Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/u6VZm_GiG8ikUYnuwbZWvbSB0Iw.roa
File: u6VZm_GiG8ikUYnuwbZWvbSB0Iw.roa (raw, json)
Hash identifier: 0WREEchyeQF8ZCEdKZIyJyh/BHgsB0mUhsnFbLucMFc=
Subject key identifier: BB:A5:59:9B:F1:A2:1B:C8:A4:51:89:EE:C1:B6:56:BD:B4:81:D0:8C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 022A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u6VZm_GiG8ikUYnuwbZWvbSB0Iw.roa
Signing time: Fri 09 May 2025 23:08:20 +0000
ROA not before: Fri 09 May 2025 23:08:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 554 (0x22a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 23:08:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BBA5599BF1A21BC8A45189EEC1B656BDB481D08C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ed:3a:d7:48:66:6a:9e:d5:ff:1a:f8:48:b5:
b3:1d:12:49:8f:a0:39:05:d1:e0:78:a9:bd:bc:01:
45:ee:fb:46:40:91:86:ca:4d:3c:0c:2b:e9:a6:fe:
35:e3:d3:66:58:09:71:84:10:43:88:f3:39:3a:53:
99:4e:04:b5:f7:a0:a0:76:bb:c3:2a:96:8b:ca:c3:
4a:cc:14:5c:75:8f:66:83:fb:eb:b2:04:32:03:07:
7b:03:cd:6f:31:92:94:26:94:47:80:ff:ae:f1:2e:
6c:dc:76:9e:c6:96:78:de:3f:37:eb:3f:92:1d:63:
5e:01:c3:62:db:f6:5c:84:d2:d4:c8:d0:b2:3d:a7:
e7:57:ca:99:7f:fd:e6:f7:ff:a1:0e:7a:e8:d8:02:
7b:e3:59:f8:7d:16:b9:d8:22:2f:98:53:48:95:1d:
15:c6:d5:8a:05:4e:ba:ad:45:0e:02:b4:7f:27:25:
f6:2f:1e:70:56:55:78:e9:3c:b1:54:0a:7c:6d:0f:
01:ce:44:9d:4a:a8:39:b3:4e:cb:82:aa:a6:4c:1a:
d7:d1:a6:7d:6f:d4:12:42:6d:52:c4:28:2e:0b:fb:
e5:69:4a:fa:9a:6d:8d:43:5d:e3:4c:1c:e7:91:2e:
cf:27:0f:ff:03:96:5a:eb:8d:68:f5:90:92:96:9e:
b0:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A5:59:9B:F1:A2:1B:C8:A4:51:89:EE:C1:B6:56:BD:B4:81:D0:8C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u6VZm_GiG8ikUYnuwbZWvbSB0Iw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:79:05:0b:42:20:75:4c:92:ff:4f:92:01:98:38:aa:7d:30:
c0:64:0d:86:6a:60:45:82:42:14:02:f9:d2:c8:a8:3c:1b:b7:
e8:dd:13:ad:75:d1:3e:ee:be:19:b3:c5:e8:e6:d9:84:2c:1b:
76:35:39:25:9b:7e:8f:e0:48:45:d6:d5:3f:89:3f:7d:8b:ac:
ed:43:99:71:ca:26:99:27:9a:0f:fb:a4:6e:42:10:6a:f7:cb:
1d:25:fb:d0:cb:b7:56:80:eb:13:bc:e6:f2:b3:50:f4:93:89:
ab:45:a0:2a:ec:25:b9:85:fb:7c:a9:fb:6e:f3:eb:5b:d6:1c:
f1:4c:45:b4:ae:c5:89:99:9c:24:91:d7:18:5f:16:97:c5:8b:
1a:b0:b8:4c:fd:8d:48:b4:03:eb:40:44:ed:3a:ec:82:24:55:
3e:4d:a6:5e:8d:0d:68:76:ae:d7:4e:54:92:f2:c4:2e:82:19:
2f:c6:b3:d5:97:a9:ba:86:36:f4:e7:ec:84:ed:19:a1:2a:ed:
98:a6:83:8b:e9:de:9a:5d:c1:f5:f5:55:39:0e:ad:d7:4c:e7:
40:42:43:5f:18:b9:f2:5f:38:d1:35:ee:65:c8:0f:e8:b9:81:
df:1b:3d:bb:47:28:d8:3a:69:2c:2b:f6:39:39:5c:b5:f8:97:
35:ac:4d:4f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDky
MzA4MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCQTU1OTlCRjFBMjFC
QzhBNDUxODlFRUMxQjY1NkJEQjQ4MUQwOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC47TrXSGZqntX/GvhItbMdEkmPoDkF0eB4qb28AUXu+0ZAkYbK
TTwMK+mm/jXj02ZYCXGEEEOI8zk6U5lOBLX3oKB2u8MqlovKw0rMFFx1j2aD++uy
BDIDB3sDzW8xkpQmlEeA/67xLmzcdp7GlnjePzfrP5IdY14Bw2Lb9lyE0tTI0LI9
p+dXypl//eb3/6EOeujYAnvjWfh9FrnYIi+YU0iVHRXG1YoFTrqtRQ4CtH8nJfYv
HnBWVXjpPLFUCnxtDwHORJ1KqDmzTsuCqqZMGtfRpn1v1BJCbVLEKC4L++VpSvqa
bY1DXeNMHOeRLs8nD/8DllrrjWj1kJKWnrCLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu6VZm/GiG8ikUYnuwbZWvbSB0IwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91NlZabV9HaUc4aWtVWW51
d2JaV3ZiU0IwSXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAZ5BQtCIHVMkv9PkgGYOKp9MMBkDYZqYEWC
QhQC+dLIqDwbt+jdE6110T7uvhmzxejm2YQsG3Y1OSWbfo/gSEXW1T+JP32LrO1D
mXHKJpknmg/7pG5CEGr3yx0l+9DLt1aA6xO85vKzUPSTiatFoCrsJbmF+3yp+27z
61vWHPFMRbSuxYmZnCSR1xhfFpfFixqwuEz9jUi0A+tARO067IIkVT5Npl6NDWh2
rtdOVJLyxC6CGS/Gs9WXqbqGNvTn7ITtGaEq7Zimg4vp3ppdwfX1VTkOrddM50BC
Q18YufJfONE17mXID+i5gd8bPbtHKNg6aSwr9jk5XLX4lzWsTU8=
-----END CERTIFICATE-----
Generated at Sat May 17 23:59:42 2025 by rpki-client