Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/wls467FV6IGoCmrNlxOVdGQRWqM.roa
File: wls467FV6IGoCmrNlxOVdGQRWqM.roa (raw, json)
Hash identifier: dBBR5g609pOyl9ZZ5Df37uhVhOCkL4HmcB3Xa4S8osY=
Subject key identifier: C2:5B:38:EB:B1:55:E8:81:A8:0A:6A:CD:97:13:95:74:64:11:5A:A3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05BE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wls467FV6IGoCmrNlxOVdGQRWqM.roa
Signing time: Wed 14 May 2025 17:38:01 +0000
ROA not before: Wed 14 May 2025 17:38:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1470 (0x5be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 17:38:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C25B38EBB155E881A80A6ACD9713957464115AA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:de:f8:45:95:1a:c8:5e:83:3c:a0:b6:83:1e:
e0:0a:e6:d6:20:1b:88:ab:a1:5c:9f:b4:37:54:05:
ef:06:78:f2:12:3a:71:97:8a:94:e3:6d:bb:ae:b8:
ff:b4:1f:0e:28:12:30:77:48:79:97:75:21:46:30:
f3:4e:e2:47:4c:1e:17:e9:ac:15:66:4c:2a:05:0e:
cc:dd:6f:c6:7a:d0:e2:9a:a3:c9:67:ba:91:39:20:
64:01:68:ee:76:44:74:1b:7d:bf:a8:5d:3f:26:2c:
36:b6:b1:3b:1e:c2:f0:87:55:4e:c3:e4:5d:bf:dd:
fb:08:8f:22:c7:c5:d6:7d:d8:3c:87:bb:9b:57:31:
78:b7:c6:e8:e3:c8:c1:17:7d:e3:d5:98:fd:61:29:
e9:07:c9:fa:bc:93:7b:68:57:a2:50:2c:ee:ad:a2:
1e:c8:62:3c:cc:49:ba:70:19:a1:10:9d:1f:f1:66:
e5:58:55:d0:70:e7:39:99:26:83:2d:06:4e:29:d4:
72:71:53:ab:75:95:04:47:0d:33:f4:24:c2:1c:a5:
00:fc:0f:a9:ce:4e:c0:b3:77:61:9b:8b:68:fe:9f:
47:04:ef:8d:62:1a:37:60:00:3a:21:4c:a1:0c:c4:
39:bb:1b:e5:4d:88:2f:8c:30:58:86:5c:1f:9f:0e:
c2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:5B:38:EB:B1:55:E8:81:A8:0A:6A:CD:97:13:95:74:64:11:5A:A3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/wls467FV6IGoCmrNlxOVdGQRWqM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:8f:d3:ef:c4:19:7f:5e:1e:18:fa:c5:5c:1a:56:ab:da:4c:
54:f3:a0:62:f0:e2:97:8e:19:a5:55:75:35:81:9c:78:6b:f1:
27:da:13:97:ef:d2:94:41:9d:f6:e1:98:85:53:43:8f:a6:75:
99:ce:30:44:01:7d:de:7f:ea:17:da:02:06:41:d0:19:d9:1e:
b5:e8:78:e4:83:2c:34:67:1f:c7:44:67:87:f7:17:36:cb:56:
10:af:bf:8a:2e:96:97:a0:84:df:1c:31:d3:99:6e:6c:b3:c8:
c1:97:73:ec:2c:4a:11:f0:2c:ef:8d:7d:f4:3d:9d:ee:6a:48:
20:32:a8:d8:d5:84:cb:e9:99:a9:89:c1:5a:7e:02:2d:f6:5a:
49:b8:3a:a0:d3:9d:1a:4b:21:16:d2:e0:83:30:4f:17:83:58:
d1:ce:13:3e:e3:31:18:33:86:16:94:30:f4:89:06:a4:59:d5:
52:d7:80:c1:62:0d:fe:7f:d3:ad:59:92:18:02:f2:38:1c:a9:
02:fb:93:70:e3:a6:c4:84:b7:96:a8:6c:15:2d:e6:61:8b:eb:
23:49:cd:2d:43:1f:2a:c6:23:f0:f4:7a:d4:e5:40:ed:be:29:
c3:74:af:37:09:e1:3f:54:70:74:f7:29:0c:21:dd:f6:f1:1a:
71:e3:8b:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBb4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
NzM4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEMyNUIzOEVCQjE1NUU4
ODFBODBBNkFDRDk3MTM5NTc0NjQxMTVBQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC93vhFlRrIXoM8oLaDHuAK5tYgG4iroVyftDdUBe8GePISOnGX
ipTjbbuuuP+0Hw4oEjB3SHmXdSFGMPNO4kdMHhfprBVmTCoFDszdb8Z60OKao8ln
upE5IGQBaO52RHQbfb+oXT8mLDa2sTsewvCHVU7D5F2/3fsIjyLHxdZ92DyHu5tX
MXi3xujjyMEXfePVmP1hKekHyfq8k3toV6JQLO6toh7IYjzMSbpwGaEQnR/xZuVY
VdBw5zmZJoMtBk4p1HJxU6t1lQRHDTP0JMIcpQD8D6nOTsCzd2Gbi2j+n0cE741i
GjdgADohTKEMxDm7G+VNiC+MMFiGXB+fDsJVAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUwls467FV6IGoCmrNlxOVdGQRWqMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni93bHM0NjdGVjZJR29DbXJO
bHhPVmRHUVJXcU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACWP0+/EGX9eHhj6xVwaVqvaTFTzoGLw4peO
GaVVdTWBnHhr8SfaE5fv0pRBnfbhmIVTQ4+mdZnOMEQBfd5/6hfaAgZB0BnZHrXo
eOSDLDRnH8dEZ4f3FzbLVhCvv4oulpeghN8cMdOZbmyzyMGXc+wsShHwLO+NffQ9
ne5qSCAyqNjVhMvpmamJwVp+Ai32Wkm4OqDTnRpLIRbS4IMwTxeDWNHOEz7jMRgz
hhaUMPSJBqRZ1VLXgMFiDf5/061ZkhgC8jgcqQL7k3DjpsSEt5aobBUt5mGL6yNJ
zS1DHyrGI/D0etTlQO2+KcN0rzcJ4T9UcHT3KQwh3fbxGnHji8U=
-----END CERTIFICATE-----
Generated at Sat May 17 22:38:11 2025 by rpki-client