Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-zGy5ijN8-qr-6FQvf5nzXn_E2k.roa
File: -zGy5ijN8-qr-6FQvf5nzXn_E2k.roa (raw, json)
Hash identifier: CX8eXEhYwe4GWxgxDQqtZkARHsGwoOv/ByHs84MqJ+s=
Subject key identifier: FB:31:B2:E6:28:CD:F3:EA:AB:FB:A1:50:BD:FE:67:CD:79:FF:13:69
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0196
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-zGy5ijN8-qr-6FQvf5nzXn_E2k.roa
Signing time: Fri 09 May 2025 04:37:45 +0000
ROA not before: Fri 09 May 2025 04:37:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406 (0x196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 04:37:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FB31B2E628CDF3EAABFBA150BDFE67CD79FF1369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:79:98:aa:f6:d0:c8:09:21:4c:aa:8d:df:be:
94:05:55:12:15:fd:a5:8c:b1:9e:5f:6e:d2:5d:7d:
f0:d4:25:a3:54:4b:59:45:2b:1f:8d:31:15:54:cf:
08:0d:c8:a7:92:b4:bb:58:9e:1a:4d:23:e8:6b:ab:
fc:bb:c5:8a:2b:1d:16:96:88:be:9c:9b:02:ff:7e:
e4:a9:7f:35:96:ae:0c:95:8b:2a:c5:5b:c4:ee:56:
e7:5b:bd:9d:2b:5b:2d:f7:43:bc:ea:88:d5:72:9c:
25:41:0d:7d:4a:fd:2e:d6:1b:71:d7:99:19:d1:fd:
bb:fb:8e:4e:dc:06:0d:6d:84:a5:fc:47:af:df:39:
aa:5b:17:08:8c:b8:95:90:f2:cc:ee:18:44:28:c8:
16:e8:ae:f2:4a:13:f0:bf:d0:02:82:73:cc:a0:c6:
8d:30:6b:5c:05:40:64:85:b1:62:89:28:52:84:7c:
4c:dc:f9:65:f5:0f:a7:c8:a6:c2:58:78:74:11:f4:
e4:e8:37:1c:49:23:fa:03:6c:e0:7e:8a:74:24:f6:
8e:e6:47:d8:c5:ac:ba:3c:8f:af:c8:62:ed:51:ff:
5a:f2:d3:ef:cc:ba:fa:9e:22:09:7d:e1:a9:98:4f:
33:14:0a:6e:de:72:0e:60:ec:aa:d9:cc:c9:57:31:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:31:B2:E6:28:CD:F3:EA:AB:FB:A1:50:BD:FE:67:CD:79:FF:13:69
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-zGy5ijN8-qr-6FQvf5nzXn_E2k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:ee:24:b1:6c:48:6e:9f:d3:70:fb:de:2b:41:62:d0:b0:23:
5e:ad:15:64:82:a1:cb:5e:65:d7:71:dc:0f:d4:22:99:5c:58:
8d:b9:fa:f8:4f:7a:96:16:a9:3e:f6:eb:89:c5:ac:95:6f:92:
de:ba:77:cb:cf:3c:59:90:b1:1d:4e:bc:65:a5:b5:bc:07:e7:
7c:8a:ce:3c:02:13:b5:e3:ad:a2:c4:13:1b:00:d7:e0:39:63:
b7:da:46:45:6c:ee:49:af:ff:c0:97:c3:df:f2:01:d0:d8:5b:
f4:72:4c:02:15:d8:86:bc:3b:cb:54:8b:83:35:60:8b:74:fb:
75:2f:66:7a:75:17:8c:ef:e7:6b:c6:b6:6e:2b:fa:2a:59:73:
a8:1f:d0:25:4c:20:d6:0b:20:c5:b5:2d:ad:cf:3a:04:46:44:
10:01:c4:31:1e:33:d0:c9:1f:62:5e:d5:e4:fc:66:7e:50:0e:
7a:16:8a:97:60:2d:91:7e:9c:1a:73:a9:cb:9d:90:d8:0f:f4:
23:24:6c:11:e0:6c:39:d3:21:d6:8a:7b:8b:48:9d:c6:fe:1b:
d1:2f:1f:69:d4:e9:9e:6e:bd:f9:70:e4:b6:6e:1d:76:0b:31:
d5:ce:3c:62:94:bd:e2:b4:66:16:c0:1c:84:e7:ed:3e:8d:91:
3b:09:3f:84
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkw
NDM3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZCMzFCMkU2MjhDREYz
RUFBQkZCQTE1MEJERkU2N0NENzlGRjEzNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8eZiq9tDICSFMqo3fvpQFVRIV/aWMsZ5fbtJdffDUJaNUS1lF
Kx+NMRVUzwgNyKeStLtYnhpNI+hrq/y7xYorHRaWiL6cmwL/fuSpfzWWrgyViyrF
W8TuVudbvZ0rWy33Q7zqiNVynCVBDX1K/S7WG3HXmRnR/bv7jk7cBg1thKX8R6/f
OapbFwiMuJWQ8szuGEQoyBborvJKE/C/0AKCc8ygxo0wa1wFQGSFsWKJKFKEfEzc
+WX1D6fIpsJYeHQR9OToNxxJI/oDbOB+inQk9o7mR9jFrLo8j6/IYu1R/1ry0+/M
uvqeIgl94amYTzMUCm7ecg5g7KrZzMlXMYopAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+zGy5ijN8+qr+6FQvf5nzXn/E2kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tekd5NWlqTjgtcXItNkZR
dmY1bnpYbl9FMmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF/uJLFsSG6f03D73itBYtCwI16tFWSCocte
Zddx3A/UIplcWI25+vhPepYWqT7264nFrJVvkt66d8vPPFmQsR1OvGWltbwH53yK
zjwCE7XjraLEExsA1+A5Y7faRkVs7kmv/8CXw9/yAdDYW/RyTAIV2Ia8O8tUi4M1
YIt0+3UvZnp1F4zv52vGtm4r+ipZc6gf0CVMINYLIMW1La3POgRGRBABxDEeM9DJ
H2Je1eT8Zn5QDnoWipdgLZF+nBpzqcudkNgP9CMkbBHgbDnTIdaKe4tIncb+G9Ev
H2nU6Z5uvflw5LZuHXYLMdXOPGKUveK0ZhbAHITn7T6NkTsJP4Q=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:45:59 2025 by rpki-client