Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uoP9tXk9t9UPHAWOauoLyHCQprg.roa
File: uoP9tXk9t9UPHAWOauoLyHCQprg.roa (raw, json)
Hash identifier: C/5LMzD0XvC4HAT7VojYGaqJFXw4XXY87C3oVMnL9yc=
Subject key identifier: BA:83:FD:B5:79:3D:B7:D5:0F:1C:05:8E:6A:EA:0B:C8:70:90:A6:B8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0606
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uoP9tXk9t9UPHAWOauoLyHCQprg.roa
Signing time: Thu 15 May 2025 02:38:03 +0000
ROA not before: Thu 15 May 2025 02:38:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1542 (0x606)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 02:38:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BA83FDB5793DB7D50F1C058E6AEA0BC87090A6B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:80:40:44:b6:17:50:b4:db:89:4a:d7:6a:
82:c0:ab:d8:cc:49:4e:04:87:34:d3:9c:6d:c1:a7:
b4:ed:4c:a4:5e:7d:a9:45:5a:cf:b6:d9:32:a6:e6:
9e:b8:78:07:bc:d2:90:8d:06:89:db:e8:73:d3:aa:
dd:0e:fe:25:1e:77:56:94:55:e0:aa:f8:c3:3b:5f:
b8:6c:a7:31:5b:d0:4a:2c:88:6b:6c:3f:f3:35:70:
08:dc:26:6e:e3:ab:92:22:48:88:ba:ff:fb:e1:6f:
22:ee:c1:12:d3:10:39:57:27:bb:29:82:ab:9f:dc:
0e:04:45:a0:24:4c:a1:0e:7f:b9:28:8c:86:ee:d3:
e8:a0:ab:4b:1a:a9:a4:a1:91:41:e9:34:ca:4a:06:
98:94:a7:3f:92:a0:60:e4:04:c0:14:d2:bb:f4:8c:
5e:39:65:a9:7d:45:8e:3e:cd:be:68:43:46:65:ae:
f3:6f:01:8f:6b:69:97:e9:ad:7f:e0:7d:09:92:c3:
9d:fc:c2:e8:18:84:11:36:11:f0:fa:4b:53:ef:e3:
73:09:ef:53:92:d7:5a:54:bd:e5:85:58:36:44:b0:
1f:3f:6c:0c:e6:91:fe:74:dd:a6:b2:3f:45:89:09:
e2:6a:5d:d3:10:da:91:88:e0:4a:33:cb:72:e9:71:
4d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:83:FD:B5:79:3D:B7:D5:0F:1C:05:8E:6A:EA:0B:C8:70:90:A6:B8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uoP9tXk9t9UPHAWOauoLyHCQprg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:ea:a4:fe:ec:41:cb:6b:53:49:2c:70:e9:86:c4:8a:bc:ca:
2f:14:e5:0d:81:75:a0:74:e9:58:4d:44:d8:2d:46:1f:bb:74:
f3:d6:a3:42:ce:52:76:f0:7c:d2:ab:cf:f9:2e:c3:96:0a:60:
35:2e:28:5a:65:69:44:ed:47:ea:00:73:57:c0:5b:28:10:46:
f9:65:f4:1d:90:4e:b4:ae:1c:4f:e9:e9:32:e5:01:14:5c:be:
72:27:bd:9f:94:72:85:27:d5:d5:94:cc:9e:e9:80:87:88:a3:
2e:f1:b4:02:da:0e:76:c5:5c:76:3b:fc:49:1d:20:cc:1f:65:
49:d3:74:ab:70:a6:88:dc:b6:ac:ce:2a:0c:37:9e:c5:21:7b:
d4:e6:82:27:9f:1e:69:fb:6c:c3:0d:6d:25:a2:33:35:d4:60:
d0:1b:ed:f6:c0:67:ff:15:6d:81:36:8b:a1:3c:bf:0d:87:77:
43:15:78:88:fb:e1:e3:cb:7b:bf:3a:be:56:28:f2:65:69:d2:
b9:a6:ab:2a:88:99:59:7a:a1:2e:82:20:02:22:46:f8:f5:6b:
3a:c7:76:71:03:a9:55:28:f8:a0:98:c4:2f:e8:46:f3:f2:b1:
99:3a:20:37:db:ab:ac:0f:3f:76:02:43:0a:60:51:73:e1:0a:
df:99:e0:19
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBgYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUw
MjM4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJBODNGREI1NzkzREI3
RDUwRjFDMDU4RTZBRUEwQkM4NzA5MEE2QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC954BARLYXULTbiUrXaoLAq9jMSU4EhzTTnG3Bp7TtTKRefalF
Ws+22TKm5p64eAe80pCNBonb6HPTqt0O/iUed1aUVeCq+MM7X7hspzFb0EosiGts
P/M1cAjcJm7jq5IiSIi6//vhbyLuwRLTEDlXJ7spgquf3A4ERaAkTKEOf7kojIbu
0+igq0saqaShkUHpNMpKBpiUpz+SoGDkBMAU0rv0jF45Zal9RY4+zb5oQ0ZlrvNv
AY9raZfprX/gfQmSw538wugYhBE2EfD6S1Pv43MJ71OS11pUveWFWDZEsB8/bAzm
kf503aayP0WJCeJqXdMQ2pGI4Eozy3LpcU15AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuoP9tXk9t9UPHAWOauoLyHCQprgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91b1A5dFhrOXQ5VVBIQVdP
YXVvTHlIQ1Fwcmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACfqpP7sQctrU0kscOmGxIq8yi8U5Q2BdaB0
6VhNRNgtRh+7dPPWo0LOUnbwfNKrz/kuw5YKYDUuKFplaUTtR+oAc1fAWygQRvll
9B2QTrSuHE/p6TLlARRcvnInvZ+UcoUn1dWUzJ7pgIeIoy7xtALaDnbFXHY7/Ekd
IMwfZUnTdKtwpojctqzOKgw3nsUhe9TmgiefHmn7bMMNbSWiMzXUYNAb7fbAZ/8V
bYE2i6E8vw2Hd0MVeIj74ePLe786vlYo8mVp0rmmqyqImVl6oS6CIAIiRvj1azrH
dnEDqVUo+KCYxC/oRvPysZk6IDfbq6wPP3YCQwpgUXPhCt+Z4Bk=
-----END CERTIFICATE-----
Generated at Sat May 17 21:24:47 2025 by rpki-client