Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/10pX-y0oRzUqW3mXScxRMGwafBk.roa
File: 10pX-y0oRzUqW3mXScxRMGwafBk.roa (raw, json)
Hash identifier: OPvyRwr+S38Q3Mke69vECTZ/nntLccjNmfc4ksSzEXY=
Subject key identifier: D7:4A:57:FB:2D:28:47:35:2A:5B:79:97:49:CC:51:30:6C:1A:7C:19
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CFA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/10pX-y0oRzUqW3mXScxRMGwafBk.roa
Signing time: Sat 24 May 2025 09:09:16 +0000
ROA not before: Sat 24 May 2025 09:09:16 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3322 (0xcfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 09:09:16 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D74A57FB2D2847352A5B799749CC51306C1A7C19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cb:52:06:39:7c:6f:5e:92:09:a1:9d:a6:14:
9e:7e:70:e2:28:25:2f:a7:27:15:a5:53:58:a8:87:
ad:b2:c7:fb:a7:3c:6a:54:ac:05:7d:c4:93:2e:5e:
0f:75:93:cf:9e:35:ec:b1:ce:5c:37:c2:11:71:45:
a5:d6:5a:5b:a6:63:ce:32:54:2e:7d:f7:76:b5:7b:
b4:ed:21:9f:01:1e:b8:06:f2:40:15:87:c7:50:ea:
13:be:93:06:ed:f3:ed:0b:68:d5:5a:2f:e3:3c:c7:
72:38:3f:ff:ae:aa:e9:37:97:67:04:f4:66:0f:cd:
65:ab:b7:7e:b1:d5:b3:67:5b:62:b7:b2:39:99:ce:
e2:db:43:cb:a8:be:80:b8:07:ca:cc:9e:72:fb:bf:
ef:e5:46:32:56:49:b2:a6:4f:ea:d6:6c:ff:bf:b0:
93:b6:3b:4e:5e:62:d2:65:2e:ca:3e:68:bc:f6:ef:
6e:de:a3:a3:76:63:30:97:a4:e1:d5:55:a5:03:20:
49:17:19:ee:18:8a:c6:21:98:76:fd:73:85:e9:c1:
fb:82:76:d7:87:4f:77:62:38:e1:fa:d6:bc:df:09:
32:2b:21:b4:75:fe:0d:06:de:1f:2b:05:42:1e:df:
9a:ed:15:9b:5e:98:e8:b4:56:11:38:cb:ed:60:e8:
09:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:4A:57:FB:2D:28:47:35:2A:5B:79:97:49:CC:51:30:6C:1A:7C:19
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/10pX-y0oRzUqW3mXScxRMGwafBk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:23:34:51:b4:a7:3d:85:ff:a7:7e:39:81:b6:d0:3c:2c:b0:
b4:e1:34:1b:0b:d5:c3:68:68:6f:23:af:19:20:27:ec:fe:a4:
58:32:c6:32:83:45:1a:cb:0d:fa:a7:3f:6a:a9:77:fc:0b:1e:
d6:f6:22:d5:0c:0f:a2:59:f5:8e:04:06:7c:ea:9c:bc:02:51:
d6:8d:71:34:2a:c0:b8:37:14:2b:4f:ef:d7:f6:37:0f:b0:5c:
6e:27:b8:0b:d8:35:ba:13:10:17:0b:a7:79:f3:3c:9f:53:d7:
d8:89:c0:83:47:f4:49:73:f6:11:00:65:31:14:7c:96:db:aa:
48:df:1e:32:1e:ac:27:97:bd:f6:91:fd:13:fb:1d:21:ac:95:
07:05:5a:4f:a9:a8:f9:a0:b4:eb:82:95:3c:c4:9e:28:72:cd:
29:65:60:66:de:4f:56:ab:67:26:3b:ca:bf:c0:40:22:30:d9:
26:96:09:2e:40:74:2d:7c:5f:ac:fe:5b:14:49:b1:08:9a:3c:
ab:b2:c5:97:b3:36:ba:27:1a:d7:c7:93:d7:d7:31:1d:e3:ba:
d4:ef:8e:5e:92:08:11:0a:96:ce:d7:83:9a:f3:c9:04:fc:8f:
94:18:fc:85:1f:08:3a:8e:e2:74:47:ce:a8:30:7d:c0:89:a7:
1b:16:a5:eb
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQw
OTA5MTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ3NEE1N0ZCMkQyODQ3
MzUyQTVCNzk5NzQ5Q0M1MTMwNkMxQTdDMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAy1IGOXxvXpIJoZ2mFJ5+cOIoJS+nJxWlU1ioh62yx/unPGpU
rAV9xJMuXg91k8+eNeyxzlw3whFxRaXWWlumY84yVC5993a1e7TtIZ8BHrgG8kAV
h8dQ6hO+kwbt8+0LaNVaL+M8x3I4P/+uquk3l2cE9GYPzWWrt36x1bNnW2K3sjmZ
zuLbQ8uovoC4B8rMnnL7v+/lRjJWSbKmT+rWbP+/sJO2O05eYtJlLso+aLz2727e
o6N2YzCXpOHVVaUDIEkXGe4YisYhmHb9c4XpwfuCdteHT3diOOH61rzfCTIrIbR1
/g0G3h8rBUIe35rtFZtemOi0VhE4y+1g6AmpAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU10pX+y0oRzUqW3mXScxRMGwafBkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xMHBYLXkwb1J6VXFXM21Y
U2N4Uk1Hd2FmQmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHIjNFG0pz2F/6d+OYG20DwssLThNBsL1cNo
aG8jrxkgJ+z+pFgyxjKDRRrLDfqnP2qpd/wLHtb2ItUMD6JZ9Y4EBnzqnLwCUdaN
cTQqwLg3FCtP79f2Nw+wXG4nuAvYNboTEBcLp3nzPJ9T19iJwINH9Elz9hEAZTEU
fJbbqkjfHjIerCeXvfaR/RP7HSGslQcFWk+pqPmgtOuClTzEnihyzSllYGbeT1ar
ZyY7yr/AQCIw2SaWCS5AdC18X6z+WxRJsQiaPKuyxZezNronGtfHk9fXMR3jutTv
jl6SCBEKls7Xg5rzyQT8j5QY/IUfCDqO4nRHzqgwfcCJpxsWpes=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:10:23 2025 by rpki-client