Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tAuxO2QxMlwvSQAFpgNyTpl4WAw.roa
File: tAuxO2QxMlwvSQAFpgNyTpl4WAw.roa (raw, json)
Hash identifier: G2SK1C1VJNyxLVOxF29KaBMi3zK8gkJhKzvWaBJ5Zmw=
Subject key identifier: B4:0B:B1:3B:64:31:32:5C:2F:49:00:05:A6:03:72:4E:99:78:58:0C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0176
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tAuxO2QxMlwvSQAFpgNyTpl4WAw.roa
Signing time: Fri 09 May 2025 00:38:14 +0000
ROA not before: Fri 09 May 2025 00:38:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 374 (0x176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 00:38:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B40BB13B6431325C2F490005A603724E9978580C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:3e:b2:ff:d8:f4:2a:dc:8d:92:58:05:74:0d:
f1:cb:d3:0d:70:d6:d6:1b:94:83:5e:98:d5:fe:10:
a2:89:94:df:f8:84:d4:41:dd:c0:0b:df:b2:63:74:
6b:1c:69:4d:ef:6a:7b:43:b2:6b:76:42:5b:ae:1c:
3a:b7:3d:c3:a6:07:b1:b0:03:a1:2e:8f:b5:f6:ee:
d4:63:f4:a3:b2:41:ec:42:b0:65:df:01:da:5f:b9:
ed:16:78:0f:35:32:69:b7:73:f7:79:f4:6e:4c:0b:
d7:39:ef:4f:8b:00:ff:c2:1a:68:ba:a4:52:2b:c7:
ad:45:9b:c9:c4:58:f8:59:64:df:24:8a:3f:a0:4a:
81:2e:08:28:14:4c:92:bf:5e:1c:89:09:53:bc:70:
6c:2e:a0:84:dd:f3:ec:04:9b:76:37:a4:02:15:21:
c7:4c:7b:51:e6:0d:a8:85:71:f3:54:b5:c0:ac:45:
01:8a:f0:2a:63:d5:02:f1:d8:79:50:98:96:6a:89:
cb:3d:13:95:27:bc:c7:a9:71:a8:29:7a:bc:fd:2a:
c8:06:c6:84:cb:b8:43:f5:10:2e:d7:06:97:3d:67:
7a:56:46:5b:99:0a:8a:5c:d7:69:10:af:ff:cd:02:
8d:80:0b:32:52:86:42:9f:29:ae:b6:65:aa:13:5a:
e2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0B:B1:3B:64:31:32:5C:2F:49:00:05:A6:03:72:4E:99:78:58:0C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tAuxO2QxMlwvSQAFpgNyTpl4WAw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:ef:3a:bc:62:fb:c8:2f:9d:43:13:e4:18:bf:0c:7f:23:25:
a8:f5:df:15:b6:80:b3:eb:c5:3c:41:29:04:05:46:e7:e0:25:
4a:d9:14:97:03:8c:64:07:62:02:e5:23:25:24:2c:6b:47:0a:
58:9f:b1:bb:27:37:6d:ea:44:7a:6d:01:91:b5:6c:dc:ea:c7:
68:4f:d7:8b:32:c2:9b:2d:a0:4f:03:9b:f9:99:6f:b8:a2:3a:
44:86:6a:d8:b5:9d:50:10:3d:f0:ff:04:27:af:5d:03:8b:86:
79:ad:21:19:86:1c:32:5d:05:09:48:b8:be:ea:9a:ae:56:ac:
51:bb:af:22:94:f0:7e:88:ec:70:b7:61:15:15:13:31:82:eb:
f5:bb:e8:04:95:f6:46:a1:26:44:56:07:50:3f:ac:19:86:c1:
11:00:63:ff:b9:80:11:4c:a8:20:b8:7f:8d:8a:a0:17:f0:19:
2a:9b:4f:f5:bf:ca:36:0c:80:c6:33:52:31:cd:f8:6a:c8:90:
f8:9d:d4:2b:52:8c:b4:f0:af:92:d3:3d:f5:61:e9:34:89:aa:
bb:86:b7:60:1e:24:dd:7d:a5:2a:6b:7a:67:6f:85:67:ea:dd:
a3:66:e2:a3:d5:11:d8:9d:e5:40:a5:19:c6:66:dc:cc:ef:02:
cb:e8:e0:0f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
MDM4MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI0MEJCMTNCNjQzMTMy
NUMyRjQ5MDAwNUE2MDM3MjRFOTk3ODU4MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoPrL/2PQq3I2SWAV0DfHL0w1w1tYblINemNX+EKKJlN/4hNRB
3cAL37JjdGscaU3vantDsmt2QluuHDq3PcOmB7GwA6Euj7X27tRj9KOyQexCsGXf
Adpfue0WeA81Mmm3c/d59G5MC9c570+LAP/CGmi6pFIrx61Fm8nEWPhZZN8kij+g
SoEuCCgUTJK/XhyJCVO8cGwuoITd8+wEm3Y3pAIVIcdMe1HmDaiFcfNUtcCsRQGK
8Cpj1QLx2HlQmJZqics9E5UnvMepcagperz9KsgGxoTLuEP1EC7XBpc9Z3pWRluZ
Copc12kQr//NAo2ACzJShkKfKa62ZaoTWuIHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtAuxO2QxMlwvSQAFpgNyTpl4WAwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90QXV4TzJReE1sd3ZTUUFG
cGdOeVRwbDRXQXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAH7vOrxi+8gvnUMT5Bi/DH8jJaj13xW2gLPr
xTxBKQQFRufgJUrZFJcDjGQHYgLlIyUkLGtHClifsbsnN23qRHptAZG1bNzqx2hP
14sywpstoE8Dm/mZb7iiOkSGati1nVAQPfD/BCevXQOLhnmtIRmGHDJdBQlIuL7q
mq5WrFG7ryKU8H6I7HC3YRUVEzGC6/W76ASV9kahJkRWB1A/rBmGwREAY/+5gBFM
qCC4f42KoBfwGSqbT/W/yjYMgMYzUjHN+GrIkPid1CtSjLTwr5LTPfVh6TSJqruG
t2AeJN19pSpremdvhWfq3aNm4qPVEdid5UClGcZm3MzvAsvo4A8=
-----END CERTIFICATE-----
Generated at Sat May 17 21:46:53 2025 by rpki-client