Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sUM4OarO9M4T3oACSLNHCGCvC3I.roa
File: sUM4OarO9M4T3oACSLNHCGCvC3I.roa (raw, json)
Hash identifier: 0UzbSbByzhtLjDxReSofYsoXztwsQjIck4tTNuxgDbY=
Subject key identifier: B1:43:38:39:AA:CE:F4:CE:13:DE:80:02:48:B3:47:08:60:AF:0B:72
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 031E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sUM4OarO9M4T3oACSLNHCGCvC3I.roa
Signing time: Sun 11 May 2025 05:38:24 +0000
ROA not before: Sun 11 May 2025 05:38:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 798 (0x31e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 05:38:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B1433839AACEF4CE13DE800248B3470860AF0B72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d4:6d:b7:e3:45:31:99:b5:7c:6a:43:32:f0:
72:95:a9:5d:0c:50:53:f5:11:7c:53:92:18:ff:3a:
00:fe:ca:d6:bb:57:58:09:c1:89:ba:a1:7e:bb:46:
0e:19:3a:d4:cd:19:2d:b9:0e:50:45:2d:6d:df:59:
da:a1:c6:86:8f:dd:20:8b:26:c2:53:5a:5f:fa:8f:
c8:9d:66:07:1b:71:e3:9b:57:85:a9:a6:3a:b6:90:
dc:f6:14:ee:6e:ec:de:f8:e2:3f:b6:d3:e2:69:4b:
df:2f:1a:70:af:32:64:40:1c:f9:9c:b6:7b:53:5e:
fb:9f:16:23:93:b9:81:88:a4:a6:3a:26:3b:c2:80:
9c:3d:c1:56:dc:d9:80:77:41:7c:66:5f:0e:b4:ce:
8c:cc:c6:ea:5c:a7:9d:af:39:b6:2d:6e:2f:49:ab:
e9:84:32:b3:f4:e5:47:19:47:12:e6:10:2c:3a:1e:
d1:52:16:86:44:bb:ae:64:f4:68:3a:f7:9d:2c:04:
cc:c6:00:4a:ee:91:74:43:30:f9:3d:d5:93:ee:b9:
42:8f:20:a1:36:ba:a8:42:b2:9a:a3:72:32:19:60:
37:c8:b7:b9:86:07:23:bd:72:cd:d5:3b:09:31:42:
46:3b:bf:d6:01:b9:d8:e3:5f:9a:e3:91:0e:4a:4f:
86:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:43:38:39:AA:CE:F4:CE:13:DE:80:02:48:B3:47:08:60:AF:0B:72
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sUM4OarO9M4T3oACSLNHCGCvC3I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:14:49:3d:f1:4b:4c:5c:0e:42:0d:e9:69:70:1d:7b:fd:eb:
bf:f4:ba:bd:8d:16:e9:88:c6:ad:7b:94:16:6b:92:92:aa:38:
e9:ab:c7:1b:d3:50:07:97:e2:67:73:e7:86:5f:77:bd:59:68:
f0:18:16:1d:45:98:0f:72:60:7d:1f:49:5a:5e:79:1f:d2:90:
7e:4b:67:87:98:cb:b2:b7:c2:14:09:a6:91:32:90:eb:ab:76:
84:30:a7:04:f8:b4:61:95:5d:a2:05:a4:49:79:76:48:24:fd:
bd:57:ea:0c:23:cb:f4:37:64:f4:66:76:1d:39:1c:a4:39:93:
76:15:3c:49:ea:a7:ff:20:97:3c:b1:d4:1c:d1:32:9b:7c:ab:
2d:35:07:69:fc:a9:cf:73:1d:5f:8a:ce:b1:bf:f6:d9:f4:f6:
06:04:35:e3:fa:1c:ad:d9:3d:5c:43:11:21:62:84:cc:f7:79:
71:c3:c9:49:c2:f2:bc:c1:12:79:a4:73:1f:3e:e7:ad:ff:48:
ca:04:27:1c:67:d8:fa:72:22:71:b3:d6:c2:cd:62:77:95:88:
08:c3:4b:ee:85:e1:34:26:1d:fa:8d:dd:7c:47:66:11:52:93:
e6:9b:31:0c:14:a0:c5:5e:77:6a:d0:8a:48:97:52:25:1a:57:
4c:3b:c8:cd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEw
NTM4MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIxNDMzODM5QUFDRUY0
Q0UxM0RFODAwMjQ4QjM0NzA4NjBBRjBCNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp1G2340UxmbV8akMy8HKVqV0MUFP1EXxTkhj/OgD+yta7V1gJ
wYm6oX67Rg4ZOtTNGS25DlBFLW3fWdqhxoaP3SCLJsJTWl/6j8idZgcbceObV4Wp
pjq2kNz2FO5u7N744j+20+JpS98vGnCvMmRAHPmctntTXvufFiOTuYGIpKY6JjvC
gJw9wVbc2YB3QXxmXw60zozMxupcp52vObYtbi9Jq+mEMrP05UcZRxLmECw6HtFS
FoZEu65k9Gg6950sBMzGAErukXRDMPk91ZPuuUKPIKE2uqhCspqjcjIZYDfIt7mG
ByO9cs3VOwkxQkY7v9YBudjjX5rjkQ5KT4ZLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsUM4OarO9M4T3oACSLNHCGCvC3IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zVU00T2FyTzlNNFQzb0FD
U0xOSENHQ3ZDM0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABIUST3xS0xcDkIN6WlwHXv967/0ur2NFumI
xq17lBZrkpKqOOmrxxvTUAeX4mdz54Zfd71ZaPAYFh1FmA9yYH0fSVpeeR/SkH5L
Z4eYy7K3whQJppEykOurdoQwpwT4tGGVXaIFpEl5dkgk/b1X6gwjy/Q3ZPRmdh05
HKQ5k3YVPEnqp/8glzyx1BzRMpt8qy01B2n8qc9zHV+KzrG/9tn09gYENeP6HK3Z
PVxDESFihMz3eXHDyUnC8rzBEnmkcx8+563/SMoEJxxn2PpyInGz1sLNYneViAjD
S+6F4TQmHfqN3XxHZhFSk+abMQwUoMVed2rQikiXUiUaV0w7yM0=
-----END CERTIFICATE-----
Generated at Sun May 18 04:53:05 2025 by rpki-client