Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tnygkKsHMjDVR1zS9O-hMEhaidE.roa
File: tnygkKsHMjDVR1zS9O-hMEhaidE.roa (raw, json)
Hash identifier: xGc9QH1XsumMtaEcoWYFr9PPYkw8uWwLIVznMlqF+gU=
Subject key identifier: B6:7C:A0:90:AB:07:32:30:D5:47:5C:D2:F4:EF:A1:30:48:5A:89:D1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 064E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tnygkKsHMjDVR1zS9O-hMEhaidE.roa
Signing time: Thu 15 May 2025 11:38:50 +0000
ROA not before: Thu 15 May 2025 11:38:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1614 (0x64e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 11:38:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B67CA090AB073230D5475CD2F4EFA130485A89D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:55:61:10:a3:62:a8:8c:96:37:c2:7e:48:5c:
cd:ae:7f:d5:c4:10:1b:eb:fd:51:27:27:61:97:7d:
b5:9f:78:f8:78:9f:0a:2e:06:23:fa:3a:cf:b9:1c:
fe:57:3b:9a:dd:4e:29:20:60:c9:11:67:2a:86:86:
53:7f:35:bf:47:c0:bb:f5:43:9b:3a:23:23:a3:0a:
f5:45:67:fe:a2:d1:a0:62:dd:bd:aa:99:24:51:84:
98:54:77:7f:77:e0:30:96:f1:a2:93:1f:89:71:09:
d5:47:08:dd:20:e6:de:42:56:82:8d:ee:91:73:56:
bf:71:20:22:98:6b:03:86:67:a7:d0:25:b9:da:6f:
6c:02:42:41:72:7b:4c:bb:ac:ec:e6:60:e1:86:20:
e7:37:e8:83:e8:09:35:ab:83:57:f5:f9:cf:db:ee:
97:b1:d4:f3:3d:4e:47:67:57:b9:aa:44:c3:07:78:
9c:5b:c4:12:76:e9:a8:63:08:dd:68:8b:90:9a:aa:
f1:75:f7:df:2f:94:ec:9b:b6:50:5c:8d:ea:a2:95:
c6:da:ed:4c:6d:1d:ab:bd:f0:ae:f3:26:35:17:ac:
b2:d5:bf:db:38:33:87:46:4f:f9:73:d0:12:ec:fa:
a9:89:af:fc:79:7b:26:9c:86:c6:0a:0a:c8:cb:9f:
f5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7C:A0:90:AB:07:32:30:D5:47:5C:D2:F4:EF:A1:30:48:5A:89:D1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tnygkKsHMjDVR1zS9O-hMEhaidE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:d5:6a:26:3f:4c:1c:c2:b2:c3:9e:90:1c:99:d6:1d:e9:0d:
ee:d6:90:dc:7d:24:08:00:62:de:7e:a5:19:92:47:86:f2:00:
af:e5:7d:8a:94:6f:b1:8e:ad:e5:ac:39:ee:ae:49:32:3c:2e:
aa:83:d6:60:f5:b6:72:21:e3:8c:67:f6:45:c0:b1:bc:c2:89:
ac:99:de:dc:10:e8:a8:99:63:aa:fe:5f:38:e2:0e:d5:49:5d:
fd:f3:66:e5:23:79:4d:a5:5d:d7:2f:bb:14:fb:73:2a:01:e2:
3c:51:db:63:aa:13:b8:2a:40:fc:08:f7:8b:9f:7a:3f:b8:26:
28:52:c1:9c:2d:53:33:0a:15:9e:87:6f:83:27:18:a3:b4:fd:
18:94:ed:2a:8d:8e:5c:a1:eb:d5:03:c8:e4:2e:15:fd:df:54:
48:dc:8f:1e:ee:5e:85:d6:96:a0:2b:bf:86:87:75:b6:6a:fc:
cc:ca:79:93:0e:cd:27:df:22:c7:25:fb:db:a2:34:62:03:f2:
c2:2d:ab:2d:53:d2:46:92:05:14:d4:68:3b:0e:82:4f:c5:41:
87:54:29:5a:6c:4c:d2:4d:49:76:34:fe:82:32:8d:66:80:ee:
4c:3d:60:df:6b:59:30:00:2a:96:9b:c0:b4:76:01:03:d5:f7:
6d:ff:d0:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
MTM4NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI2N0NBMDkwQUIwNzMy
MzBENTQ3NUNEMkY0RUZBMTMwNDg1QTg5RDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrVWEQo2KojJY3wn5IXM2uf9XEEBvr/VEnJ2GXfbWfePh4nwou
BiP6Os+5HP5XO5rdTikgYMkRZyqGhlN/Nb9HwLv1Q5s6IyOjCvVFZ/6i0aBi3b2q
mSRRhJhUd3934DCW8aKTH4lxCdVHCN0g5t5CVoKN7pFzVr9xICKYawOGZ6fQJbna
b2wCQkFye0y7rOzmYOGGIOc36IPoCTWrg1f1+c/b7pex1PM9TkdnV7mqRMMHeJxb
xBJ26ahjCN1oi5CaqvF1998vlOybtlBcjeqilcba7UxtHau98K7zJjUXrLLVv9s4
M4dGT/lz0BLs+qmJr/x5eyachsYKCsjLn/VlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtnygkKsHMjDVR1zS9O+hMEhaidEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90bnlna0tzSE1qRFZSMXpT
OU8taE1FaGFpZEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGrVaiY/TBzCssOekByZ1h3pDe7WkNx9JAgA
Yt5+pRmSR4byAK/lfYqUb7GOreWsOe6uSTI8LqqD1mD1tnIh44xn9kXAsbzCiayZ
3twQ6KiZY6r+XzjiDtVJXf3zZuUjeU2lXdcvuxT7cyoB4jxR22OqE7gqQPwI94uf
ej+4JihSwZwtUzMKFZ6Hb4MnGKO0/RiU7SqNjlyh69UDyOQuFf3fVEjcjx7uXoXW
lqArv4aHdbZq/MzKeZMOzSffIscl+9uiNGID8sItqy1T0kaSBRTUaDsOgk/FQYdU
KVpsTNJNSXY0/oIyjWaA7kw9YN9rWTAAKpabwLR2AQPV923/0EI=
-----END CERTIFICATE-----
Generated at Sun May 18 10:01:24 2025 by rpki-client