Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/urqAoPgviP4Mnol8noXu8CmT70E.roa
File: urqAoPgviP4Mnol8noXu8CmT70E.roa (raw, json)
Hash identifier: E9m3Wv+5YOso7RLVtozMrS3+ZMjXt5mdAoZGcPgJIOc=
Subject key identifier: BA:BA:80:A0:F8:2F:88:FE:0C:9E:89:7C:9E:85:EE:F0:29:93:EF:41
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 018A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/urqAoPgviP4Mnol8noXu8CmT70E.roa
Signing time: Fri 09 May 2025 03:07:46 +0000
ROA not before: Fri 09 May 2025 03:07:46 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394 (0x18a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 03:07:46 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BABA80A0F82F88FE0C9E897C9E85EEF02993EF41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6d:a6:f1:46:9f:f8:fe:31:8c:e4:22:08:ab:
24:8c:c7:96:b5:59:4a:12:05:e1:30:1d:1a:c9:24:
a5:d8:24:58:f6:8d:50:d2:b6:55:98:3b:78:d6:67:
0e:c9:b5:29:c2:c9:72:8b:d8:02:1e:68:93:46:13:
e4:cc:f2:76:cf:5c:7d:44:97:8b:31:5e:38:a2:a8:
19:b9:08:31:37:c8:63:f0:13:da:9e:73:b8:63:9c:
86:22:99:c1:5b:15:a2:16:e2:c5:22:27:75:d5:54:
65:3d:c6:28:d5:0f:e1:08:4d:d6:12:fe:3b:9c:2c:
73:92:b6:e4:5c:3f:ef:0f:fb:1b:4f:f2:c2:bc:a0:
f6:04:4c:77:1e:77:2f:bf:6d:f4:9d:42:f8:73:14:
d5:2d:28:b7:35:61:d0:54:08:a1:9d:e2:0c:b0:3e:
a9:c2:c7:d9:7a:76:08:c0:98:35:fa:9f:fb:79:9a:
5f:73:ae:80:f7:f6:77:35:6a:33:10:f4:05:94:e6:
b2:e0:73:06:46:fc:24:64:d6:09:f3:8b:66:dd:83:
27:d5:ab:32:d1:c7:86:35:4c:56:96:9f:7e:9a:66:
2c:69:57:0c:a5:49:ae:5f:20:73:88:63:75:24:40:
f4:44:31:d0:f0:e7:a5:b5:2b:80:4d:21:8c:80:77:
d8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BA:80:A0:F8:2F:88:FE:0C:9E:89:7C:9E:85:EE:F0:29:93:EF:41
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/urqAoPgviP4Mnol8noXu8CmT70E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
98:94:b6:69:e8:30:6e:49:ef:1d:d0:95:ae:71:ea:a8:7b:f3:
b4:55:17:56:ad:c8:b6:d6:20:cd:ba:6f:12:83:a6:c7:70:74:
12:51:7a:ac:43:98:6d:44:d2:ea:d3:0f:e9:7c:f0:d8:dd:4f:
74:10:48:82:47:70:5d:5f:5c:7f:db:66:81:f3:dd:a5:63:de:
0d:5e:b6:6b:d1:61:65:99:54:8a:95:24:77:80:bc:de:73:17:
f3:54:15:f2:3a:dd:dd:25:41:ca:1c:55:dd:1a:36:ab:74:46:
68:db:71:a1:c4:0f:4a:f3:21:25:4d:07:ab:d0:f6:fe:c2:75:
19:f7:68:da:dd:95:55:79:49:3b:58:12:5f:ad:4a:16:2b:c4:
42:40:84:ca:12:0f:af:0e:1a:b5:96:d4:3e:23:e8:92:af:bd:
79:e4:eb:a4:41:98:32:8f:85:e6:ac:24:9f:4a:79:95:d6:84:
dd:fc:ba:2f:41:13:d1:55:7d:34:74:63:64:f9:5b:d3:39:37:
c4:af:d4:59:a0:4e:f5:e2:97:2b:7a:e2:f2:36:cf:9a:7b:e4:
c3:2d:c7:27:bd:7a:d5:25:f9:94:07:8a:6c:78:52:f8:29:42:
5f:cd:fb:8f:8c:a5:89:f5:8d:bf:7d:7f:99:62:0a:79:85:3b:
a3:7f:6d:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAYowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
MzA3NDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJBQkE4MEEwRjgyRjg4
RkUwQzlFODk3QzlFODVFRUYwMjk5M0VGNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7babxRp/4/jGM5CIIqySMx5a1WUoSBeEwHRrJJKXYJFj2jVDS
tlWYO3jWZw7JtSnCyXKL2AIeaJNGE+TM8nbPXH1El4sxXjiiqBm5CDE3yGPwE9qe
c7hjnIYimcFbFaIW4sUiJ3XVVGU9xijVD+EITdYS/jucLHOStuRcP+8P+xtP8sK8
oPYETHcedy+/bfSdQvhzFNUtKLc1YdBUCKGd4gywPqnCx9l6dgjAmDX6n/t5ml9z
roD39nc1ajMQ9AWU5rLgcwZG/CRk1gnzi2bdgyfVqzLRx4Y1TFaWn36aZixpVwyl
Sa5fIHOIY3UkQPREMdDw56W1K4BNIYyAd9gfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUurqAoPgviP4Mnol8noXu8CmT70EwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91cnFBb1BndmlQNE1ub2w4
bm9YdThDbVQ3MEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJiUtmnoMG5J7x3Qla5x6qh787RVF1atyLbW
IM26bxKDpsdwdBJReqxDmG1E0urTD+l88NjdT3QQSIJHcF1fXH/bZoHz3aVj3g1e
tmvRYWWZVIqVJHeAvN5zF/NUFfI63d0lQcocVd0aNqt0RmjbcaHED0rzISVNB6vQ
9v7CdRn3aNrdlVV5STtYEl+tShYrxEJAhMoSD68OGrWW1D4j6JKvvXnk66RBmDKP
heasJJ9KeZXWhN38ui9BE9FVfTR0Y2T5W9M5N8Sv1FmgTvXilyt64vI2z5p75MMt
xye9etUl+ZQHimx4UvgpQl/N+4+MpYn1jb99f5liCnmFO6N/bR0=
-----END CERTIFICATE-----
Generated at Sun May 18 02:06:21 2025 by rpki-client