Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ubVRh7K6EgjZdqdXMRoDRILg7oA.roa
File: ubVRh7K6EgjZdqdXMRoDRILg7oA.roa (raw, json)
Hash identifier: 6YRc7jTji1CAGbe8flD8uUsWV2WPrr9iUMVCo/vh4VE=
Subject key identifier: B9:B5:51:87:B2:BA:12:08:D9:76:A7:57:31:1A:03:44:82:E0:EE:80
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 080E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ubVRh7K6EgjZdqdXMRoDRILg7oA.roa
Signing time: Sat 17 May 2025 19:38:11 +0000
ROA not before: Sat 17 May 2025 19:38:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2062 (0x80e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 19:38:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B9B55187B2BA1208D976A757311A034482E0EE80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:48:f5:d4:05:2a:f4:4e:6a:3b:f8:ca:5a:c6:
78:ec:97:30:f8:fe:c6:3b:d5:34:12:3f:f1:0d:0e:
58:65:dd:19:8b:0f:1f:13:31:ac:f2:bd:72:11:a1:
76:b2:6d:de:87:a0:e9:0f:40:e3:96:ac:7a:bb:c4:
fb:04:0f:fb:fc:7c:d9:b4:37:33:20:97:16:9b:f5:
9d:3e:c1:b4:10:f8:fb:4b:6c:cd:a8:00:a0:7e:c1:
fc:9a:3c:9b:7c:e8:be:14:4f:18:c6:34:61:37:1a:
6e:7c:31:7b:4e:4f:19:9c:fe:70:6b:94:af:4c:6d:
3c:34:50:77:1f:43:60:7c:be:b4:9a:fc:a3:0a:a2:
20:4d:a7:c8:a5:4d:0e:4c:f4:15:5a:d9:8f:e4:a2:
d3:88:a1:dc:b6:b4:36:d6:44:49:e6:b3:b6:0d:9a:
46:8e:29:e7:79:bf:8f:4d:9f:61:33:9e:e4:57:a7:
64:25:0f:75:53:e2:ae:9f:78:5f:ff:f9:86:2a:cf:
55:2c:d4:01:c7:d8:dc:b2:e7:a4:ad:46:af:57:2b:
d9:b8:f2:a1:24:b1:f9:e6:9b:98:8b:36:28:4c:4e:
a5:a3:b2:3a:e6:d0:93:4b:05:34:b1:e7:99:6e:74:
c7:3e:c1:a2:da:c5:1c:5d:b6:b5:1b:48:2d:7a:0a:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B5:51:87:B2:BA:12:08:D9:76:A7:57:31:1A:03:44:82:E0:EE:80
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ubVRh7K6EgjZdqdXMRoDRILg7oA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:fa:80:37:80:e9:1e:2f:6a:b8:4b:7c:28:e4:ca:58:4b:37:
24:14:6b:b5:84:30:89:5f:16:ec:72:9c:5c:4e:fe:b6:ce:86:
ff:91:ae:2a:ee:51:25:5f:10:1c:68:72:17:81:25:5a:f3:d8:
c4:23:64:fc:75:97:3b:b1:f8:02:f4:f3:d0:16:79:e2:c5:56:
35:f4:98:85:69:fe:ca:38:d7:8e:c7:62:78:c5:63:4a:93:e4:
3b:0f:73:cc:0f:e9:56:70:53:61:6d:41:42:8b:cf:13:dd:22:
73:d4:9d:a2:60:7e:eb:3d:94:38:f8:33:97:fc:84:cc:2d:4a:
cb:bd:59:17:60:45:f0:81:3f:98:c7:50:5f:01:19:c5:cc:86:
51:da:6a:17:6c:76:91:43:d5:46:b4:64:00:4a:81:c6:fb:f9:
71:e9:f9:03:a0:fd:8c:fc:3a:f0:5f:a2:11:46:31:62:bb:55:
f0:98:cf:56:41:87:3b:11:e7:46:55:19:0c:e7:6a:10:3b:4d:
dd:a1:d9:55:ff:c8:ab:29:86:8b:2e:34:43:fa:0c:27:25:f8:
d6:e7:83:5b:93:82:0e:1e:25:9e:66:c0:b5:ac:80:10:ca:a2:
5d:34:fa:22:35:ac:7f:24:be:69:78:fa:78:2b:e9:aa:59:44:
34:98:d2:ed
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
OTM4MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI5QjU1MTg3QjJCQTEy
MDhEOTc2QTc1NzMxMUEwMzQ0ODJFMEVFODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDISPXUBSr0Tmo7+MpaxnjslzD4/sY71TQSP/ENDlhl3RmLDx8T
MazyvXIRoXaybd6HoOkPQOOWrHq7xPsED/v8fNm0NzMglxab9Z0+wbQQ+PtLbM2o
AKB+wfyaPJt86L4UTxjGNGE3Gm58MXtOTxmc/nBrlK9MbTw0UHcfQ2B8vrSa/KMK
oiBNp8ilTQ5M9BVa2Y/kotOIody2tDbWREnms7YNmkaOKed5v49Nn2EznuRXp2Ql
D3VT4q6feF//+YYqz1Us1AHH2Nyy56StRq9XK9m48qEksfnmm5iLNihMTqWjsjrm
0JNLBTSx55ludMc+waLaxRxdtrUbSC16CvaLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUubVRh7K6EgjZdqdXMRoDRILg7oAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91YlZSaDdLNkVnalpkcWRY
TVJvRFJJTGc3b0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGT6gDeA6R4varhLfCjkylhLNyQUa7WEMIlf
FuxynFxO/rbOhv+RriruUSVfEBxocheBJVrz2MQjZPx1lzux+AL089AWeeLFVjX0
mIVp/so4147HYnjFY0qT5DsPc8wP6VZwU2FtQUKLzxPdInPUnaJgfus9lDj4M5f8
hMwtSsu9WRdgRfCBP5jHUF8BGcXMhlHaahdsdpFD1Ua0ZABKgcb7+XHp+QOg/Yz8
OvBfohFGMWK7VfCYz1ZBhzsR50ZVGQznahA7Td2h2VX/yKsphosuNEP6DCcl+Nbn
g1uTgg4eJZ5mwLWsgBDKol00+iI1rH8kvml4+ngr6apZRDSY0u0=
-----END CERTIFICATE-----
Generated at Sun May 18 09:13:20 2025 by rpki-client