:f8:41:57:28:f6:49:6b:a2:22:06:6c:
32:ad:ac:36:ba:a2:4b:a7:65:ff:7e:7d:48:f9:d5:
8c:e9:a5:74:bc:5e:98:78:dd:10:3f:9f:af:d6:5e:
32:91:b1:87:58:0b:50:ed:f4:93:b6:e3:3c:69:d8:
19:0d:ff:5f:4d:27:6c:ef:e3:96:b3:ac:93:7b:a8:
fe:4e:64:25:58:70:da:ce:ce:88:59:93:cf:f0:c6:
17:a7:6c:5d:11:fa:6a:db:ca:5c:96:a6:5c:48:0e:
83:8a:b7:de:9d:cf:f5:6b:53:cb:30:3e:b9:d1:27:
59:7e:f9:4a:19:7f:ad:e6:99:da:df:fc:4b:f8:b5:
d3:9e:00:3a:b8:a5:ad:5a:32:5e:bf:49:99:2a:e3:
4a:a8:fa:31:85:43:ce:b4:ef:dc:29:94:63:94:92:
c9:4f:54:b8:61:59:b7:b8:59:b4:b4:e8:1e:4d:d4:
a7:63:63:34:13:63:b7:60:3b:a4:83:de:e2:a5:9f:
b0:67:0f:c2:ba:fa:3f:c8:95:67:b9:6e:1a:56:6e:
a3:9f:d1:81:31:0d:72:00:02:55:df:f3:c8:6e:90:
8b:96:b4:10:a0:d6:e6:e4:e0:f9:64:e8:7b:44:36:
50:a4:e9:d8:31:46:64:6d:26:26:66:03:03:9d:00:
b4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:36:CD:B2:DA:95:85:4E:E6:EF:93:1E:99:96:3C:34:D8:FC:F6:21
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/pzbNstqVhU7m75MemZY8NNj89iE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:65:3a:2b:d2:8e:41:c5:31:14:e2:9b:67:e6:ba:60:c6:dc:
7e:61:cf:cb:02:38:81:3c:2e:e1:77:8a:39:4e:c1:88:a7:aa:
c0:0e:d9:2c:bd:dc:b3:c9:c0:95:f3:a6:79:8b:12:b1:d1:94:
aa:b8:ad:9b:7e:f0:7d:ee:3b:4d:d6:f0:cf:8f:07:b3:a4:11:
6c:dc:8e:0c:d5:13:74:5b:c5:89:52:d9:06:4b:aa:f8:79:09:
3b:2e:59:8c:8a:5a:0e:85:00:9f:dd:38:98:61:35:17:14:cf:
55:27:3e:50:64:64:43:c7:c8:d9:da:89:ef:ad:94:e0:79:ff:
75:9e:9c:e7:de:e2:73:df:df:27:d5:49:67:b2:5a:22:85:97:
0a:9a:c4:06:f9:dd:26:69:13:ea:ca:59:8a:cd:ea:c9:11:45:
d6:a2:e2:26:d4:39:76:85:9b:a8:67:6f:a2:2e:04:c9:dd:e1:
db:7d:fc:09:b6:f8:cb:29:8e:cd:59:cc:a9:ac:bd:46:49:ec:
b4:83:6c:7a:a2:9d:34:a2:65:76:bd:91:7b:57:47:d0:32:65:
c1:68:6e:89:83:37:32:e4:92:9c:27:d4:e3:bf:67:10:3e:4f:
39:03:e6:e0:22:90:76:c1:66:fe:e6:ca:8f:84:51:c0:5b:b1:
82:d9:4a:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
NTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE3MzZDREIyREE5NTg1
NEVFNkVGOTMxRTk5OTYzQzM0RDhGQ0Y2MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkdC/4QVco9klroiIGbDKtrDa6okunZf9+fUj51YzppXS8Xph4
3RA/n6/WXjKRsYdYC1Dt9JO24zxp2BkN/19NJ2zv45azrJN7qP5OZCVYcNrOzohZ
k8/wxhenbF0R+mrbylyWplxIDoOKt96dz/VrU8swPrnRJ1l++UoZf63mmdrf/Ev4
tdOeADq4pa1aMl6/SZkq40qo+jGFQ86079wplGOUkslPVLhhWbe4WbS06B5N1Kdj
YzQTY7dgO6SD3uKln7BnD8K6+j/IlWe5bhpWbqOf0YExDXIAAlXf88hukIuWtBCg
1ubk4Plk6HtENlCk6dgxRmRtJiZmAwOdALRBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUpzbNstqVhU7m75MemZY8NNj89iEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wemJOc3RxVmhVN203NU1l
bVpZOE5Oajg5aUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACFlOivSjkHFMRTim2fmumDG3H5hz8sCOIE8
LuF3ijlOwYinqsAO2Sy93LPJwJXzpnmLErHRlKq4rZt+8H3uO03W8M+PB7OkEWzc
jgzVE3RbxYlS2QZLqvh5CTsuWYyKWg6FAJ/dOJhhNRcUz1UnPlBkZEPHyNnaie+t
lOB5/3WenOfe4nPf3yfVSWeyWiKFlwqaxAb53SZpE+rKWYrN6skRRdai4ibUOXaF
m6hnb6IuBMnd4dt9/Am2+Mspjs1ZzKmsvUZJ7LSDbHqinTSiZXa9kXtXR9AyZcFo
bomDNzLkkpwn1OO/ZxA+TzkD5uAikHbBZv7myo+EUcBbsYLZSoI=
-----END CERTIFICATE-----
Generated at Sun May 18 09:53:03 2025 by rpki-client