Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uxRGDUzUAlC4yaE7CsOeMi2FRzw.roa
File: uxRGDUzUAlC4yaE7CsOeMi2FRzw.roa (raw, json)
Hash identifier: dnqDOHL1Ei/udWlk/NYgz0SDHC98P2RKxyPmphIC6ug=
Subject key identifier: BB:14:46:0D:4C:D4:02:50:B8:C9:A1:3B:0A:C3:9E:32:2D:85:47:3C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04F6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uxRGDUzUAlC4yaE7CsOeMi2FRzw.roa
Signing time: Tue 13 May 2025 16:38:02 +0000
ROA not before: Tue 13 May 2025 16:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1270 (0x4f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 16:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BB14460D4CD40250B8C9A13B0AC39E322D85473C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:0c:e2:85:15:7e:8f:4d:4c:53:83:9f:7b:
7f:6f:44:36:5f:d3:b9:0f:40:54:ad:35:4a:05:e5:
5e:90:b7:fc:57:89:8b:a1:31:1a:82:e6:62:3e:85:
17:2e:e2:15:e8:84:fe:06:35:e0:a1:8c:f9:e7:2c:
18:bc:59:56:4e:c8:00:b1:93:f1:2f:db:ec:44:8c:
3c:e7:2c:1f:17:05:60:70:57:dd:de:d5:9e:ae:23:
ea:c0:b8:57:e0:3b:8e:3b:30:75:1d:59:f0:e5:d4:
4f:80:bc:48:76:eb:a9:1b:8d:5a:15:7f:b1:84:58:
09:fe:f5:09:ed:f9:b3:72:f3:f7:9a:b6:7e:10:8e:
b3:47:67:19:2c:13:ef:a5:38:95:d9:30:f3:dc:56:
66:74:90:1d:03:19:a5:6b:9c:36:dc:67:25:3e:d1:
4e:fe:20:11:af:d7:ef:72:8c:87:c6:65:94:1e:28:
38:56:28:8e:98:38:c9:8e:6a:66:bc:2c:df:c8:4e:
ba:76:cf:c0:f4:c2:d5:7b:bf:49:36:d0:40:74:47:
e2:47:26:33:8e:73:fb:59:c9:c2:70:cd:34:c6:3c:
67:8d:98:ff:77:71:87:4e:7d:71:2c:55:5b:8c:fd:
d4:b0:80:90:2a:e1:20:1e:fa:62:32:52:74:c9:6c:
e0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:14:46:0D:4C:D4:02:50:B8:C9:A1:3B:0A:C3:9E:32:2D:85:47:3C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uxRGDUzUAlC4yaE7CsOeMi2FRzw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:e1:2f:f7:ee:48:2d:b5:55:39:4c:8f:ef:68:1d:58:e7:59:
3a:0f:03:d1:4c:ee:73:d7:1e:30:90:f6:35:6b:0d:c9:f0:95:
47:c1:42:4f:d9:08:92:38:23:02:65:24:27:e3:eb:bf:61:e3:
19:45:0e:e3:68:fe:3f:de:25:f2:1b:54:f5:76:9c:dd:c3:70:
f4:1f:0f:ea:fd:7d:8c:f2:36:2a:84:68:9f:79:62:a8:98:e2:
b5:4b:07:1d:78:3f:fd:4d:fd:67:32:88:b0:5b:f2:6a:a2:7b:
76:ae:aa:f4:63:49:31:3b:e6:84:dc:17:0a:03:c3:19:dc:9a:
33:bf:84:b5:f7:4b:71:6e:80:5a:ce:26:af:37:c0:12:66:93:
b6:82:58:ee:d9:eb:71:da:c2:1c:d4:d6:90:70:c6:5d:a6:ed:
54:33:86:78:3d:36:52:36:75:41:e7:49:73:4f:30:ff:eb:08:
f9:a6:db:06:f8:92:dc:11:b9:43:49:4c:41:fe:ff:4c:12:4c:
83:33:52:2c:50:f8:f7:53:66:93:1a:bb:ae:8b:8f:f6:05:d9:
57:51:63:26:9c:25:8b:5e:94:74:7f:08:01:a9:26:e1:5a:54:
97:ca:31:29:93:07:58:c1:cd:4d:eb:e0:51:0f:99:3b:e8:f1:
fd:34:ce:ce
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBPYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
NjM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCMTQ0NjBENENENDAy
NTBCOEM5QTEzQjBBQzM5RTMyMkQ4NTQ3M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwNAzihRV+j01MU4Ofe39vRDZf07kPQFStNUoF5V6Qt/xXiYuh
MRqC5mI+hRcu4hXohP4GNeChjPnnLBi8WVZOyACxk/Ev2+xEjDznLB8XBWBwV93e
1Z6uI+rAuFfgO447MHUdWfDl1E+AvEh266kbjVoVf7GEWAn+9Qnt+bNy8/eatn4Q
jrNHZxksE++lOJXZMPPcVmZ0kB0DGaVrnDbcZyU+0U7+IBGv1+9yjIfGZZQeKDhW
KI6YOMmOama8LN/ITrp2z8D0wtV7v0k20EB0R+JHJjOOc/tZycJwzTTGPGeNmP93
cYdOfXEsVVuM/dSwgJAq4SAe+mIyUnTJbOBRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuxRGDUzUAlC4yaE7CsOeMi2FRzwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91eFJHRFV6VUFsQzR5YUU3
Q3NPZU1pMkZSencucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADLhL/fuSC21VTlMj+9oHVjnWToPA9FM7nPX
HjCQ9jVrDcnwlUfBQk/ZCJI4IwJlJCfj679h4xlFDuNo/j/eJfIbVPV2nN3DcPQf
D+r9fYzyNiqEaJ95YqiY4rVLBx14P/1N/WcyiLBb8mqie3auqvRjSTE75oTcFwoD
wxncmjO/hLX3S3FugFrOJq83wBJmk7aCWO7Z63HawhzU1pBwxl2m7VQzhng9NlI2
dUHnSXNPMP/rCPmm2wb4ktwRuUNJTEH+/0wSTIMzUixQ+PdTZpMau66Lj/YF2VdR
YyacJYtelHR/CAGpJuFaVJfKMSmTB1jBzU3r4FEPmTvo8f00zs4=
-----END CERTIFICATE-----
Generated at Sun May 18 04:47:54 2025 by rpki-client