Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/vPARxm8tfAoMF6c730P3nD19fH4.roa
File: vPARxm8tfAoMF6c730P3nD19fH4.roa (raw, json)
Hash identifier: fDGh4WZPwclhr0CrOoWj3GlkqfQDtwKLXCD7Hkr5sNg=
Subject key identifier: BC:F0:11:C6:6F:2D:7C:0A:0C:17:A7:3B:DF:43:F7:9C:3D:7D:7C:7E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 045A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vPARxm8tfAoMF6c730P3nD19fH4.roa
Signing time: Mon 12 May 2025 21:07:57 +0000
ROA not before: Mon 12 May 2025 21:07:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114 (0x45a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 21:07:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BCF011C66F2D7C0A0C17A73BDF43F79C3D7D7C7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:46:72:44:63:b2:97:64:0c:72:b4:42:f7:92:
da:a2:05:27:cb:ad:47:e0:22:30:56:a5:da:1a:64:
19:8b:06:cc:e7:e2:91:19:66:79:9c:b3:7b:74:47:
84:79:a0:bd:67:b4:79:59:3f:95:af:e4:c3:36:71:
95:ff:f5:f5:4f:6e:fb:15:b7:3b:60:40:4b:d5:ad:
75:18:48:04:22:cf:a8:f8:0c:20:91:67:49:bc:8a:
b7:9d:4a:b9:b7:02:f0:e7:0e:4b:48:bc:80:9e:e5:
41:a2:ca:bc:e2:77:45:60:97:fb:61:0c:0f:7f:60:
a8:15:70:1f:83:39:75:c0:96:88:8c:7e:52:60:5f:
33:22:a5:75:13:c9:4e:14:cb:24:75:9f:fe:57:01:
c9:31:a6:d8:61:2e:14:37:46:1b:da:74:82:a5:ff:
79:47:7a:8a:94:14:62:fc:33:9e:1b:c8:da:5c:51:
d6:5d:57:ce:00:23:7f:66:89:dc:9d:52:91:e1:03:
0a:a7:fa:42:26:ed:54:b0:65:87:23:90:f2:d8:df:
58:ce:a0:a3:94:6a:bf:07:b9:eb:a9:c2:9b:73:48:
99:78:c9:87:39:3c:23:47:5a:e5:26:29:18:6e:6f:
42:1b:c2:c6:b5:bf:11:39:e0:30:70:73:38:8d:7d:
e9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F0:11:C6:6F:2D:7C:0A:0C:17:A7:3B:DF:43:F7:9C:3D:7D:7C:7E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/vPARxm8tfAoMF6c730P3nD19fH4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:eb:22:98:f1:2a:e8:71:de:45:17:16:14:d3:2b:cb:34:30:
be:1f:3a:92:f6:a4:41:eb:b4:26:97:25:12:d1:40:f3:a8:aa:
b3:28:2a:98:a1:64:2e:f5:29:a8:e2:59:ba:05:5f:29:a3:28:
92:8b:12:a5:45:ad:87:17:5e:c7:41:ab:0f:5a:07:cb:cd:39:
b8:79:08:78:10:4a:2b:03:fb:dc:24:71:1e:cc:86:e0:02:87:
a2:67:e3:ca:a1:e4:26:fc:f3:6e:2c:c7:8d:ea:27:bf:df:71:
fc:8a:19:30:c7:c7:62:b6:58:b0:ae:a2:dd:e5:79:85:ae:ae:
02:b0:ca:08:f5:bb:8e:08:a8:a3:c1:b9:70:5b:bd:d4:b1:49:
1c:72:1e:fc:d1:db:6c:e4:44:74:78:e5:d2:c7:6f:e4:cc:d4:
5e:9e:3c:85:09:68:ec:2c:85:fe:01:bf:b1:0a:9e:f0:52:9f:
97:4d:3c:5e:63:ed:cc:ca:7b:0e:d6:3c:6c:4f:2e:b0:9b:38:
9f:8e:7d:78:e2:2f:27:2c:80:a3:ec:be:e4:8c:1f:7d:29:d1:
16:f8:d0:56:30:52:89:f9:dd:ce:7d:44:c1:ff:0e:33:4f:09:
f7:16:81:a1:49:3a:cc:9d:6a:6b:a8:d0:f4:38:3a:32:5b:48:
d2:dd:a5:27
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBFowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIy
MTA3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJDRjAxMUM2NkYyRDdD
MEEwQzE3QTczQkRGNDNGNzlDM0Q3RDdDN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSRnJEY7KXZAxytEL3ktqiBSfLrUfgIjBWpdoaZBmLBszn4pEZ
Znmcs3t0R4R5oL1ntHlZP5Wv5MM2cZX/9fVPbvsVtztgQEvVrXUYSAQiz6j4DCCR
Z0m8iredSrm3AvDnDktIvICe5UGiyrzid0Vgl/thDA9/YKgVcB+DOXXAloiMflJg
XzMipXUTyU4UyyR1n/5XAckxpthhLhQ3RhvadIKl/3lHeoqUFGL8M54byNpcUdZd
V84AI39midydUpHhAwqn+kIm7VSwZYcjkPLY31jOoKOUar8HueupwptzSJl4yYc5
PCNHWuUmKRhub0Ibwsa1vxE54DBwcziNfekDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUvPARxm8tfAoMF6c730P3nD19fH4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni92UEFSeG04dGZBb01GNmM3
MzBQM25EMTlmSDQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF/rIpjxKuhx3kUXFhTTK8s0ML4fOpL2pEHr
tCaXJRLRQPOoqrMoKpihZC71KajiWboFXymjKJKLEqVFrYcXXsdBqw9aB8vNObh5
CHgQSisD+9wkcR7MhuACh6Jn48qh5Cb8824sx43qJ7/fcfyKGTDHx2K2WLCuot3l
eYWurgKwygj1u44IqKPBuXBbvdSxSRxyHvzR22zkRHR45dLHb+TM1F6ePIUJaOws
hf4Bv7EKnvBSn5dNPF5j7czKew7WPGxPLrCbOJ+OfXjiLycsgKPsvuSMH30p0Rb4
0FYwUon53c59RMH/DjNPCfcWgaFJOsydamuo0PQ4OjJbSNLdpSc=
-----END CERTIFICATE-----
Generated at Sun May 18 04:51:52 2025 by rpki-client