Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tifz5hfR2E2DiGq6Xh1HPQkQ3B8.roa
File: tifz5hfR2E2DiGq6Xh1HPQkQ3B8.roa (raw, json)
Hash identifier: S+DRdt/wpdLxPX7JJbOAsiCZD2rjXkpFiSPZYl7Z2AQ=
Subject key identifier: B6:27:F3:E6:17:D1:D8:4D:83:88:6A:BA:5E:1D:47:3D:09:10:DC:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 02BA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tifz5hfR2E2DiGq6Xh1HPQkQ3B8.roa
Signing time: Sat 10 May 2025 17:07:55 +0000
ROA not before: Sat 10 May 2025 17:07:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698 (0x2ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 17:07:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B627F3E617D1D84D83886ABA5E1D473D0910DC1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:10:50:98:e7:d5:f7:57:ae:4a:27:67:f3:95:
c5:52:3f:d0:d5:6e:8e:ec:dc:27:a1:ec:30:81:c0:
87:0e:52:48:e8:4e:d7:12:88:d8:a4:35:02:18:0e:
7c:9c:ad:13:5c:ad:80:91:bb:fb:d5:13:e3:2f:d2:
78:50:19:b7:08:9a:dd:2d:3a:6e:ea:86:99:4e:66:
a8:1f:53:1f:d8:07:ae:8b:dc:28:9a:ba:88:3a:d6:
0c:59:73:5a:33:19:16:4b:ad:fe:c1:59:e7:ab:01:
d0:a3:2b:4a:f4:0f:75:68:62:04:78:70:4d:c9:87:
a1:83:26:e4:ee:46:67:23:fc:b2:96:64:08:42:e1:
7e:47:17:dc:c7:6b:bb:ce:b6:34:46:2f:e6:ea:4c:
70:54:28:e8:38:b8:a3:74:ac:a0:7f:67:10:9d:7b:
2e:ba:c7:5d:b1:b3:61:a5:7e:53:17:90:fe:8e:17:
5c:0e:53:01:d7:cd:6f:fe:be:ca:e1:b5:0f:d2:92:
9f:46:e7:17:a8:f7:ba:dd:b2:d3:a4:d6:ec:e9:9a:
13:29:f7:bd:99:2f:84:a0:64:c3:ff:11:9c:2a:fc:
4f:cc:c4:56:68:d6:63:37:d4:2f:c7:e7:c4:0a:c8:
e8:16:14:89:77:f9:34:bc:68:86:94:e6:07:0a:10:
61:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:27:F3:E6:17:D1:D8:4D:83:88:6A:BA:5E:1D:47:3D:09:10:DC:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tifz5hfR2E2DiGq6Xh1HPQkQ3B8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:f1:fd:fd:09:39:bf:54:e3:12:c0:b2:ac:12:2b:89:1f:df:
90:b2:49:77:49:4f:7d:61:1c:bc:f5:81:2b:a1:43:93:13:8c:
29:64:5d:0b:dc:8c:da:0a:cf:ad:a1:6c:6a:7e:4d:88:85:92:
f8:a5:14:ec:f1:cc:6f:b4:a8:38:b0:5d:2a:3e:ac:92:1a:af:
de:3b:0e:d3:e3:6a:fd:3c:78:6d:28:48:72:03:14:d5:af:9c:
e3:89:8b:af:4d:4a:ba:ef:ad:72:e7:cb:35:bb:9d:9a:e6:ec:
54:59:cf:77:0c:5e:98:02:73:42:c4:fd:e9:1e:b4:42:9e:fe:
58:2a:e0:f6:85:32:ff:c5:1e:00:66:a1:98:5a:82:48:e2:4c:
2e:49:07:38:9c:73:25:d2:70:2b:ef:2c:9c:7c:c5:f7:11:d6:
06:63:82:99:22:ac:68:aa:ca:7c:38:48:d2:9d:97:e8:76:99:
b5:fd:4d:a2:8d:03:82:7f:1c:5c:a9:84:84:8f:f7:ba:3c:dc:
3d:d8:02:63:e5:56:05:f4:8c:e3:97:a1:19:24:44:3e:10:9b:
c1:2f:26:48:97:e7:8b:7b:90:af:19:e4:09:b7:ee:88:4d:cc:
8c:2d:a5:7c:31:fd:bf:44:8a:db:f1:74:3b:b6:9e:72:1b:a9:
b5:d2:68:35
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICArowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
NzA3NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI2MjdGM0U2MTdEMUQ4
NEQ4Mzg4NkFCQTVFMUQ0NzNEMDkxMERDMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJEFCY59X3V65KJ2fzlcVSP9DVbo7s3Ceh7DCBwIcOUkjoTtcS
iNikNQIYDnycrRNcrYCRu/vVE+Mv0nhQGbcImt0tOm7qhplOZqgfUx/YB66L3Cia
uog61gxZc1ozGRZLrf7BWeerAdCjK0r0D3VoYgR4cE3Jh6GDJuTuRmcj/LKWZAhC
4X5HF9zHa7vOtjRGL+bqTHBUKOg4uKN0rKB/ZxCdey66x12xs2GlflMXkP6OF1wO
UwHXzW/+vsrhtQ/Skp9G5xeo97rdstOk1uzpmhMp972ZL4SgZMP/EZwq/E/MxFZo
1mM31C/H58QKyOgWFIl3+TS8aIaU5gcKEGEXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtifz5hfR2E2DiGq6Xh1HPQkQ3B8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90aWZ6NWhmUjJFMkRpR3E2
WGgxSFBRa1EzQjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFXx/f0JOb9U4xLAsqwSK4kf35CySXdJT31h
HLz1gSuhQ5MTjClkXQvcjNoKz62hbGp+TYiFkvilFOzxzG+0qDiwXSo+rJIar947
DtPjav08eG0oSHIDFNWvnOOJi69NSrrvrXLnyzW7nZrm7FRZz3cMXpgCc0LE/eke
tEKe/lgq4PaFMv/FHgBmoZhagkjiTC5JBziccyXScCvvLJx8xfcR1gZjgpkirGiq
ynw4SNKdl+h2mbX9TaKNA4J/HFyphISP97o83D3YAmPlVgX0jOOXoRkkRD4Qm8Ev
JkiX54t7kK8Z5Am37ohNzIwtpXwx/b9EitvxdDu2nnIbqbXSaDU=
-----END CERTIFICATE-----
Generated at Mon May 19 10:38:20 2025 by rpki-client