Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AL3t6AdYGiNSdTCGUZnmu22weUE.roa
File: AL3t6AdYGiNSdTCGUZnmu22weUE.roa (raw, json)
Hash identifier: OxQWUlMgWySl3iGY5LEc9zh2kBtyIiWL2pFn5vy+KNo=
Subject key identifier: 00:BD:ED:E8:07:58:1A:23:52:75:30:86:51:99:E6:BB:6D:B0:79:41
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 085E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AL3t6AdYGiNSdTCGUZnmu22weUE.roa
Signing time: Sun 18 May 2025 05:38:20 +0000
ROA not before: Sun 18 May 2025 05:38:20 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2142 (0x85e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 05:38:20 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=00BDEDE807581A23527530865199E6BB6DB07941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0c:b9:27:5c:f4:7e:62:45:39:6e:d8:f9:72:
e1:38:b6:c4:8f:4e:0e:f7:10:cc:6f:0a:91:78:84:
2e:68:39:ac:15:25:f2:9c:73:40:84:45:b5:5a:5d:
54:8f:03:27:7a:80:81:16:6e:4b:85:19:ed:07:58:
bd:b7:9f:95:a6:3f:f0:da:74:44:40:08:58:b3:15:
6a:40:ac:12:cb:c0:bd:24:6c:de:8c:09:b1:83:6d:
2f:c8:5c:d2:99:45:68:59:17:50:4e:51:8e:84:ce:
08:f1:8d:c1:e5:50:e9:c7:60:03:eb:f2:cd:3c:8f:
03:6f:73:68:27:35:8f:c2:84:a6:b8:be:2e:b9:2a:
05:0e:39:da:00:8a:07:42:16:29:f9:24:b2:3e:cd:
bb:4f:f8:d1:58:5f:30:b1:ab:d8:df:78:8e:8a:df:
a7:fe:ae:93:a4:5f:09:89:f0:84:29:04:64:80:a5:
8d:06:0b:d6:40:7c:96:e9:04:0f:78:45:96:b2:5e:
6c:e3:72:e0:26:d2:c2:e8:eb:55:d4:e5:c2:1b:35:
d0:21:bd:f0:06:df:d3:3d:eb:fd:68:f2:e5:57:9b:
4d:d9:ea:15:cd:70:61:5c:06:bf:2c:b9:bf:04:64:
26:ef:f6:ae:45:85:bb:57:da:8b:a2:61:1e:65:1c:
84:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BD:ED:E8:07:58:1A:23:52:75:30:86:51:99:E6:BB:6D:B0:79:41
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AL3t6AdYGiNSdTCGUZnmu22weUE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a2:29:69:b4:4e:d5:5a:bb:81:89:7f:74:3a:51:ca:b3:36:eb:
74:2f:bf:4d:59:df:86:19:5c:e1:17:19:48:62:35:0e:0d:05:
ac:f6:03:86:07:d9:15:d0:95:2d:b0:95:b6:fd:00:f1:a8:45:
94:19:c4:2f:17:0f:12:f3:68:95:50:b2:a0:28:0b:71:c8:8b:
06:8f:fa:11:75:e1:ae:85:0c:8c:e5:5a:31:a7:e2:f4:63:3b:
34:d1:71:05:32:87:cb:ff:1f:3b:3b:5c:e9:f8:92:fa:54:8c:
fb:6c:97:a4:9d:c0:1c:5c:4c:db:07:da:d4:cc:e0:ad:4f:db:
4a:b9:72:5f:c9:53:5e:9c:3f:d4:7e:29:1e:83:24:5f:88:da:
9e:53:5e:dd:73:bf:44:01:bf:a3:ab:b9:cf:69:e0:75:ee:5e:
f1:c7:ee:2b:68:9c:b6:5b:4b:83:c7:6d:2d:35:15:d1:d1:2f:
47:61:96:9c:eb:f0:31:28:0c:37:7e:d9:a0:23:ad:06:f7:5a:
3e:e9:73:09:46:b2:0c:9c:fe:72:5e:88:ee:87:53:ac:cd:bb:
5f:40:22:fd:01:e6:1c:29:b2:bf:17:c6:37:82:4d:14:f1:5a:
f9:2e:a4:1b:f7:07:02:40:0a:58:15:19:4f:6d:f5:31:ef:ee:
fa:ca:6f:a6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCF4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
NTM4MjBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAwQkRFREU4MDc1ODFB
MjM1Mjc1MzA4NjUxOTlFNkJCNkRCMDc5NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQClDLknXPR+YkU5btj5cuE4tsSPTg73EMxvCpF4hC5oOawVJfKc
c0CERbVaXVSPAyd6gIEWbkuFGe0HWL23n5WmP/DadERACFizFWpArBLLwL0kbN6M
CbGDbS/IXNKZRWhZF1BOUY6EzgjxjcHlUOnHYAPr8s08jwNvc2gnNY/ChKa4vi65
KgUOOdoAigdCFin5JLI+zbtP+NFYXzCxq9jfeI6K36f+rpOkXwmJ8IQpBGSApY0G
C9ZAfJbpBA94RZayXmzjcuAm0sLo61XU5cIbNdAhvfAG39M96/1o8uVXm03Z6hXN
cGFcBr8sub8EZCbv9q5FhbtX2ouiYR5lHIQtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAL3t6AdYGiNSdTCGUZnmu22weUEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BTDN0NkFkWUdpTlNkVENH
VVpubXUyMndlVUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKIpabRO1Vq7gYl/dDpRyrM263Qvv01Z34YZ
XOEXGUhiNQ4NBaz2A4YH2RXQlS2wlbb9APGoRZQZxC8XDxLzaJVQsqAoC3HIiwaP
+hF14a6FDIzlWjGn4vRjOzTRcQUyh8v/Hzs7XOn4kvpUjPtsl6SdwBxcTNsH2tTM
4K1P20q5cl/JU16cP9R+KR6DJF+I2p5TXt1zv0QBv6Oruc9p4HXuXvHH7itonLZb
S4PHbS01FdHRL0dhlpzr8DEoDDd+2aAjrQb3Wj7pcwlGsgyc/nJeiO6HU6zNu19A
Iv0B5hwpsr8XxjeCTRTxWvkupBv3BwJAClgVGU9t9THv7vrKb6Y=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:18:29 2025 by rpki-client