Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-meUHuqMRC0CdTVeAE2nOFsc8X0.roa
File: -meUHuqMRC0CdTVeAE2nOFsc8X0.roa (raw, json)
Hash identifier: PEeKORYrtrJ9mfnqUXiJ+j/Gp3DehnOynNsXvFltPsg=
Subject key identifier: FA:67:94:1E:EA:8C:44:2D:02:75:35:5E:00:4D:A7:38:5B:1C:F1:7D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1252
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-meUHuqMRC0CdTVeAE2nOFsc8X0.roa
Signing time: Sat 31 May 2025 12:09:12 +0000
ROA not before: Sat 31 May 2025 12:09:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4690 (0x1252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 12:09:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FA67941EEA8C442D0275355E004DA7385B1CF17D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:95:2e:42:1c:15:0b:1a:77:6a:0a:26:72:
a7:61:c5:1a:99:5f:71:d8:09:ee:11:19:b4:2a:71:
9f:46:d4:21:5d:c9:c2:3a:d8:cb:cb:19:fb:a0:5d:
6c:78:2c:d9:66:c6:fe:eb:9d:9f:24:8a:c5:13:17:
fc:a8:aa:f8:a4:33:a8:2f:37:7d:44:5f:cd:4b:66:
17:75:81:3f:1c:97:61:9c:7e:a7:b4:c3:94:17:cb:
6b:fa:9f:cc:3b:13:16:4a:cb:00:3f:da:12:05:d1:
bb:58:b9:82:00:91:10:16:81:6e:7c:98:f4:45:c0:
b9:2a:e5:a8:bb:dc:87:87:69:7f:c4:f4:6c:ad:9d:
bb:0f:93:98:8a:d7:f0:f3:c7:d8:3f:45:a6:07:af:
56:65:f7:ca:9d:b1:2e:a4:35:a3:6b:33:56:5b:45:
6f:8a:f8:3d:de:b7:a9:3f:18:49:c6:4a:5b:a5:33:
d4:cb:0d:39:5f:15:35:e2:fa:71:32:13:47:d2:12:
f7:10:28:66:e5:d2:5b:00:34:f5:37:4a:7e:d4:2b:
7a:97:43:eb:e3:4a:4b:54:9e:a1:12:93:b3:ad:6b:
7b:d2:41:4a:93:10:67:64:56:a0:b6:96:1a:39:73:
ba:0e:ab:af:c1:e8:5b:4d:d9:3f:3d:2e:e2:2a:6f:
81:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:67:94:1E:EA:8C:44:2D:02:75:35:5E:00:4D:A7:38:5B:1C:F1:7D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-meUHuqMRC0CdTVeAE2nOFsc8X0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:aa:89:1b:60:d8:f7:74:f6:84:16:c9:3d:ee:56:6a:78:df:
9d:f1:2d:53:7a:3a:f7:0e:dd:d7:a2:5a:6e:2b:1d:c3:45:34:
ed:16:ca:9c:c4:7d:69:56:02:34:65:ed:35:82:e4:47:83:d8:
70:7c:b6:3d:c8:b0:29:7f:93:2b:4a:75:8d:b6:b3:78:c0:69:
68:b1:a2:a9:75:5a:e8:5f:cd:40:97:e0:43:98:db:85:fd:6e:
60:f4:71:f5:8b:d5:74:9c:9a:4b:ab:da:11:82:7e:06:eb:d1:
d7:b3:8f:d0:a8:3f:91:74:33:04:fb:dc:41:c5:0f:b1:ff:3e:
6b:e6:54:c2:ce:fc:a2:33:a6:11:d2:55:2c:5c:3e:67:02:33:
97:05:00:64:fe:cf:92:54:3d:f0:8d:d4:f1:d4:e9:40:44:c8:
ef:7b:16:f3:ac:52:18:a2:70:dd:f4:4f:61:49:50:5f:64:ba:
d0:6d:a8:d5:4f:f4:65:d7:d2:f0:b8:d9:df:3d:dd:b6:75:81:
63:03:75:5c:70:63:76:07:18:0d:94:47:e0:85:68:9a:82:c3:
5d:c7:ff:3f:45:90:d8:97:0f:74:e2:13:16:0e:09:e1:f6:60:
bd:aa:4c:c1:f5:ee:ff:86:36:8b:8e:fd:31:aa:f2:a4:cb:06:
62:fb:7a:0d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICElIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
MjA5MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZBNjc5NDFFRUE4QzQ0
MkQwMjc1MzU1RTAwNERBNzM4NUIxQ0YxN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzpZUuQhwVCxp3agomcqdhxRqZX3HYCe4RGbQqcZ9G1CFdycI6
2MvLGfugXWx4LNlmxv7rnZ8kisUTF/yoqvikM6gvN31EX81LZhd1gT8cl2Gcfqe0
w5QXy2v6n8w7ExZKywA/2hIF0btYuYIAkRAWgW58mPRFwLkq5ai73IeHaX/E9Gyt
nbsPk5iK1/Dzx9g/RaYHr1Zl98qdsS6kNaNrM1ZbRW+K+D3et6k/GEnGSlulM9TL
DTlfFTXi+nEyE0fSEvcQKGbl0lsANPU3Sn7UK3qXQ+vjSktUnqESk7Ota3vSQUqT
EGdkVqC2lho5c7oOq6/B6FtN2T89LuIqb4FZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+meUHuqMRC0CdTVeAE2nOFsc8X0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tbWVVSHVxTVJDMENkVFZl
QUUybk9Gc2M4WDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABaqiRtg2Pd09oQWyT3uVmp4353xLVN6OvcO
3deiWm4rHcNFNO0WypzEfWlWAjRl7TWC5EeD2HB8tj3IsCl/kytKdY22s3jAaWix
oql1WuhfzUCX4EOY24X9bmD0cfWL1XScmkur2hGCfgbr0dezj9CoP5F0MwT73EHF
D7H/PmvmVMLO/KIzphHSVSxcPmcCM5cFAGT+z5JUPfCN1PHU6UBEyO97FvOsUhii
cN30T2FJUF9kutBtqNVP9GXX0vC42d893bZ1gWMDdVxwY3YHGA2UR+CFaJqCw13H
/z9FkNiXD3TiExYOCeH2YL2qTMH17v+GNouO/TGq8qTLBmL7eg0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:02:08 2025 by rpki-client