Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zSuf7rRFkJcFY_0KUd23HY-MlmU.roa
File: zSuf7rRFkJcFY_0KUd23HY-MlmU.roa (raw, json)
Hash identifier: ib77j5iyBJmCymISwESOxFioIseNrRzYCZAWzmUy2Bs=
Subject key identifier: CD:2B:9F:EE:B4:45:90:97:05:63:FD:0A:51:DD:B7:1D:8F:8C:96:65
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0572
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zSuf7rRFkJcFY_0KUd23HY-MlmU.roa
Signing time: Wed 14 May 2025 08:08:02 +0000
ROA not before: Wed 14 May 2025 08:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1394 (0x572)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 08:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CD2B9FEEB44590970563FD0A51DDB71D8F8C9665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:48:6d:19:a0:60:af:93:fb:cb:17:3b:e4:84:
ea:32:b1:47:ea:af:71:79:f0:be:b5:25:4f:2d:38:
24:40:27:bf:92:86:43:59:32:64:7e:0f:3d:ed:69:
ca:b6:3f:b2:b1:1b:71:32:a2:01:56:a4:c4:6d:bd:
8b:f6:50:53:fa:2a:92:7c:01:3a:a4:5b:1e:e6:d7:
9c:83:ed:79:49:bf:45:a0:4d:ab:ed:e4:15:97:d6:
96:36:57:c2:89:8b:7e:be:39:4d:dd:57:92:7b:7b:
26:ea:00:7d:00:bf:90:ed:72:82:65:84:4e:a0:05:
a1:1f:ab:a0:0a:ff:04:2c:7b:aa:1c:f9:70:fe:8c:
eb:66:76:24:7f:04:f3:8c:10:bf:bc:d7:84:f4:1d:
7f:63:ba:ea:1e:f4:9a:62:31:2e:2a:50:70:d9:6a:
0f:a3:98:90:2a:fc:f2:88:e0:89:af:f6:0b:c2:b7:
4d:33:dd:e4:3a:d0:52:f2:25:6d:a7:5f:e3:fd:3e:
20:17:04:d7:84:11:d1:f0:4a:e9:bd:51:10:31:05:
d6:72:db:6c:aa:71:00:b0:af:73:34:99:da:e5:f9:
30:8a:6b:6e:43:bd:94:ad:47:2d:cb:fd:f4:68:d3:
f1:4c:16:2e:ef:c4:98:ca:b5:53:f6:7b:9d:82:bd:
47:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2B:9F:EE:B4:45:90:97:05:63:FD:0A:51:DD:B7:1D:8F:8C:96:65
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zSuf7rRFkJcFY_0KUd23HY-MlmU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
93:5c:23:42:2e:58:00:57:b7:cc:59:1a:62:ac:9c:28:f0:fd:
6b:8e:8b:7a:bb:f8:4e:44:9e:b2:47:17:29:4c:40:a1:4e:79:
59:c5:a6:16:52:5c:78:9b:b1:d7:ce:68:58:4a:a6:31:69:03:
bd:75:b6:34:8d:25:d4:54:7b:01:76:81:7f:bc:cc:ae:e2:b7:
63:84:29:10:9d:7b:a6:ef:ca:91:26:b9:57:56:41:5e:27:c3:
09:12:c6:29:10:7d:8e:38:14:d6:6d:e2:df:f3:fd:e9:0f:bb:
70:a4:ed:d7:6a:05:e6:a1:da:6c:21:d1:e6:61:fd:7a:b6:b2:
78:8d:04:be:1c:29:dc:a5:0f:49:24:ff:8e:09:87:86:4a:ba:
d6:74:c3:9a:93:08:12:18:20:2a:8e:bb:96:92:85:8d:77:fd:
fa:99:f8:7b:c7:a2:88:e8:c7:16:ec:64:fe:0b:35:fe:ad:77:
db:fc:6f:9d:a1:c6:eb:a7:24:fa:15:e8:e4:ff:41:67:28:09:
b0:5a:a9:3e:c1:82:35:64:94:7b:76:de:b6:88:b2:5b:79:15:
1c:d5:31:1d:8d:c4:14:19:05:6d:f0:58:b7:e1:c6:24:46:01:
11:1e:36:f7:f8:ce:8d:be:73:ba:1a:49:66:e0:9c:2f:b2:45:
f6:ce:b0:b2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
ODA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENEMkI5RkVFQjQ0NTkw
OTcwNTYzRkQwQTUxRERCNzFEOEY4Qzk2NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6SG0ZoGCvk/vLFzvkhOoysUfqr3F58L61JU8tOCRAJ7+ShkNZ
MmR+Dz3tacq2P7KxG3EyogFWpMRtvYv2UFP6KpJ8ATqkWx7m15yD7XlJv0WgTavt
5BWX1pY2V8KJi36+OU3dV5J7eybqAH0Av5DtcoJlhE6gBaEfq6AK/wQse6oc+XD+
jOtmdiR/BPOMEL+814T0HX9juuoe9JpiMS4qUHDZag+jmJAq/PKI4Imv9gvCt00z
3eQ60FLyJW2nX+P9PiAXBNeEEdHwSum9URAxBdZy22yqcQCwr3M0mdrl+TCKa25D
vZStRy3L/fRo0/FMFi7vxJjKtVP2e52CvUfbAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzSuf7rRFkJcFY/0KUd23HY+MlmUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96U3VmN3JSRmtKY0ZZXzBL
VWQyM0hZLU1sbVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJNcI0IuWABXt8xZGmKsnCjw/WuOi3q7+E5E
nrJHFylMQKFOeVnFphZSXHibsdfOaFhKpjFpA711tjSNJdRUewF2gX+8zK7it2OE
KRCde6bvypEmuVdWQV4nwwkSxikQfY44FNZt4t/z/ekPu3Ck7ddqBeah2mwh0eZh
/Xq2sniNBL4cKdylD0kk/44Jh4ZKutZ0w5qTCBIYICqOu5aShY13/fqZ+HvHoojo
xxbsZP4LNf6td9v8b52hxuunJPoV6OT/QWcoCbBaqT7BgjVklHt23raIslt5FRzV
MR2NxBQZBW3wWLfhxiRGAREeNvf4zo2+c7oaSWbgnC+yRfbOsLI=
-----END CERTIFICATE-----
Generated at Sun May 18 18:38:50 2025 by rpki-client