Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/1NbG_SeX7JaLENTPsyMnw_Ly6P0.roa
File: 1NbG_SeX7JaLENTPsyMnw_Ly6P0.roa (raw, json)
Hash identifier: /CkLK9OmhU9ae9+R3j9Wiek6ZZHXl7NWfXZOgt4lEZc=
Subject key identifier: D4:D6:C6:FD:27:97:EC:96:8B:10:D4:CF:B3:23:27:C3:F2:F2:E8:FD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 069A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1NbG_SeX7JaLENTPsyMnw_Ly6P0.roa
Signing time: Thu 15 May 2025 21:08:03 +0000
ROA not before: Thu 15 May 2025 21:08:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1690 (0x69a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 21:08:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D4D6C6FD2797EC968B10D4CFB32327C3F2F2E8FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:23:d7:b0:42:d1:14:46:c8:b4:9b:f9:53:ba:
55:3b:67:7d:b7:56:20:b2:21:db:11:b3:84:24:44:
f9:64:ca:89:71:7f:7d:bb:8e:14:86:73:d4:20:dd:
7e:a5:7d:66:c8:0a:a3:b1:2a:72:46:3b:5a:3a:48:
15:71:2c:0c:99:66:4c:06:4c:96:ef:35:70:15:1a:
21:72:9d:c4:d0:42:60:ba:27:43:95:49:19:3d:d0:
8e:cf:b1:e6:ca:64:47:17:65:82:da:8f:57:f6:55:
14:39:b3:74:25:e8:e2:fd:6a:8b:e1:37:20:81:d0:
f5:c8:b7:b8:6b:a8:66:a3:15:6d:ec:23:41:cc:66:
44:67:e1:f1:64:fd:ba:a1:31:3c:fd:0e:c1:63:dc:
56:98:94:dd:34:6e:28:e6:0d:8d:04:d1:18:91:b3:
03:f3:d7:d3:59:1a:90:0d:2b:ab:d7:97:d9:07:65:
5a:8d:65:97:45:f5:15:33:30:61:2c:88:94:e5:35:
f7:4a:b8:6a:7b:f9:35:0c:5b:07:20:82:01:17:e5:
4d:08:e8:d0:d3:02:42:58:73:ff:72:58:aa:cc:85:
13:9c:4f:fe:38:aa:d0:c8:aa:cb:d0:a2:f8:41:ff:
3b:d0:af:ac:e8:dc:d0:eb:d0:6b:09:2c:a3:5f:24:
28:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:D6:C6:FD:27:97:EC:96:8B:10:D4:CF:B3:23:27:C3:F2:F2:E8:FD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1NbG_SeX7JaLENTPsyMnw_Ly6P0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:0b:d7:2c:22:70:48:ba:f8:bf:46:36:0a:a4:b0:5b:fe:ef:
9c:38:83:7a:74:ba:15:4c:dc:ed:4a:e6:e7:72:f6:f4:ab:47:
d6:15:14:c6:1c:0c:80:bc:52:9f:0d:43:5e:2b:33:bd:f6:0a:
31:f4:24:de:d3:5c:a9:33:a2:2f:a3:18:db:34:4b:73:b9:3e:
d6:36:a4:d8:3b:7d:d3:14:e0:cb:7f:85:ca:39:cb:f7:f0:ef:
51:ad:bd:17:66:bb:ea:40:bf:91:39:84:28:41:22:95:97:20:
df:ca:96:41:9b:d3:ae:81:bf:4c:b5:ea:8e:f0:37:49:cc:4b:
f9:78:b6:20:8d:25:75:99:68:a8:46:a9:06:0d:d7:86:17:2b:
70:fb:7f:9f:1e:e5:ed:af:75:90:18:1a:4b:77:7e:69:0c:d0:
dd:8c:52:a3:f8:fd:2c:81:cf:ad:8b:9e:7f:17:21:94:69:05:
49:86:85:68:c6:6b:64:e2:cb:02:05:54:a2:aa:4c:5c:95:2e:
3a:aa:17:d3:69:8d:a0:06:58:8b:29:1e:59:5a:18:c6:68:0b:
a0:40:1e:91:c0:e2:c6:24:cd:c6:88:55:d7:d0:3b:f1:7d:a9:
8b:42:dd:5f:8d:c0:94:d4:3d:89:1c:ae:1a:14:39:ce:af:75:
24:39:9a:0a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MTA4MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ0RDZDNkZEMjc5N0VD
OTY4QjEwRDRDRkIzMjMyN0MzRjJGMkU4RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPI9ewQtEURsi0m/lTulU7Z323ViCyIdsRs4QkRPlkyolxf327
jhSGc9Qg3X6lfWbICqOxKnJGO1o6SBVxLAyZZkwGTJbvNXAVGiFyncTQQmC6J0OV
SRk90I7PsebKZEcXZYLaj1f2VRQ5s3Ql6OL9aovhNyCB0PXIt7hrqGajFW3sI0HM
ZkRn4fFk/bqhMTz9DsFj3FaYlN00bijmDY0E0RiRswPz19NZGpANK6vXl9kHZVqN
ZZdF9RUzMGEsiJTlNfdKuGp7+TUMWwcgggEX5U0I6NDTAkJYc/9yWKrMhROcT/44
qtDIqsvQovhB/zvQr6zo3NDr0GsJLKNfJCj7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU1NbG/SeX7JaLENTPsyMnw/Ly6P0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xTmJHX1NlWDdKYUxFTlRQ
c3lNbndfTHk2UDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKQL1ywicEi6+L9GNgqksFv+75w4g3p0uhVM
3O1K5udy9vSrR9YVFMYcDIC8Up8NQ14rM732CjH0JN7TXKkzoi+jGNs0S3O5PtY2
pNg7fdMU4Mt/hco5y/fw71GtvRdmu+pAv5E5hChBIpWXIN/KlkGb066Bv0y16o7w
N0nMS/l4tiCNJXWZaKhGqQYN14YXK3D7f58e5e2vdZAYGkt3fmkM0N2MUqP4/SyB
z62Lnn8XIZRpBUmGhWjGa2TiywIFVKKqTFyVLjqqF9NpjaAGWIspHllaGMZoC6BA
HpHA4sYkzcaIVdfQO/F9qYtC3V+NwJTUPYkcrhoUOc6vdSQ5mgo=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:14 2025 by rpki-client