Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qBMWRpU-qRL6TpIPKvk4BbXxtI0.roa
File: qBMWRpU-qRL6TpIPKvk4BbXxtI0.roa (raw, json)
Hash identifier: 8Ft4YvgBBq8QQb2NRNUpUd33a0LMDdsviSg6yRn+UiI=
Subject key identifier: A8:13:16:46:95:3E:A9:12:FA:4E:92:0F:2A:F9:38:05:B5:F1:B4:8D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0202
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qBMWRpU-qRL6TpIPKvk4BbXxtI0.roa
Signing time: Fri 09 May 2025 18:08:19 +0000
ROA not before: Fri 09 May 2025 18:08:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 514 (0x202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 18:08:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A8131646953EA912FA4E920F2AF93805B5F1B48D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a0:5c:05:92:1e:28:e2:2d:7f:69:22:6b:61:
3b:09:7a:05:c2:db:7d:f4:3c:3f:43:c6:96:f5:b1:
ec:49:58:d3:32:e1:73:d6:8d:c9:af:24:bc:de:2f:
16:27:f4:d5:c6:c8:db:af:0d:d5:87:2a:32:46:23:
6c:3e:3f:7a:9a:53:14:c7:5a:9f:b4:05:1f:89:73:
0b:d6:74:c8:b3:6d:fe:22:8f:bd:d7:0a:f5:38:7c:
cc:82:33:2b:1b:89:19:4c:eb:6d:2f:24:08:31:a2:
91:42:10:9a:59:80:cb:0e:36:b8:a3:94:9b:31:50:
00:e8:75:34:53:de:57:7e:f3:77:76:ba:e3:7b:e9:
c2:89:51:53:61:75:25:06:63:e6:a9:52:37:41:08:
8f:70:f1:2a:4d:c3:51:54:49:08:05:80:f1:67:e7:
86:53:ae:22:57:c1:4f:24:5e:f0:28:b5:86:08:1d:
6e:21:f4:d0:f0:e8:de:be:5d:f8:33:3d:d0:c2:dd:
08:2b:a9:62:d3:2b:1f:2c:65:02:27:fd:9e:54:1a:
04:a9:16:23:fc:e0:ee:8f:6c:9f:59:95:1f:40:64:
98:38:f9:c2:59:13:83:a0:27:14:46:ff:0f:c3:08:
5d:28:47:37:70:dd:94:f6:44:53:4b:a5:cc:3e:21:
ce:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:13:16:46:95:3E:A9:12:FA:4E:92:0F:2A:F9:38:05:B5:F1:B4:8D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qBMWRpU-qRL6TpIPKvk4BbXxtI0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:14:63:c2:99:e3:18:74:5b:aa:b4:9a:92:2d:6c:52:89:cc:
95:77:3e:3a:3f:a0:c2:99:39:06:8c:bc:a4:48:91:49:6b:e6:
9b:9c:e9:4c:23:47:64:6b:28:1a:0a:d6:30:40:bc:f0:65:02:
30:f0:5f:3c:b7:39:6f:45:dd:58:89:86:5b:b5:36:af:27:d3:
03:ef:a8:33:33:68:41:4f:9b:3c:db:ec:b9:f4:fe:a6:b9:3f:
ac:8d:73:1d:dc:d2:27:e6:d2:8b:f7:7a:1f:26:d2:61:69:bc:
c0:97:79:cd:20:50:9b:49:da:ab:2f:d7:6f:c0:3c:36:7e:29:
36:78:c7:c3:ef:06:3b:c8:15:9a:ba:54:5d:98:b9:d5:90:d0:
5d:b1:f7:9c:4f:02:50:ab:48:b1:28:e2:2c:80:48:1a:51:84:
80:a4:af:49:44:bf:d6:a2:c4:be:8c:f6:e7:70:16:8a:6a:bf:
14:78:07:6c:18:d7:91:af:1e:d2:86:cf:c8:a4:49:49:9f:8e:
ea:44:bd:2f:37:77:ce:82:cd:0d:03:50:32:19:cd:ef:04:b1:
e6:d8:ea:0f:87:4e:49:b8:44:6b:79:d0:83:64:ae:97:27:a5:
5e:dc:17:4a:2c:9f:ca:28:5c:81:27:07:76:30:a2:97:e0:c7:
d1:f3:6e:8f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAgIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
ODA4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE4MTMxNjQ2OTUzRUE5
MTJGQTRFOTIwRjJBRjkzODA1QjVGMUI0OEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCQoFwFkh4o4i1/aSJrYTsJegXC2330PD9Dxpb1sexJWNMy4XPW
jcmvJLzeLxYn9NXGyNuvDdWHKjJGI2w+P3qaUxTHWp+0BR+JcwvWdMizbf4ij73X
CvU4fMyCMysbiRlM620vJAgxopFCEJpZgMsONrijlJsxUADodTRT3ld+83d2uuN7
6cKJUVNhdSUGY+apUjdBCI9w8SpNw1FUSQgFgPFn54ZTriJXwU8kXvAotYYIHW4h
9NDw6N6+XfgzPdDC3QgrqWLTKx8sZQIn/Z5UGgSpFiP84O6PbJ9ZlR9AZJg4+cJZ
E4OgJxRG/w/DCF0oRzdw3ZT2RFNLpcw+Ic7fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqBMWRpU+qRL6TpIPKvk4BbXxtI0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xQk1XUnBVLXFSTDZUcElQ
S3ZrNEJiWHh0STAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAB8UY8KZ4xh0W6q0mpItbFKJzJV3Pjo/oMKZ
OQaMvKRIkUlr5puc6UwjR2RrKBoK1jBAvPBlAjDwXzy3OW9F3ViJhlu1Nq8n0wPv
qDMzaEFPmzzb7Ln0/qa5P6yNcx3c0ifm0ov3eh8m0mFpvMCXec0gUJtJ2qsv12/A
PDZ+KTZ4x8PvBjvIFZq6VF2YudWQ0F2x95xPAlCrSLEo4iyASBpRhICkr0lEv9ai
xL6M9udwFopqvxR4B2wY15GvHtKGz8ikSUmfjupEvS83d86CzQ0DUDIZze8EsebY
6g+HTkm4RGt50INkrpcnpV7cF0osn8ooXIEnB3Ywopfgx9Hzbo8=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:26 2025 by rpki-client