Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/u0aeMMa39NpilSQldnkM5-s4CdI.roa
File: u0aeMMa39NpilSQldnkM5-s4CdI.roa (raw, json)
Hash identifier: RqQpTnJv36M4Hxpctvi8jNJfcXN82puGMyV0NOerSx4=
Subject key identifier: BB:46:9E:30:C6:B7:F4:DA:62:95:24:25:76:79:0C:E7:EB:38:09:D2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 051A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u0aeMMa39NpilSQldnkM5-s4CdI.roa
Signing time: Tue 13 May 2025 21:08:01 +0000
ROA not before: Tue 13 May 2025 21:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1306 (0x51a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 21:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BB469E30C6B7F4DA6295242576790CE7EB3809D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0e:f5:0a:57:58:35:06:ec:37:93:13:36:9a:
0a:2b:15:2e:04:89:48:24:f6:1e:57:21:41:8b:aa:
34:a5:4c:0c:71:b8:6b:cb:26:ec:f3:c6:95:6d:f5:
22:5b:36:1f:05:04:56:3e:ca:1b:8c:50:5c:8f:d9:
e9:69:38:1a:f2:9b:13:c2:e6:c1:4b:8c:75:e0:f2:
6b:c7:e8:22:cd:3d:8d:66:2c:e2:9c:5a:71:93:0c:
d2:bb:7d:d8:57:fd:36:ad:8c:e3:8b:78:e9:cb:e5:
1f:4f:2b:cf:e3:51:aa:8d:6f:c1:22:5b:96:ee:70:
81:44:6f:e1:8b:9e:23:0d:35:09:7d:79:2a:1d:14:
b0:4a:88:44:90:15:24:65:c3:46:c4:94:bd:19:ad:
18:82:60:bc:42:b4:7d:15:bc:5b:6c:0f:dd:30:6a:
13:d7:b5:51:60:37:25:0d:c1:7c:64:b0:54:34:fb:
ad:27:96:7f:c7:42:80:c1:05:52:0b:41:e4:4d:71:
2c:84:dc:02:df:6c:28:a0:75:37:c8:07:7b:f6:86:
16:c9:5e:cd:55:24:f6:82:4c:c7:10:89:39:5a:42:
50:e9:9e:4c:24:00:60:54:0d:16:de:82:43:d9:79:
2d:3a:10:f5:db:2e:d6:16:23:f8:14:8e:1f:0f:82:
f1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:46:9E:30:C6:B7:F4:DA:62:95:24:25:76:79:0C:E7:EB:38:09:D2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u0aeMMa39NpilSQldnkM5-s4CdI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
88:4d:0d:16:cf:1b:64:bc:e9:56:e1:27:18:b9:e3:55:f2:d1:
c9:f3:8c:10:c4:9d:ec:fc:9a:52:5b:23:9a:c3:bd:d4:84:59:
06:61:66:a8:f2:86:b2:a0:d0:fc:2f:a8:8e:fb:70:27:53:33:
27:2f:0f:f1:78:55:6c:12:45:72:c2:93:2c:dd:bd:69:4f:71:
75:2b:91:30:8d:f2:be:20:2d:b6:81:fd:ab:a9:bc:67:20:52:
3e:b1:74:9b:ed:a3:64:d8:81:f1:02:13:e9:75:2d:cf:7f:8c:
8b:bd:79:2b:93:b0:88:fe:a0:cb:b9:66:3e:5a:4f:29:20:9f:
f3:28:20:fc:d3:7e:6a:b5:a3:31:37:01:f3:20:ca:ab:1f:81:
02:19:e7:5a:5e:44:c9:1c:3c:a1:8a:8f:1d:7b:8f:7b:51:11:
3e:cf:b3:37:1d:38:ec:ce:8a:95:58:88:6c:9f:47:dd:33:4b:
2e:a4:0e:59:2f:a2:a1:d6:53:ff:31:13:e2:b8:7e:d7:c7:46:
3e:54:63:c8:ef:a5:a3:09:71:bf:f4:3e:e4:79:e2:d2:d8:3b:
5c:8f:01:2d:b0:8c:28:fd:7f:0a:64:98:a4:36:20:6d:d6:68:
cb:13:2e:93:ec:bd:eb:bb:cc:bc:17:32:2b:59:9c:41:1f:de:
dd:b9:70:7c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBRowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MTA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCNDY5RTMwQzZCN0Y0
REE2Mjk1MjQyNTc2NzkwQ0U3RUIzODA5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+DvUKV1g1Buw3kxM2mgorFS4EiUgk9h5XIUGLqjSlTAxxuGvL
JuzzxpVt9SJbNh8FBFY+yhuMUFyP2elpOBrymxPC5sFLjHXg8mvH6CLNPY1mLOKc
WnGTDNK7fdhX/TatjOOLeOnL5R9PK8/jUaqNb8EiW5bucIFEb+GLniMNNQl9eSod
FLBKiESQFSRlw0bElL0ZrRiCYLxCtH0VvFtsD90wahPXtVFgNyUNwXxksFQ0+60n
ln/HQoDBBVILQeRNcSyE3ALfbCigdTfIB3v2hhbJXs1VJPaCTMcQiTlaQlDpnkwk
AGBUDRbegkPZeS06EPXbLtYWI/gUjh8PgvENAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu0aeMMa39NpilSQldnkM5+s4CdIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91MGFlTU1hMzlOcGlsU1Fs
ZG5rTTUtczRDZEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIhNDRbPG2S86VbhJxi541Xy0cnzjBDEnez8
mlJbI5rDvdSEWQZhZqjyhrKg0PwvqI77cCdTMycvD/F4VWwSRXLCkyzdvWlPcXUr
kTCN8r4gLbaB/aupvGcgUj6xdJvto2TYgfECE+l1Lc9/jIu9eSuTsIj+oMu5Zj5a
Tykgn/MoIPzTfmq1ozE3AfMgyqsfgQIZ51peRMkcPKGKjx17j3tRET7PszcdOOzO
ipVYiGyfR90zSy6kDlkvoqHWU/8xE+K4ftfHRj5UY8jvpaMJcb/0PuR54tLYO1yP
AS2wjCj9fwpkmKQ2IG3WaMsTLpPsveu7zLwXMitZnEEf3t25cHw=
-----END CERTIFICATE-----
Generated at Sun May 18 00:50:09 2025 by rpki-client