Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/13S6IGxI_29JLLEytaaG_0k0gBY.roa
File: 13S6IGxI_29JLLEytaaG_0k0gBY.roa (raw, json)
Hash identifier: TNCFyQL/D/r4pXR5RiVlXoSjkmZTvZ9VLVlQhfk0IxE=
Subject key identifier: D7:74:BA:20:6C:48:FF:6F:49:2C:B1:32:B5:A6:86:FF:49:34:80:16
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0786
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/13S6IGxI_29JLLEytaaG_0k0gBY.roa
Signing time: Sat 17 May 2025 02:38:07 +0000
ROA not before: Sat 17 May 2025 02:38:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1926 (0x786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 02:38:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D774BA206C48FF6F492CB132B5A686FF49348016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:5f:3f:22:66:39:5e:cf:c5:31:29:c6:fa:
94:80:80:1a:ae:85:7e:f8:bf:15:0f:d1:62:92:b0:
2f:b2:4f:2e:45:20:85:88:a2:a6:e2:99:50:08:8b:
6b:41:87:b5:6d:49:37:2d:c6:d4:07:0c:87:ab:97:
c4:f0:7d:1e:cb:c8:11:22:fa:53:99:f3:41:7c:a0:
54:12:e7:db:e1:12:e3:10:d1:4b:52:9a:be:dc:e8:
08:a2:e9:3c:e5:a1:aa:7c:8a:7a:fa:01:48:cd:03:
00:05:f7:07:73:86:c5:bf:7e:70:16:43:00:e2:4d:
5c:60:6e:1b:85:9a:9c:40:09:fa:d4:18:93:72:4e:
b7:c5:56:63:3f:1c:61:55:10:f5:b1:01:9d:f1:0c:
40:05:76:d6:62:a1:64:eb:8b:96:f5:78:29:68:6f:
6b:60:2c:53:74:33:e4:bc:92:82:dd:36:d4:87:1a:
92:50:78:cc:d8:8c:ec:b2:62:26:c7:d6:fb:4c:ab:
57:de:e9:45:ff:98:a2:64:6f:5c:00:40:ca:a3:e2:
86:6c:10:7b:cc:cb:39:f7:8d:01:7c:9c:f3:2b:cc:
ac:be:2a:cd:ef:d7:91:d0:b3:b9:2c:d7:4a:d4:75:
29:10:5f:ea:0a:8c:ff:d9:20:24:90:eb:71:b0:2b:
7b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:74:BA:20:6C:48:FF:6F:49:2C:B1:32:B5:A6:86:FF:49:34:80:16
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/13S6IGxI_29JLLEytaaG_0k0gBY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:36:01:4a:69:c9:6f:22:38:20:03:59:a9:40:c8:80:8f:24:
8f:5d:55:db:8f:61:00:b0:1d:fa:da:67:f7:de:69:68:c4:3f:
fa:51:bb:3b:b3:2f:9b:b3:e1:71:1a:9e:a4:41:95:82:b5:28:
e3:56:16:4b:b5:4a:85:b0:98:1e:02:ac:aa:44:9d:6d:01:89:
ac:58:dc:c7:1c:cf:e3:d2:1a:00:3d:f5:a9:1d:64:5d:f6:ed:
d0:2d:32:e9:0f:ec:76:d8:01:90:fa:8a:81:ee:fc:cc:6f:af:
5e:67:71:25:c9:b0:d7:6b:57:92:0c:72:48:95:fb:b9:c4:ec:
eb:78:68:11:2e:c1:dc:22:89:b2:49:a5:cf:b1:4e:c6:1a:68:
61:36:61:68:57:0a:41:6d:af:2a:62:58:f7:19:d8:94:e6:5c:
dc:05:0e:97:ae:7a:13:47:e1:d6:22:d1:94:b1:5b:1b:93:13:
89:a2:43:79:7d:95:01:93:a5:2b:2e:cd:d6:41:c6:b9:a4:d1:
62:38:67:ff:33:fb:85:ec:e9:c9:51:cb:7a:5e:31:a5:78:51:
96:b8:27:67:41:25:59:72:5d:ed:27:3a:8c:31:b8:44:43:48:
13:d9:c4:16:68:8c:9b:b8:fa:74:c4:5d:26:f0:17:31:9a:54:
8c:ee:76:1c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
MjM4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ3NzRCQTIwNkM0OEZG
NkY0OTJDQjEzMkI1QTY4NkZGNDkzNDgwMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNPl8/ImY5Xs/FMSnG+pSAgBquhX74vxUP0WKSsC+yTy5FIIWI
oqbimVAIi2tBh7VtSTctxtQHDIerl8TwfR7LyBEi+lOZ80F8oFQS59vhEuMQ0UtS
mr7c6Aii6Tzloap8inr6AUjNAwAF9wdzhsW/fnAWQwDiTVxgbhuFmpxACfrUGJNy
TrfFVmM/HGFVEPWxAZ3xDEAFdtZioWTri5b1eClob2tgLFN0M+S8koLdNtSHGpJQ
eMzYjOyyYibH1vtMq1fe6UX/mKJkb1wAQMqj4oZsEHvMyzn3jQF8nPMrzKy+Ks3v
15HQs7ks10rUdSkQX+oKjP/ZICSQ63GwK3uTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU13S6IGxI/29JLLEytaaG/0k0gBYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xM1M2SUd4SV8yOUpMTEV5
dGFhR18wazBnQlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAk2AUppyW8iOCADWalAyICPJI9dVduPYQCw
HfraZ/feaWjEP/pRuzuzL5uz4XEanqRBlYK1KONWFku1SoWwmB4CrKpEnW0BiaxY
3Mccz+PSGgA99akdZF327dAtMukP7HbYAZD6ioHu/Mxvr15ncSXJsNdrV5IMckiV
+7nE7Ot4aBEuwdwiibJJpc+xTsYaaGE2YWhXCkFtrypiWPcZ2JTmXNwFDpeuehNH
4dYi0ZSxWxuTE4miQ3l9lQGTpSsuzdZBxrmk0WI4Z/8z+4Xs6clRy3peMaV4UZa4
J2dBJVlyXe0nOowxuERDSBPZxBZojJu4+nTEXSbwFzGaVIzudhw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:08:22 2025 by rpki-client