Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wXnY5EmznM5b52jb8NRtwZzwGxw.roa
File: wXnY5EmznM5b52jb8NRtwZzwGxw.roa (raw, json)
Hash identifier: zIuk2QXJ6GbHP5PMo4T9IMNXpvergnrWB6ksRxzCL0M=
Subject key identifier: C1:79:D8:E4:49:B3:9C:CE:5B:E7:68:DB:F0:D4:6D:C1:9C:F0:1B:1C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07C6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wXnY5EmznM5b52jb8NRtwZzwGxw.roa
Signing time: Sat 17 May 2025 10:38:09 +0000
ROA not before: Sat 17 May 2025 10:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1990 (0x7c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 10:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C179D8E449B39CCE5BE768DBF0D46DC19CF01B1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:dd:c6:34:01:70:34:58:22:54:fc:57:f3:6f:
8c:94:2e:70:07:40:b7:08:0e:12:4d:4d:a9:9c:1e:
77:37:e5:eb:b3:9d:cc:a2:6e:9d:4b:4c:d2:63:f1:
e7:cb:ea:4c:94:e3:bc:09:fc:8a:83:59:2f:55:e8:
5c:59:c8:21:d9:09:a5:c3:65:81:5b:84:1c:c3:33:
66:a7:ec:b7:7b:ea:5d:68:5c:c2:58:3c:af:e1:48:
31:ca:da:be:46:4b:cd:5e:88:58:f5:5c:0b:cf:2a:
56:b9:ad:3e:41:c1:3e:ee:95:ab:c6:84:bc:84:7b:
15:8a:2a:6f:77:4b:28:3f:59:56:ad:a4:39:1a:32:
28:06:29:c1:df:a1:1b:3a:32:ef:39:0c:11:f4:82:
c8:a6:5d:de:65:a4:4e:75:82:79:17:9c:42:f4:70:
13:61:65:0d:46:f6:28:18:3b:5a:7a:0a:63:b1:ce:
7d:79:45:4f:83:ec:15:7d:0e:81:fc:c6:92:da:6f:
69:f7:1d:8b:92:20:70:6c:ad:e5:bb:81:24:b8:46:
33:f9:6d:0f:b8:a9:ee:de:4c:80:24:61:65:ff:de:
25:fc:66:bb:93:8c:bd:41:db:a2:57:63:71:4e:8d:
44:0d:02:58:d6:f2:9c:3b:40:cb:b0:03:2a:67:1a:
46:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:79:D8:E4:49:B3:9C:CE:5B:E7:68:DB:F0:D4:6D:C1:9C:F0:1B:1C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wXnY5EmznM5b52jb8NRtwZzwGxw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:8d:0c:bf:3b:7b:b9:ff:93:ca:24:95:54:55:86:c8:98:7f:
7e:3a:ee:38:14:bc:1e:ce:76:ec:fe:22:dc:e9:47:6c:7a:d0:
37:cd:e7:8f:8e:10:a5:cc:01:78:2a:0e:73:6d:eb:1a:45:bc:
55:02:ac:6a:2d:14:6c:10:e0:ce:eb:c9:c0:7e:36:a3:20:a7:
2a:29:66:c1:17:b4:97:40:b1:22:36:85:e5:8e:37:f0:31:9d:
37:bf:59:59:4c:f8:17:11:02:f1:36:81:4a:37:b0:7f:b1:85:
0c:d7:53:05:64:53:dd:08:a1:28:a9:0d:d4:a2:1b:d6:1d:36:
96:de:25:d8:43:44:5b:05:22:36:09:5f:fa:b0:f6:f4:f6:70:
ad:4f:8a:34:39:f5:6d:9d:f9:9b:18:ac:09:90:ee:b2:d8:fc:
ec:ba:2c:12:e8:a1:fe:b4:63:df:3d:ac:c5:43:56:c3:47:24:
1d:24:fb:91:43:7e:6f:37:57:aa:48:a8:a2:3c:36:5b:db:3c:
f2:b9:eb:1f:b1:1a:95:d1:f2:53:c6:d8:24:b4:d4:aa:c2:9f:
db:1c:82:8b:bf:19:fb:4b:da:bf:5b:56:b9:08:dc:74:61:ad:
38:bb:d2:51:d7:37:5b:9d:1f:2e:54:c3:4f:5a:91:53:ae:33:
ba:63:4d:d3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB8YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcx
MDM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMxNzlEOEU0NDlCMzlD
Q0U1QkU3NjhEQkYwRDQ2REMxOUNGMDFCMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg3cY0AXA0WCJU/Ffzb4yULnAHQLcIDhJNTamcHnc35euzncyi
bp1LTNJj8efL6kyU47wJ/IqDWS9V6FxZyCHZCaXDZYFbhBzDM2an7Ld76l1oXMJY
PK/hSDHK2r5GS81eiFj1XAvPKla5rT5BwT7ulavGhLyEexWKKm93Syg/WVatpDka
MigGKcHfoRs6Mu85DBH0gsimXd5lpE51gnkXnEL0cBNhZQ1G9igYO1p6CmOxzn15
RU+D7BV9DoH8xpLab2n3HYuSIHBsreW7gSS4RjP5bQ+4qe7eTIAkYWX/3iX8ZruT
jL1B26JXY3FOjUQNAljW8pw7QMuwAypnGka/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwXnY5EmznM5b52jb8NRtwZzwGxwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93WG5ZNUVtem5NNWI1Mmpi
OE5SdHdaendHeHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJONDL87e7n/k8oklVRVhsiYf3467jgUvB7O
duz+ItzpR2x60DfN54+OEKXMAXgqDnNt6xpFvFUCrGotFGwQ4M7rycB+NqMgpyop
ZsEXtJdAsSI2heWON/AxnTe/WVlM+BcRAvE2gUo3sH+xhQzXUwVkU90IoSipDdSi
G9YdNpbeJdhDRFsFIjYJX/qw9vT2cK1PijQ59W2d+ZsYrAmQ7rLY/Oy6LBLoof60
Y989rMVDVsNHJB0k+5FDfm83V6pIqKI8NlvbPPK56x+xGpXR8lPG2CS01KrCn9sc
gou/GftL2r9bVrkI3HRhrTi70lHXN1udHy5Uw09akVOuM7pjTdM=
-----END CERTIFICATE-----
Generated at Sun May 18 02:04:01 2025 by rpki-client