Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rJX_6fCvN4rS1tclVpoRuTwd_MM.roa
File: rJX_6fCvN4rS1tclVpoRuTwd_MM.roa (raw, json)
Hash identifier: S+Cn8JvjtJv8sg0WBoUwvRnRm2GzQxzCYlzGSmW2K0U=
Subject key identifier: AC:95:FF:E9:F0:AF:37:8A:D2:D6:D7:25:56:9A:11:B9:3C:1D:FC:C3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 038A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rJX_6fCvN4rS1tclVpoRuTwd_MM.roa
Signing time: Sun 11 May 2025 19:08:19 +0000
ROA not before: Sun 11 May 2025 19:08:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 906 (0x38a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 19:08:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AC95FFE9F0AF378AD2D6D725569A11B93C1DFCC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:10:01:b1:9c:da:57:3d:e5:66:73:3c:87:39:
04:46:81:89:ce:99:b1:ee:45:3c:44:9e:b3:d3:e4:
f2:0a:ab:de:70:1a:4a:14:f3:c0:d8:38:ea:a3:ec:
1a:2d:7a:83:34:e3:b2:dd:68:4a:4e:9c:f1:b7:9a:
ab:1a:cd:8d:7f:d8:06:ce:9e:9a:5e:9c:f3:ce:c6:
42:58:89:57:1d:22:9b:57:50:bc:b2:28:0b:fa:0f:
d8:26:91:e9:28:43:09:0c:49:8b:fc:f4:2b:74:1a:
30:64:ec:43:5d:29:fa:8c:8e:73:13:20:da:6d:24:
3a:54:2a:a6:be:8b:5c:55:8b:74:f8:cd:5c:36:29:
16:68:e2:fb:36:f7:21:e5:7c:fb:69:37:9c:ab:01:
61:28:1d:48:d1:56:32:46:a5:13:ab:9c:43:c8:8e:
85:a2:a9:eb:9a:e8:9e:38:47:3c:ca:d0:97:33:57:
99:84:09:52:b8:af:91:96:dd:28:ca:6a:59:03:97:
93:59:44:26:3a:1e:9f:52:af:b3:d9:27:41:a5:0e:
cb:43:7a:d7:1e:dd:d2:46:a2:47:e3:58:75:f1:d8:
41:28:89:34:b0:ac:af:a0:e6:28:39:44:47:76:ad:
76:fa:73:87:a1:8c:53:38:dc:1f:f5:7b:54:af:70:
0d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:95:FF:E9:F0:AF:37:8A:D2:D6:D7:25:56:9A:11:B9:3C:1D:FC:C3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rJX_6fCvN4rS1tclVpoRuTwd_MM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:1c:ff:86:e4:aa:1b:e7:a6:2d:41:1e:a7:bf:42:71:e5:f1:
07:a5:52:e0:11:be:c4:e0:6c:69:c8:a2:7d:34:c0:16:09:78:
83:b2:46:ac:48:a6:3d:77:81:bb:5d:84:f8:7f:9b:64:5c:8c:
96:94:66:93:f1:f7:31:eb:17:54:f0:40:65:31:b5:95:b6:97:
79:59:27:db:cb:1a:06:e5:83:cd:22:d3:af:49:8b:ea:2f:2d:
f2:32:44:46:43:d6:74:a6:88:98:6b:d9:40:af:45:bb:24:2c:
0e:ec:98:d7:c4:c4:eb:77:16:31:df:06:a3:8d:6b:e6:cd:e9:
29:43:28:ad:0a:ff:da:e9:bc:b9:79:bc:5e:da:c9:d8:6b:3a:
d3:cd:d7:0d:56:b0:2c:a9:a8:15:30:08:5b:e4:f2:8a:1a:e7:
61:33:a7:92:42:9f:cc:d1:39:5b:08:54:05:6a:b9:cf:cc:d7:
c1:97:30:42:9e:86:15:0a:8a:60:d9:54:ee:c7:ba:cf:de:9a:
a6:02:a9:0b:a7:a7:52:1d:16:ee:a2:ce:59:7d:31:2d:2f:4a:
98:2e:30:aa:bf:8f:c1:77:50:d1:58:f1:95:6a:f3:23:4f:b2:
0b:1d:ba:0a:34:d4:63:57:e6:71:d4:df:e0:04:69:7c:76:3c:
75:f8:c4:9a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA4owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
OTA4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFDOTVGRkU5RjBBRjM3
OEFEMkQ2RDcyNTU2OUExMUI5M0MxREZDQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFEAGxnNpXPeVmczyHOQRGgYnOmbHuRTxEnrPT5PIKq95wGkoU
88DYOOqj7BoteoM047LdaEpOnPG3mqsazY1/2AbOnppenPPOxkJYiVcdIptXULyy
KAv6D9gmkekoQwkMSYv89Ct0GjBk7ENdKfqMjnMTINptJDpUKqa+i1xVi3T4zVw2
KRZo4vs29yHlfPtpN5yrAWEoHUjRVjJGpROrnEPIjoWiqeua6J44RzzK0JczV5mE
CVK4r5GW3SjKalkDl5NZRCY6Hp9Sr7PZJ0GlDstDetce3dJGokfjWHXx2EEoiTSw
rK+g5ig5REd2rXb6c4ehjFM43B/1e1SvcA3vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrJX/6fCvN4rS1tclVpoRuTwd/MMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ySlhfNmZDdk40clMxdGNs
VnBvUnVUd2RfTU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABsc/4bkqhvnpi1BHqe/QnHl8QelUuARvsTg
bGnIon00wBYJeIOyRqxIpj13gbtdhPh/m2RcjJaUZpPx9zHrF1TwQGUxtZW2l3lZ
J9vLGgblg80i069Ji+ovLfIyREZD1nSmiJhr2UCvRbskLA7smNfExOt3FjHfBqON
a+bN6SlDKK0K/9rpvLl5vF7aydhrOtPN1w1WsCypqBUwCFvk8ooa52Ezp5JCn8zR
OVsIVAVquc/M18GXMEKehhUKimDZVO7Hus/emqYCqQunp1IdFu6izll9MS0vSpgu
MKq/j8F3UNFY8ZVq8yNPsgsdugo01GNX5nHU3+AEaXx2PHX4xJo=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:08 2025 by rpki-client