Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/8jE_kdryMABOExi22lK2rX1Nj3Y.roa
File: 8jE_kdryMABOExi22lK2rX1Nj3Y.roa (raw, json)
Hash identifier: LfaY8/9y95iQXfQBu9XzJkTjJN2oHjFN5Se6YS0a8sc=
Subject key identifier: F2:31:3F:91:DA:F2:30:00:4E:13:18:B6:DA:52:B6:AD:7D:4D:8F:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0AAA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8jE_kdryMABOExi22lK2rX1Nj3Y.roa
Signing time: Wed 21 May 2025 07:08:21 +0000
ROA not before: Wed 21 May 2025 07:08:21 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2730 (0xaaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 07:08:21 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F2313F91DAF230004E1318B6DA52B6AD7D4D8F76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bf:f7:8d:16:2f:42:d1:c4:fe:a3:7b:4c:6f:
77:e3:4f:52:ec:ac:6c:20:f6:db:12:31:5d:e7:a7:
96:31:da:7b:ed:36:62:28:e0:af:59:6d:38:0c:3c:
64:5f:0b:1e:8a:2e:d9:78:75:ff:80:71:e9:cf:78:
42:8b:6c:13:4a:28:45:f9:07:0f:61:0b:34:4a:0a:
da:5f:6d:de:9c:37:87:95:ec:8f:aa:73:43:c6:54:
1e:dc:ef:58:66:58:b5:6a:b3:fe:b8:dc:c9:f5:de:
e1:2b:47:cb:32:4f:82:04:25:59:3d:b5:fb:52:3d:
6c:63:14:ea:6e:1b:65:36:ae:69:12:e7:90:31:18:
ae:4f:09:82:b4:32:68:38:2e:ba:28:d0:48:84:cd:
86:3f:e0:da:36:a5:8d:76:de:79:b1:d0:1a:8e:fc:
ea:60:ec:d2:e0:a5:63:cb:b1:17:2a:50:98:2a:0a:
e9:e8:83:4b:c2:03:ba:33:1d:ff:84:a5:04:16:98:
12:fc:78:d2:1c:4a:76:be:eb:3b:44:7d:c5:25:45:
01:22:cc:90:29:38:8a:5d:c9:1d:56:dc:71:25:de:
4b:24:45:19:e2:63:d3:f8:a0:65:b0:77:1e:ff:90:
87:7b:f6:6b:4d:f1:86:c6:02:ce:2c:fb:55:1a:08:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:31:3F:91:DA:F2:30:00:4E:13:18:B6:DA:52:B6:AD:7D:4D:8F:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/8jE_kdryMABOExi22lK2rX1Nj3Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:d6:98:24:e0:bf:8d:56:43:d1:00:cd:e0:17:50:06:40:e0:
63:77:de:5d:23:97:ed:e1:49:51:41:89:fb:18:0f:48:b9:db:
f5:db:27:58:8b:72:bc:77:8a:db:24:2c:25:f4:ac:09:04:98:
1f:57:f1:3e:4d:e8:3e:14:a6:11:45:9c:b7:a2:fb:15:fc:f8:
82:44:9f:5b:0c:b7:75:61:32:1e:ae:1b:99:f0:52:9e:7c:fa:
5f:8f:57:e7:3f:fc:21:99:c3:08:0e:cb:75:c9:ad:5e:74:24:
33:51:cc:ff:80:a4:1a:ec:74:20:2a:8f:a1:39:e5:f8:1a:29:
e7:5c:a8:8e:a9:7c:66:97:ff:c3:81:ce:c4:7a:2c:3e:59:ae:
4b:d5:ad:aa:16:4d:b6:cc:19:16:ec:6e:50:b9:97:10:38:59:
bb:8b:66:12:8a:1a:2c:57:dd:49:53:89:f8:39:71:4b:f3:3a:
dd:d3:ea:55:0a:fb:67:ad:fa:1b:cc:55:d9:b1:5a:b3:6b:b7:
8b:f0:82:ff:5b:1d:1f:6d:8a:2a:48:c1:9b:0b:d5:a1:13:02:
1e:71:c2:93:fd:b5:22:9b:57:e0:7c:f7:1b:eb:9b:2e:09:eb:
e5:3d:70:28:6d:b1:0a:a3:70:d9:6c:a4:78:ff:76:4b:bc:07:
be:35:91:15
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
NzA4MjFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEYyMzEzRjkxREFGMjMw
MDA0RTEzMThCNkRBNTJCNkFEN0Q0RDhGNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfv/eNFi9C0cT+o3tMb3fjT1LsrGwg9tsSMV3np5Yx2nvtNmIo
4K9ZbTgMPGRfCx6KLtl4df+AcenPeEKLbBNKKEX5Bw9hCzRKCtpfbd6cN4eV7I+q
c0PGVB7c71hmWLVqs/643Mn13uErR8syT4IEJVk9tftSPWxjFOpuG2U2rmkS55Ax
GK5PCYK0Mmg4Lroo0EiEzYY/4No2pY123nmx0BqO/Opg7NLgpWPLsRcqUJgqCuno
g0vCA7ozHf+EpQQWmBL8eNIcSna+6ztEfcUlRQEizJApOIpdyR1W3HEl3kskRRni
Y9P4oGWwdx7/kId79mtN8YbGAs4s+1UaCDMnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU8jE/kdryMABOExi22lK2rX1Nj3YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni84akVfa2RyeU1BQk9FeGky
MmxLMnJYMU5qM1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAPWmCTgv41WQ9EAzeAXUAZA4GN33l0jl+3h
SVFBifsYD0i52/XbJ1iLcrx3itskLCX0rAkEmB9X8T5N6D4UphFFnLei+xX8+IJE
n1sMt3VhMh6uG5nwUp58+l+PV+c//CGZwwgOy3XJrV50JDNRzP+ApBrsdCAqj6E5
5fgaKedcqI6pfGaX/8OBzsR6LD5ZrkvVraoWTbbMGRbsblC5lxA4WbuLZhKKGixX
3UlTifg5cUvzOt3T6lUK+2et+hvMVdmxWrNrt4vwgv9bHR9tiipIwZsL1aETAh5x
wpP9tSKbV+B89xvrmy4J6+U9cChtsQqjcNlspHj/dku8B741kRU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:10:08 2025 by rpki-client