Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wTGazKSM5xyqYQMApd1t00nLc_w.roa
File: wTGazKSM5xyqYQMApd1t00nLc_w.roa (raw, json)
Hash identifier: Tm+nGuNzAt25SoZW7DLuqVPKe26GGP19Umi6IiQuPJ0=
Subject key identifier: C1:31:9A:CC:A4:8C:E7:1C:AA:61:03:00:A5:DD:6D:D3:49:CB:73:FC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04E2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wTGazKSM5xyqYQMApd1t00nLc_w.roa
Signing time: Tue 13 May 2025 14:08:08 +0000
ROA not before: Tue 13 May 2025 14:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1250 (0x4e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 14:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C1319ACCA48CE71CAA610300A5DD6DD349CB73FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:f6:26:d3:d2:58:83:fc:95:03:30:de:e4:
b0:3a:66:45:d9:58:d7:d6:1d:26:2c:87:f8:57:1d:
94:67:74:3b:02:63:ed:ff:72:4c:21:fe:69:0b:99:
c9:ca:98:e2:06:b4:dd:27:45:d2:fa:a4:28:66:6d:
95:4f:e5:fc:41:be:72:33:df:fe:c0:7d:55:5b:85:
81:39:e1:66:e2:9e:63:b3:12:b9:5f:c2:86:56:35:
d0:2c:bb:a1:aa:fa:30:ef:c0:ee:cf:da:dc:02:e0:
a9:c7:66:4e:e3:3e:74:a7:87:47:62:60:03:2c:cd:
cb:08:eb:44:49:c6:63:50:45:ad:7f:c4:a0:28:ba:
da:99:61:ab:36:6d:0b:49:c7:60:21:35:7e:7c:e2:
01:5c:16:7a:9d:14:90:47:fc:2d:2a:36:48:02:7d:
75:23:ab:c2:0d:d1:41:f7:1b:4e:4b:b2:37:8a:8c:
9b:fe:aa:4c:82:24:45:a4:04:cf:a6:89:bd:c1:8e:
33:de:3f:82:10:ce:4b:22:65:18:03:2c:3e:fb:ba:
26:43:3d:cf:92:a1:7e:e2:d4:84:26:67:8f:73:fe:
8e:a2:88:02:bf:9d:86:95:db:42:2c:bf:3c:3c:54:
66:ea:93:a4:b5:2a:09:2e:14:19:ca:1e:dc:43:f3:
37:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:31:9A:CC:A4:8C:E7:1C:AA:61:03:00:A5:DD:6D:D3:49:CB:73:FC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wTGazKSM5xyqYQMApd1t00nLc_w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:e7:54:dc:ee:4d:f3:1f:60:a6:3b:22:eb:5f:d7:d5:3f:06:
40:37:d0:91:77:11:8a:23:7e:18:9e:f1:7b:b7:43:ab:84:2d:
b3:6b:2e:3d:1f:7e:0f:7c:f8:83:60:fa:85:c2:30:63:a5:47:
d0:2e:75:85:70:79:d8:b0:64:13:38:84:bf:87:2f:9c:56:64:
cb:78:b4:0a:59:6f:09:09:09:33:4a:1f:34:06:72:4c:f3:36:
04:f9:1e:6d:93:1d:69:b5:48:26:2d:3e:b4:92:40:7f:a5:8a:
b1:28:61:84:c4:b1:5e:85:d4:bb:21:14:8a:9f:e7:51:bf:a3:
cb:5c:59:80:d4:2b:52:d5:0d:22:8e:3e:ad:ba:f6:46:00:08:
07:23:5c:c0:8c:92:7d:d6:99:b3:5b:b2:47:d4:9d:cc:fd:cb:
2a:32:2e:5e:ff:f6:89:ac:03:1f:e7:9b:3e:ea:1b:b9:e8:dd:
55:01:1d:ea:8c:be:dd:4f:e9:fe:a4:14:72:55:c8:85:8f:f8:
c9:5a:df:c9:ce:5d:4e:6a:65:8a:02:f8:b1:45:c2:2e:26:80:
3c:89:13:5e:4b:e3:7d:18:c6:99:bf:5d:16:c8:58:eb:e4:9d:
d1:91:7c:48:ab:40:e4:d7:e2:03:0f:71:50:65:9b:d9:fe:b5:
76:34:2b:5e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBOIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
NDA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMxMzE5QUNDQTQ4Q0U3
MUNBQTYxMDMwMEE1REQ2REQzNDlDQjczRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq+vYm09JYg/yVAzDe5LA6ZkXZWNfWHSYsh/hXHZRndDsCY+3/
ckwh/mkLmcnKmOIGtN0nRdL6pChmbZVP5fxBvnIz3/7AfVVbhYE54WbinmOzErlf
woZWNdAsu6Gq+jDvwO7P2twC4KnHZk7jPnSnh0diYAMszcsI60RJxmNQRa1/xKAo
utqZYas2bQtJx2AhNX584gFcFnqdFJBH/C0qNkgCfXUjq8IN0UH3G05LsjeKjJv+
qkyCJEWkBM+mib3BjjPeP4IQzksiZRgDLD77uiZDPc+SoX7i1IQmZ49z/o6iiAK/
nYaV20Isvzw8VGbqk6S1KgkuFBnKHtxD8zfxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwTGazKSM5xyqYQMApd1t00nLc/wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93VEdhektTTTV4eXFZUU1B
cGQxdDAwbkxjX3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKXnVNzuTfMfYKY7Iutf19U/BkA30JF3EYoj
fhie8Xu3Q6uELbNrLj0ffg98+INg+oXCMGOlR9AudYVwediwZBM4hL+HL5xWZMt4
tApZbwkJCTNKHzQGckzzNgT5Hm2THWm1SCYtPrSSQH+lirEoYYTEsV6F1LshFIqf
51G/o8tcWYDUK1LVDSKOPq269kYACAcjXMCMkn3WmbNbskfUncz9yyoyLl7/9oms
Ax/nmz7qG7no3VUBHeqMvt1P6f6kFHJVyIWP+Mla38nOXU5qZYoC+LFFwi4mgDyJ
E15L430Yxpm/XRbIWOvkndGRfEirQOTX4gMPcVBlm9n+tXY0K14=
-----END CERTIFICATE-----
Generated at Sun May 18 22:39:41 2025 by rpki-client