Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xjbDpRiLLs3R2tFOuMtUMhHs2pA.roa
File: xjbDpRiLLs3R2tFOuMtUMhHs2pA.roa (raw, json)
Hash identifier: GhFxYMV0r/QinPaaVuwSc4qGKM5OIOL3JgjYpDwvd6E=
Subject key identifier: C6:36:C3:A5:18:8B:2E:CD:D1:DA:D1:4E:B8:CB:54:32:11:EC:DA:90
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: EE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xjbDpRiLLs3R2tFOuMtUMhHs2pA.roa
Signing time: Thu 08 May 2025 07:37:41 +0000
ROA not before: Thu 08 May 2025 07:37:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 238 (0xee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 07:37:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C636C3A5188B2ECDD1DAD14EB8CB543211ECDA90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ea:48:78:4b:00:00:54:ef:0d:6d:6f:28:3e:
33:15:95:90:77:2a:3f:a9:d4:0e:ee:7b:2f:b2:25:
e7:02:44:93:35:42:ff:2b:fb:04:a6:0a:27:35:1e:
8b:6e:1f:ac:05:4e:0f:9b:58:53:be:fc:48:ba:2c:
a3:c6:a0:4b:f6:de:7f:5b:1f:d3:f2:3d:26:5f:18:
4e:da:64:89:a5:99:11:50:e3:4a:6d:f0:23:88:bd:
2c:f5:dc:b2:f5:d1:7f:ce:d1:fe:aa:66:09:2f:cb:
3c:8c:4a:36:71:3a:89:17:ae:18:07:9b:f9:17:36:
54:3d:e2:2e:a1:45:2b:6d:89:4d:9e:5c:89:6b:cc:
7b:6d:52:ea:01:2e:c6:12:2b:0f:6b:39:d6:97:83:
48:51:e6:0b:5b:c5:05:2a:46:d1:51:59:fa:07:34:
60:64:01:1f:c7:2d:fe:02:ab:89:e7:24:a2:1f:ea:
97:49:ad:37:b6:86:2d:bb:ea:98:36:b3:c9:d3:ce:
d7:a1:28:02:04:63:a5:6e:7c:f6:25:49:5f:f6:a8:
69:43:be:9f:bb:09:6a:9b:f8:ae:1e:07:8b:8c:cc:
19:1a:f0:5c:04:fa:9a:60:b1:a1:8b:32:95:83:79:
2d:ae:4e:b6:22:be:f3:59:f1:36:5a:db:70:9c:0d:
b7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:36:C3:A5:18:8B:2E:CD:D1:DA:D1:4E:B8:CB:54:32:11:EC:DA:90
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xjbDpRiLLs3R2tFOuMtUMhHs2pA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:4a:af:f8:f9:70:72:57:5b:83:6f:2a:79:75:2f:09:30:27:
55:a5:0e:09:73:1c:9c:b2:f9:ad:3d:1e:fe:02:81:89:a7:bf:
51:dd:0b:a7:f5:5a:38:73:93:78:ae:b0:aa:1a:6e:9a:7f:32:
d3:e9:bb:e4:64:a3:d8:74:89:6f:4e:83:b5:2b:d6:5e:6f:7d:
d4:f8:8e:85:2c:13:10:e8:75:dc:48:2a:8a:98:2c:b0:56:d8:
a2:1b:01:ee:b7:ae:dd:65:78:c5:ce:00:50:96:2a:fb:d1:93:
2c:82:c4:77:b5:84:b8:e3:f7:df:bd:cb:c7:c1:fe:90:2e:ae:
58:6e:cd:9d:55:b8:53:12:22:b7:a5:41:4a:68:3e:7f:84:b2:
8a:01:7a:66:c9:fb:5e:23:15:7e:6f:c0:93:01:c3:95:09:4a:
fa:76:ea:da:1d:47:8e:4e:1a:6d:6d:03:22:12:36:bc:d0:4d:
be:7f:3b:2f:66:94:e9:13:d5:cb:d5:97:41:31:ad:3c:8d:09:
87:bf:69:69:d3:cd:8c:4b:c4:6e:af:73:75:14:24:d5:60:08:
ce:ff:67:0d:b7:0f:f8:aa:f3:f4:0d:ff:5b:98:f8:ae:7d:16:
84:d0:ac:db:0a:4f:e4:12:78:aa:4b:d0:d6:5b:aa:4b:d7:ba:
15:ab:6c:ea
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NzM3NDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM2MzZDM0E1MTg4QjJF
Q0REMURBRDE0RUI4Q0I1NDMyMTFFQ0RBOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC86kh4SwAAVO8NbW8oPjMVlZB3Kj+p1A7uey+yJecCRJM1Qv8r
+wSmCic1HotuH6wFTg+bWFO+/Ei6LKPGoEv23n9bH9PyPSZfGE7aZImlmRFQ40pt
8COIvSz13LL10X/O0f6qZgkvyzyMSjZxOokXrhgHm/kXNlQ94i6hRSttiU2eXIlr
zHttUuoBLsYSKw9rOdaXg0hR5gtbxQUqRtFRWfoHNGBkAR/HLf4Cq4nnJKIf6pdJ
rTe2hi276pg2s8nTztehKAIEY6VufPYlSV/2qGlDvp+7CWqb+K4eB4uMzBka8FwE
+ppgsaGLMpWDeS2uTrYivvNZ8TZa23CcDbd7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxjbDpRiLLs3R2tFOuMtUMhHs2pAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94amJEcFJpTExzM1IydEZP
dU10VU1oSHMycEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAH1Kr/j5cHJXW4NvKnl1LwkwJ1WlDglzHJyy
+a09Hv4CgYmnv1HdC6f1Wjhzk3iusKoabpp/MtPpu+Rko9h0iW9Og7Ur1l5vfdT4
joUsExDoddxIKoqYLLBW2KIbAe63rt1leMXOAFCWKvvRkyyCxHe1hLjj99+9y8fB
/pAurlhuzZ1VuFMSIrelQUpoPn+EsooBembJ+14jFX5vwJMBw5UJSvp26todR45O
Gm1tAyISNrzQTb5/Oy9mlOkT1cvVl0ExrTyNCYe/aWnTzYxLxG6vc3UUJNVgCM7/
Zw23D/iq8/QN/1uY+K59FoTQrNsKT+QSeKpL0NZbqkvXuhWrbOo=
-----END CERTIFICATE-----
Generated at Sat May 17 23:27:06 2025 by rpki-client