Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0JtJl5zePLMZMJrjxuP8RbF_Jck.roa
File: 0JtJl5zePLMZMJrjxuP8RbF_Jck.roa (raw, json)
Hash identifier: EwGFrSS+nreNpKXwbHpUTVHoT5zBNcH6esDMM7HXvLo=
Subject key identifier: D0:9B:49:97:9C:DE:3C:B3:19:30:9A:E3:C6:E3:FC:45:B1:7F:25:C9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 08AA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0JtJl5zePLMZMJrjxuP8RbF_Jck.roa
Signing time: Sun 18 May 2025 15:08:21 +0000
ROA not before: Sun 18 May 2025 15:08:21 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2218 (0x8aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 15:08:21 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D09B49979CDE3CB319309AE3C6E3FC45B17F25C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:3e:8f:e9:6c:9c:f0:ee:f0:1e:4d:b1:9b:
07:ee:9a:3f:23:3a:91:f0:59:0a:b0:0c:42:2b:24:
c1:d4:bb:82:71:32:7f:b9:8c:4f:03:4c:90:a2:76:
75:b5:1e:69:c5:85:f1:8a:83:e1:d0:31:ef:51:06:
0c:57:d5:30:15:9d:83:f7:f2:c2:33:3d:78:f7:dc:
55:48:a2:e3:68:84:3e:57:83:41:7f:7b:dc:6a:80:
75:7d:b4:a4:be:49:54:68:bd:67:29:54:1b:2c:cf:
6b:68:53:cb:6f:8b:3b:f4:07:06:0e:9f:e1:88:8c:
55:d9:cf:02:de:85:dc:4e:aa:53:c7:b3:5e:62:fa:
dc:4d:41:a9:74:6c:66:34:1b:b1:ac:a1:ab:a8:76:
8b:da:44:46:9b:68:04:3a:e3:09:b8:f7:96:90:6f:
3d:f2:e6:37:ec:e8:34:c4:bf:cd:f9:61:87:df:c6:
85:8c:6f:37:0f:a8:19:1b:08:19:42:ad:82:a3:a0:
e5:6b:d5:19:16:e9:ff:91:95:37:26:7e:9a:3c:59:
a2:a7:c0:d8:ad:53:57:0d:f0:48:6a:d4:d4:41:46:
17:20:f7:08:1e:b8:41:c1:54:c8:24:af:32:04:f8:
7c:97:0e:3b:30:ea:ae:2d:ae:e8:11:98:72:bb:c3:
50:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:9B:49:97:9C:DE:3C:B3:19:30:9A:E3:C6:E3:FC:45:B1:7F:25:C9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0JtJl5zePLMZMJrjxuP8RbF_Jck.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:d8:b9:02:29:78:16:d4:62:5f:a9:26:ce:f2:49:50:12:f9:
fd:e8:69:ca:ba:e7:2f:61:08:d8:dc:3d:72:ff:af:74:e1:d0:
9a:37:86:2e:7a:7d:c1:f9:9a:1a:a4:76:e6:73:8c:cd:76:c9:
d4:fd:4d:ba:2b:37:8d:ef:63:64:f2:89:ee:00:18:c2:76:ae:
8d:ee:c0:29:48:ca:d4:27:d6:28:40:17:0d:a6:26:05:4f:9d:
27:03:5f:76:7b:19:27:45:7e:27:ad:15:67:a4:e0:16:10:05:
d5:8f:27:16:00:e2:6c:0b:2b:58:0b:da:6e:e0:cf:4c:11:99:
c7:f5:37:82:38:84:5c:9b:a1:9c:c4:1d:40:90:79:95:bf:ab:
ca:d5:7c:57:8e:4f:1d:9f:01:5b:7a:d3:b6:96:b5:cc:ea:02:
1f:8f:b2:64:07:dd:d4:3c:18:6d:86:c6:47:57:9b:de:24:7f:
8a:5c:d0:10:d1:5a:9e:b9:d3:b9:de:37:df:c6:1d:a6:67:3e:
da:2f:45:6f:99:1c:b5:59:54:7c:f8:a2:a1:77:cf:b0:36:43:
30:0b:a3:7d:51:04:eb:d2:df:a6:6d:98:47:30:af:5a:e9:42:
f0:2d:53:75:81:57:db:47:ee:e4:19:01:7c:34:d7:a7:86:13:
41:cf:88:e7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
NTA4MjFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQwOUI0OTk3OUNERTND
QjMxOTMwOUFFM0M2RTNGQzQ1QjE3RjI1QzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkhD6P6Wyc8O7wHk2xmwfumj8jOpHwWQqwDEIrJMHUu4JxMn+5
jE8DTJCidnW1HmnFhfGKg+HQMe9RBgxX1TAVnYP38sIzPXj33FVIouNohD5Xg0F/
e9xqgHV9tKS+SVRovWcpVBssz2toU8tvizv0BwYOn+GIjFXZzwLehdxOqlPHs15i
+txNQal0bGY0G7GsoauodovaREabaAQ64wm495aQbz3y5jfs6DTEv835YYffxoWM
bzcPqBkbCBlCrYKjoOVr1RkW6f+RlTcmfpo8WaKnwNitU1cN8Ehq1NRBRhcg9wge
uEHBVMgkrzIE+HyXDjsw6q4trugRmHK7w1DFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0JtJl5zePLMZMJrjxuP8RbF/JckwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wSnRKbDV6ZVBMTVpNSnJq
eHVQOFJiRl9KY2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJXYuQIpeBbUYl+pJs7ySVAS+f3oacq65y9h
CNjcPXL/r3Th0Jo3hi56fcH5mhqkduZzjM12ydT9TborN43vY2Tyie4AGMJ2ro3u
wClIytQn1ihAFw2mJgVPnScDX3Z7GSdFfietFWek4BYQBdWPJxYA4mwLK1gL2m7g
z0wRmcf1N4I4hFyboZzEHUCQeZW/q8rVfFeOTx2fAVt607aWtczqAh+PsmQH3dQ8
GG2GxkdXm94kf4pc0BDRWp6507neN9/GHaZnPtovRW+ZHLVZVHz4oqF3z7A2QzAL
o31RBOvS36ZtmEcwr1rpQvAtU3WBV9tH7uQZAXw016eGE0HPiOc=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:55:22 2025 by rpki-client