Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/A-H3_R7X-eOiXMX38q9VOG0lzr8.roa
File: A-H3_R7X-eOiXMX38q9VOG0lzr8.roa (raw, json)
Hash identifier: BZZIoPTVQgfhRGy2lkaxuNuYnKbLShVYuk9MEIFexjQ=
Subject key identifier: 03:E1:F7:FD:1E:D7:F9:E3:A2:5C:C5:F7:F2:AF:55:38:6D:25:CE:BF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0932
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A-H3_R7X-eOiXMX38q9VOG0lzr8.roa
Signing time: Mon 19 May 2025 08:08:10 +0000
ROA not before: Mon 19 May 2025 08:08:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2354 (0x932)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 08:08:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=03E1F7FD1ED7F9E3A25CC5F7F2AF55386D25CEBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c3:4a:9a:83:32:36:5f:07:01:b4:67:63:47:
b4:23:d5:2f:b7:5b:9d:a7:e3:67:f4:54:3b:a8:1d:
66:3f:2a:29:0e:39:b5:75:34:fe:e1:4a:6a:36:6f:
9d:7f:ba:2f:14:cc:f5:f6:bc:39:f7:92:c3:f0:8f:
18:fc:37:7f:c3:a2:e4:16:b4:15:2a:40:ee:fb:3a:
87:4e:02:cf:d5:77:22:28:15:c1:60:fd:eb:0c:ea:
a1:1e:8d:61:77:93:9d:62:17:a9:ed:ea:06:1f:79:
67:83:ab:68:4c:d4:93:9e:0f:a4:2f:db:c5:1d:14:
59:52:32:a1:82:68:b9:a7:de:64:5e:e6:86:ad:ae:
f5:aa:74:df:9a:ba:27:50:88:fe:45:1d:ca:86:cf:
51:38:78:0e:1f:47:cf:8d:03:87:22:16:97:30:00:
a5:a5:d3:90:c6:1a:04:02:50:63:2c:41:60:dc:48:
de:67:f8:2f:43:1f:d4:6f:7f:4b:7c:b6:f8:f0:ee:
36:d0:63:41:14:1b:d2:ae:92:28:64:06:da:94:11:
8c:f9:8c:9b:7f:52:ba:a7:a4:22:b6:8f:97:42:bc:
a8:dd:ce:76:c9:21:c7:e4:92:d4:75:f0:4c:01:9a:
10:61:72:fa:00:03:d7:85:ec:62:35:88:30:18:6f:
2e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:E1:F7:FD:1E:D7:F9:E3:A2:5C:C5:F7:F2:AF:55:38:6D:25:CE:BF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/A-H3_R7X-eOiXMX38q9VOG0lzr8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:fa:cc:b1:8d:9e:a5:c6:72:89:0b:3f:5a:6f:f6:d0:5f:11:
c2:04:b3:22:4a:c3:f8:9f:7b:ce:5e:21:32:5d:a3:2b:1b:91:
a1:d0:82:b9:f7:66:fa:13:53:94:0c:1b:59:ff:00:4b:2a:f5:
38:6e:1e:6a:52:69:3d:29:d1:75:73:11:e7:14:d6:6a:94:85:
9d:b4:98:03:a6:4c:90:f7:9a:cc:c7:42:07:00:e3:68:b1:34:
7f:d9:e5:30:c8:7d:6c:f4:5c:4b:c4:0d:23:c3:01:cf:84:ad:
fd:62:f5:36:80:d4:61:5d:a8:b1:f3:bc:a2:ba:59:9b:12:3b:
cb:4c:1f:cb:ba:20:36:aa:4e:a8:b0:a3:97:5e:ff:d5:54:4a:
68:67:ef:4c:6a:ac:58:38:79:97:b1:e6:fd:71:ac:87:f7:e8:
06:54:68:ba:58:48:68:ce:32:f0:47:f9:5a:eb:bf:75:e3:e2:
21:6f:98:3b:3d:79:6e:68:54:1a:b9:1f:c2:6a:9d:82:bd:8f:
01:97:90:f4:ef:95:88:17:34:73:7e:3e:74:98:79:ad:b8:ed:
0e:7e:5c:af:e4:0c:8c:12:20:f5:00:2d:56:6b:78:91:c3:df:
d8:f6:82:18:2a:1d:e4:9f:eb:96:6a:26:8b:c1:10:6c:16:cd:
35:5f:e0:79
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCTIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkw
ODA4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAzRTFGN0ZEMUVEN0Y5
RTNBMjVDQzVGN0YyQUY1NTM4NkQyNUNFQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQw0qagzI2XwcBtGdjR7Qj1S+3W52n42f0VDuoHWY/KikOObV1
NP7hSmo2b51/ui8UzPX2vDn3ksPwjxj8N3/DouQWtBUqQO77OodOAs/VdyIoFcFg
/esM6qEejWF3k51iF6nt6gYfeWeDq2hM1JOeD6Qv28UdFFlSMqGCaLmn3mRe5oat
rvWqdN+auidQiP5FHcqGz1E4eA4fR8+NA4ciFpcwAKWl05DGGgQCUGMsQWDcSN5n
+C9DH9Rvf0t8tvjw7jbQY0EUG9KukihkBtqUEYz5jJt/UrqnpCK2j5dCvKjdznbJ
IcfkktR18EwBmhBhcvoAA9eF7GI1iDAYby4JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUA+H3/R7X+eOiXMX38q9VOG0lzr8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BLUgzX1I3WC1lT2lYTVgz
OHE5Vk9HMGx6cjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAID6zLGNnqXGcokLP1pv9tBfEcIEsyJKw/if
e85eITJdoysbkaHQgrn3ZvoTU5QMG1n/AEsq9ThuHmpSaT0p0XVzEecU1mqUhZ20
mAOmTJD3mszHQgcA42ixNH/Z5TDIfWz0XEvEDSPDAc+Erf1i9TaA1GFdqLHzvKK6
WZsSO8tMH8u6IDaqTqiwo5de/9VUSmhn70xqrFg4eZex5v1xrIf36AZUaLpYSGjO
MvBH+Vrrv3Xj4iFvmDs9eW5oVBq5H8JqnYK9jwGXkPTvlYgXNHN+PnSYea247Q5+
XK/kDIwSIPUALVZreJHD39j2ghgqHeSf65ZqJovBEGwWzTVf4Hk=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:10 2025 by rpki-client