Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/v5FM4KUwFjXgkbKKK3ACLYs4vn4.roa
File: v5FM4KUwFjXgkbKKK3ACLYs4vn4.roa (raw, json)
Hash identifier: yWKrkQz8eG5HdhvYo2944Ha6tHxkGFzm59LfaJiWqRw=
Subject key identifier: BF:91:4C:E0:A5:30:16:35:E0:91:B2:8A:2B:70:02:2D:8B:38:BE:7E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0702
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/v5FM4KUwFjXgkbKKK3ACLYs4vn4.roa
Signing time: Fri 16 May 2025 10:08:29 +0000
ROA not before: Fri 16 May 2025 10:08:29 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1794 (0x702)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 10:08:29 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BF914CE0A5301635E091B28A2B70022D8B38BE7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:29:7b:fc:68:ff:ef:1e:c7:89:61:a7:7a:e0:
4c:9b:22:74:87:52:7f:73:3d:dc:cd:b5:bf:d4:2b:
dc:5b:5d:b7:95:58:ed:22:b7:b5:b9:1a:60:8e:44:
71:13:0f:de:7a:80:29:df:28:86:a0:17:de:d7:9f:
3e:d3:ec:30:b1:30:d3:41:12:17:47:ad:ef:68:e6:
9f:f3:a2:d3:20:14:63:e9:d2:c9:65:94:5b:af:6f:
a2:14:a9:f8:fb:79:7a:e0:d5:64:9d:b8:88:b9:d0:
32:d2:f2:79:d4:84:db:34:c0:8b:b7:d5:9c:3f:4c:
45:43:45:3e:8c:85:e5:ab:52:0f:a2:47:67:56:1c:
ef:68:49:d8:26:34:b7:90:56:39:9d:eb:ac:38:c6:
37:22:93:05:df:0e:4a:43:46:95:a3:13:93:30:de:
24:7c:5d:08:75:9f:d3:2e:55:b6:7d:de:6c:7f:57:
a1:05:d0:0e:3c:1a:8b:d1:57:9f:c0:cf:8c:31:61:
1f:34:5a:09:1c:f7:e0:8c:ca:29:ba:57:67:3c:f5:
21:08:9d:72:f8:ba:43:69:dd:94:de:be:b5:a1:b5:
86:94:de:ca:0e:fa:f2:88:b0:7d:6b:d5:0e:94:7f:
5d:20:52:ed:e7:11:78:16:37:8c:99:b4:39:10:dc:
2b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:91:4C:E0:A5:30:16:35:E0:91:B2:8A:2B:70:02:2D:8B:38:BE:7E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/v5FM4KUwFjXgkbKKK3ACLYs4vn4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:3c:b3:ad:2f:92:a0:f8:72:05:f3:15:78:56:61:fe:ee:a1:
6c:36:ab:c2:98:d3:da:71:4b:af:80:88:9b:b8:37:2a:c8:82:
4f:dd:46:ef:3b:ed:1c:5b:ee:09:22:97:64:ac:31:8f:f6:3d:
da:3e:f6:28:d1:78:c7:39:28:bb:f9:9a:5a:bf:08:3d:43:e2:
a1:6a:5e:bb:81:d9:d1:9b:49:5f:c1:74:4f:57:b3:36:d4:ab:
bb:d8:e3:6a:8b:c0:ca:77:bc:82:5d:24:16:b9:f8:4a:b5:b4:
35:e0:0f:b1:7a:09:75:89:e3:78:8b:7d:c8:fb:d1:13:14:ab:
69:a7:c3:cd:b7:7e:e0:44:e3:29:68:5b:d0:be:68:98:14:f0:
13:a3:a6:37:39:f7:c3:23:56:d5:87:99:22:5a:ae:f2:8c:83:
d4:1c:d2:1a:d3:4c:8f:1b:d1:8e:00:ea:ee:3f:86:52:8a:00:
e2:cf:6e:42:70:5f:db:11:f3:2b:93:72:8b:16:f8:c3:fc:ba:
04:a4:f8:4a:43:73:a2:db:a8:23:da:0a:46:0f:e8:4f:62:fd:
fc:8b:e2:2f:48:35:36:8e:03:a4:20:3b:12:8e:ec:63:88:3e:
3f:c7:9c:c8:f1:eb:6c:c0:e9:85:81:3f:63:a2:51:b0:95:a0:
e0:b8:6b:db
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYx
MDA4MjlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJGOTE0Q0UwQTUzMDE2
MzVFMDkxQjI4QTJCNzAwMjJEOEIzOEJFN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/KXv8aP/vHseJYad64EybInSHUn9zPdzNtb/UK9xbXbeVWO0i
t7W5GmCORHETD956gCnfKIagF97Xnz7T7DCxMNNBEhdHre9o5p/zotMgFGPp0sll
lFuvb6IUqfj7eXrg1WSduIi50DLS8nnUhNs0wIu31Zw/TEVDRT6MheWrUg+iR2dW
HO9oSdgmNLeQVjmd66w4xjcikwXfDkpDRpWjE5Mw3iR8XQh1n9MuVbZ93mx/V6EF
0A48GovRV5/Az4wxYR80Wgkc9+CMyim6V2c89SEInXL4ukNp3ZTevrWhtYaU3soO
+vKIsH1r1Q6Uf10gUu3nEXgWN4yZtDkQ3CtTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUv5FM4KUwFjXgkbKKK3ACLYs4vn4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92NUZNNEtVd0ZqWGdrYktL
SzNBQ0xZczR2bjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIk8s60vkqD4cgXzFXhWYf7uoWw2q8KY09px
S6+AiJu4NyrIgk/dRu877Rxb7gkil2SsMY/2Pdo+9ijReMc5KLv5mlq/CD1D4qFq
XruB2dGbSV/BdE9XszbUq7vY42qLwMp3vIJdJBa5+Eq1tDXgD7F6CXWJ43iLfcj7
0RMUq2mnw823fuBE4yloW9C+aJgU8BOjpjc598MjVtWHmSJarvKMg9Qc0hrTTI8b
0Y4A6u4/hlKKAOLPbkJwX9sR8yuTcosW+MP8ugSk+EpDc6LbqCPaCkYP6E9i/fyL
4i9INTaOA6QgOxKO7GOIPj/HnMjx62zA6YWBP2OiUbCVoOC4a9s=
-----END CERTIFICATE-----
Generated at Sat May 17 21:44:48 2025 by rpki-client