Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wNTAz0WCikgIQiEPq1KkeR4L2V8.roa
File: wNTAz0WCikgIQiEPq1KkeR4L2V8.roa (raw, json)
Hash identifier: JcIJTjKHInZOtTgBuhGYYeVIabYs6mzA97YpNM0+kZo=
Subject key identifier: C0:D4:C0:CF:45:82:8A:48:08:42:21:0F:AB:52:A4:79:1E:0B:D9:5F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0666
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wNTAz0WCikgIQiEPq1KkeR4L2V8.roa
Signing time: Thu 15 May 2025 14:38:10 +0000
ROA not before: Thu 15 May 2025 14:38:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1638 (0x666)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 14:38:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C0D4C0CF45828A480842210FAB52A4791E0BD95F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7e:7b:42:35:95:67:d0:ef:0d:35:d0:f2:c3:
29:21:1f:75:37:75:7d:4b:88:d7:28:39:f3:97:4e:
76:e2:25:c5:48:98:5c:39:33:69:e2:1d:31:ed:44:
ab:7b:71:d9:73:38:54:93:76:eb:6e:bc:c0:13:3b:
04:ee:1d:59:76:50:79:d3:65:15:33:33:55:fd:46:
11:c1:b7:69:5d:3b:86:22:e7:b6:c0:02:b3:ea:4f:
b6:97:d3:76:ec:4f:ef:b6:52:75:ce:95:67:eb:c9:
f5:68:45:d4:30:2a:1e:3d:28:62:4d:af:77:dc:80:
18:0f:f1:8a:07:be:67:30:aa:28:2f:d3:1c:53:73:
6d:d6:c1:47:d4:1b:8b:c4:01:0f:54:d7:af:0a:73:
eb:c0:cd:0a:1b:4a:fd:cf:1a:dc:1e:29:92:a8:e5:
eb:73:f0:e7:32:96:f9:e8:92:50:e0:01:c0:86:4b:
8e:72:95:a0:b0:a3:f6:45:b2:7c:85:97:ca:f3:d4:
7c:4e:f0:42:1f:56:b2:cb:60:05:3a:68:dc:9e:d3:
db:6e:1d:d2:93:bf:fe:6a:98:b7:5c:5c:e3:b7:61:
46:8f:ca:ff:d8:dc:d8:e8:19:fa:8a:86:3c:0b:2a:
8a:97:60:b9:24:13:60:07:f7:74:c4:9f:e0:53:00:
09:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D4:C0:CF:45:82:8A:48:08:42:21:0F:AB:52:A4:79:1E:0B:D9:5F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wNTAz0WCikgIQiEPq1KkeR4L2V8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:4b:1e:39:46:11:5f:05:0c:cc:44:c3:68:20:0d:25:56:5d:
3e:c6:6e:cc:4a:79:b2:e9:de:2c:54:78:d6:77:5d:20:ad:d3:
68:8e:68:94:9a:b1:51:73:7b:c6:df:bf:b1:d1:43:82:10:25:
65:0d:93:ab:f7:a8:67:62:5a:1a:4e:07:ed:b8:5d:c8:48:b0:
f5:2b:c8:9d:b5:d2:a6:7b:c1:ec:19:a5:65:b0:33:c9:cb:ba:
fa:9f:e4:12:17:8e:95:1a:6d:9a:9a:1e:a5:20:89:dd:23:d9:
26:bc:80:d4:7e:f1:1a:b0:99:e0:d2:db:02:35:a0:a8:fb:17:
53:37:a7:c3:cc:1e:1f:cc:aa:ed:de:99:3c:fc:25:54:a8:f9:
04:a9:4c:da:e0:ce:24:92:53:69:90:62:17:c1:fd:68:c9:b3:
0b:93:94:f5:a1:05:c4:a2:24:dd:9a:de:4e:fd:51:3e:68:f6:
6d:a0:f1:35:ea:2c:e6:d0:4e:9b:53:c8:63:e5:4b:5e:f4:ff:
b3:c1:66:1b:b9:1b:33:3e:ab:95:d3:01:e0:c3:9f:46:73:bf:
0c:28:d6:b1:7b:bc:a7:73:a3:40:e7:21:d7:76:b9:ff:a2:4f:
17:b4:b0:b9:a2:e5:99:29:2c:c6:69:eb:59:69:35:de:66:0e:
63:3c:94:4e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBmYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
NDM4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMwRDRDMENGNDU4MjhB
NDgwODQyMjEwRkFCNTJBNDc5MUUwQkQ5NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9fntCNZVn0O8NNdDywykhH3U3dX1LiNcoOfOXTnbiJcVImFw5
M2niHTHtRKt7cdlzOFSTdutuvMATOwTuHVl2UHnTZRUzM1X9RhHBt2ldO4Yi57bA
ArPqT7aX03bsT++2UnXOlWfryfVoRdQwKh49KGJNr3fcgBgP8YoHvmcwqigv0xxT
c23WwUfUG4vEAQ9U168Kc+vAzQobSv3PGtweKZKo5etz8OcylvnoklDgAcCGS45y
laCwo/ZFsnyFl8rz1HxO8EIfVrLLYAU6aNye09tuHdKTv/5qmLdcXOO3YUaPyv/Y
3NjoGfqKhjwLKoqXYLkkE2AH93TEn+BTAAkhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwNTAz0WCikgIQiEPq1KkeR4L2V8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93TlRBejBXQ2lrZ0lRaUVQ
cTFLa2VSNEwyVjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADZLHjlGEV8FDMxEw2ggDSVWXT7GbsxKebLp
3ixUeNZ3XSCt02iOaJSasVFze8bfv7HRQ4IQJWUNk6v3qGdiWhpOB+24XchIsPUr
yJ210qZ7wewZpWWwM8nLuvqf5BIXjpUabZqaHqUgid0j2Sa8gNR+8RqwmeDS2wI1
oKj7F1M3p8PMHh/Mqu3emTz8JVSo+QSpTNrgziSSU2mQYhfB/WjJswuTlPWhBcSi
JN2a3k79UT5o9m2g8TXqLObQTptTyGPlS170/7PBZhu5GzM+q5XTAeDDn0Zzvwwo
1rF7vKdzo0DnIdd2uf+iTxe0sLmi5ZkpLMZp61lpNd5mDmM8lE4=
-----END CERTIFICATE-----
Generated at Sun May 18 02:03:54 2025 by rpki-client