Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qaV6Dc2vjy7EYtkYPqSmtacelzI.roa
File: qaV6Dc2vjy7EYtkYPqSmtacelzI.roa (raw, json)
Hash identifier: 3DEANDNdla65XlN1V3RSATD39xtNghdGPU8pTLp9t28=
Subject key identifier: A9:A5:7A:0D:CD:AF:8F:2E:C4:62:D9:18:3E:A4:A6:B5:A7:1E:97:32
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06DE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qaV6Dc2vjy7EYtkYPqSmtacelzI.roa
Signing time: Fri 16 May 2025 05:38:03 +0000
ROA not before: Fri 16 May 2025 05:38:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1758 (0x6de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 05:38:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A9A57A0DCDAF8F2EC462D9183EA4A6B5A71E9732
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1d:c9:a7:56:5b:44:be:4b:c2:3e:b6:78:ed:
68:68:dc:38:b9:84:42:5e:a5:43:13:b2:fc:cc:e5:
c2:c4:41:03:b0:74:54:df:42:d0:45:fc:c6:ea:99:
5f:44:df:16:e6:78:d9:bb:19:be:b7:eb:77:1a:57:
09:15:36:2f:ff:5d:69:75:8f:3d:ae:f6:ed:84:b7:
95:37:45:84:2e:d8:a0:3e:08:89:84:80:3d:be:1b:
a1:19:e0:65:83:80:d2:e2:6c:6b:00:24:b7:ec:00:
04:5c:3d:79:01:78:00:4e:f7:d5:ee:45:e8:4a:95:
6f:2c:c4:f6:64:ab:f4:18:e0:f2:77:de:bd:72:aa:
10:75:d6:8b:73:65:e5:80:71:f5:8e:18:b2:fc:5d:
0b:f0:fe:50:46:f0:20:f6:2f:07:1e:b7:73:05:a6:
9a:cb:c0:1d:2b:87:7e:d9:c5:36:95:7b:13:e1:2e:
02:36:2b:0a:0e:b0:c2:6b:2d:19:84:2c:7c:65:98:
77:e5:e2:bf:99:7d:55:a0:b7:cc:04:db:51:c8:65:
e8:9d:fe:fd:78:f7:ed:7e:6f:96:18:0f:7c:8f:b2:
9f:9f:6e:7c:ad:61:1d:83:d1:db:9f:60:7f:db:40:
b6:db:2f:b9:4c:4a:3a:c2:25:41:e7:19:6a:87:8f:
76:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A5:7A:0D:CD:AF:8F:2E:C4:62:D9:18:3E:A4:A6:B5:A7:1E:97:32
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qaV6Dc2vjy7EYtkYPqSmtacelzI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:5a:84:cc:39:3c:72:66:06:0f:d1:34:5d:a7:03:aa:63:cb:
42:10:82:19:89:ce:1c:07:6f:1c:54:ca:6e:15:df:63:61:82:
78:1c:85:e7:67:c9:95:89:99:4b:83:a6:eb:31:03:07:72:09:
9a:10:7c:cf:55:09:f3:5c:dc:2d:a3:6e:d3:e7:3e:b4:9c:bd:
46:64:1b:41:54:b6:1f:de:69:96:62:42:38:c5:ee:b5:51:67:
9d:0c:4e:9d:44:80:81:1f:14:78:9f:cf:7a:0b:42:81:f6:0d:
f0:49:a0:07:e6:85:15:86:3a:ab:81:c1:ed:2f:64:a9:8f:89:
b3:86:80:bf:ba:f0:d8:11:04:21:4c:04:28:38:aa:9c:3d:9c:
57:c0:a3:73:00:ab:40:4c:cf:cc:f6:f2:44:d9:a6:a9:ca:f5:
ef:bf:0b:5e:61:0e:5b:3a:10:08:c8:e8:fe:90:80:4e:97:13:
a3:3a:66:46:6c:72:70:50:ef:bb:a4:7d:79:6c:67:e3:d6:d3:
90:40:61:a2:2f:69:87:90:77:dd:0e:53:79:a1:ad:fd:46:87:
9b:29:97:81:37:e1:bd:48:30:d3:08:3e:f4:25:61:55:c0:98:
6e:48:4f:09:c6:3a:d9:3c:92:61:86:ea:3b:33:0d:42:ea:e2:
90:24:11:9d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
NTM4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE5QTU3QTBEQ0RBRjhG
MkVDNDYyRDkxODNFQTRBNkI1QTcxRTk3MzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9HcmnVltEvkvCPrZ47Who3Di5hEJepUMTsvzM5cLEQQOwdFTf
QtBF/MbqmV9E3xbmeNm7Gb6363caVwkVNi//XWl1jz2u9u2Et5U3RYQu2KA+CImE
gD2+G6EZ4GWDgNLibGsAJLfsAARcPXkBeABO99XuRehKlW8sxPZkq/QY4PJ33r1y
qhB11otzZeWAcfWOGLL8XQvw/lBG8CD2Lwcet3MFpprLwB0rh37ZxTaVexPhLgI2
KwoOsMJrLRmELHxlmHfl4r+ZfVWgt8wE21HIZeid/v149+1+b5YYD3yPsp+fbnyt
YR2D0dufYH/bQLbbL7lMSjrCJUHnGWqHj3brAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqaV6Dc2vjy7EYtkYPqSmtacelzIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xYVY2RGMydmp5N0VZdGtZ
UHFTbXRhY2Vsekkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAExahMw5PHJmBg/RNF2nA6pjy0IQghmJzhwH
bxxUym4V32NhgngchednyZWJmUuDpusxAwdyCZoQfM9VCfNc3C2jbtPnPrScvUZk
G0FUth/eaZZiQjjF7rVRZ50MTp1EgIEfFHifz3oLQoH2DfBJoAfmhRWGOquBwe0v
ZKmPibOGgL+68NgRBCFMBCg4qpw9nFfAo3MAq0BMz8z28kTZpqnK9e+/C15hDls6
EAjI6P6QgE6XE6M6ZkZscnBQ77ukfXlsZ+PW05BAYaIvaYeQd90OU3mhrf1Gh5sp
l4E34b1IMNMIPvQlYVXAmG5ITwnGOtk8kmGG6jszDULq4pAkEZ0=
-----END CERTIFICATE-----
Generated at Sat May 17 21:29:28 2025 by rpki-client