Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/AaRtMjtw2WJwLbXVUcqr54HeTsE.roa
File: AaRtMjtw2WJwLbXVUcqr54HeTsE.roa (raw, json)
Hash identifier: nTLfxqIbupO14dQ/BiWh1gQgPPR7HlgVMr2E8JeOeD4=
Subject key identifier: 01:A4:6D:32:3B:70:D9:62:70:2D:B5:D5:51:CA:AB:E7:81:DE:4E:C1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 081A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AaRtMjtw2WJwLbXVUcqr54HeTsE.roa
Signing time: Sat 17 May 2025 21:08:08 +0000
ROA not before: Sat 17 May 2025 21:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2074 (0x81a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 21:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=01A46D323B70D962702DB5D551CAABE781DE4EC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e6:25:cb:20:ec:55:39:9e:05:5b:5d:65:3f:
7c:e7:96:b7:a1:66:40:e1:d1:1e:ff:98:c4:51:0c:
8f:b3:e7:38:22:16:11:e0:00:e7:54:d1:87:5d:cc:
e6:3d:6d:f0:62:28:01:07:2d:cb:e2:68:77:89:52:
cc:b0:a7:ac:76:2d:f9:4c:ae:cb:09:31:be:65:1f:
65:db:4a:40:e3:55:98:03:d6:72:76:eb:82:1c:7a:
5c:fa:1f:ea:76:63:56:cf:99:e4:03:fd:d8:0d:97:
d8:57:83:04:24:a0:09:cb:1f:af:42:59:6d:80:b6:
e5:46:8a:b5:b2:c2:75:6f:95:68:6f:b1:41:36:ed:
91:fc:de:40:f5:31:2b:96:ea:ae:4a:a2:31:47:5c:
71:22:a7:10:68:b6:ad:f9:8e:5e:ac:a1:05:ac:20:
ee:1d:92:b1:41:54:41:ec:29:08:25:01:7e:d1:8c:
2a:d9:10:69:01:8b:22:db:b3:80:ab:1b:4f:7f:4a:
aa:a6:fa:83:5c:88:8b:57:79:ff:31:58:af:83:12:
6c:fe:96:eb:e9:96:2f:29:bd:53:ab:fb:f3:64:dd:
ba:d1:a8:de:fd:c4:ed:c6:06:99:bc:74:36:d8:f3:
af:eb:59:e2:4d:2a:1f:4b:64:0a:ab:95:9d:f4:de:
79:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A4:6D:32:3B:70:D9:62:70:2D:B5:D5:51:CA:AB:E7:81:DE:4E:C1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/AaRtMjtw2WJwLbXVUcqr54HeTsE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:cc:ea:ee:93:e1:a6:cd:24:6a:4f:bb:6f:88:df:44:87:97:
88:6c:53:82:7f:aa:98:71:c0:0e:32:74:fc:36:2c:1e:dc:8e:
54:d3:2e:56:f1:1b:b6:4c:c4:2b:51:f1:c8:7c:b2:a9:21:fb:
fa:fe:d2:e4:20:19:ca:44:04:93:aa:10:1e:19:5b:bf:ef:fe:
f8:b2:9e:66:2c:4e:31:ee:27:1a:76:79:43:e9:26:22:d2:dd:
95:80:94:d4:14:67:61:f6:2d:57:14:04:df:0b:df:86:e5:35:
93:41:15:4a:80:64:9f:21:74:79:b5:3c:8a:e5:7d:2a:05:17:
ae:12:51:8c:72:ff:e5:ec:78:45:2b:f8:22:eb:1a:33:98:19:
3e:e7:9a:8f:ea:cc:3d:d3:38:e5:87:21:b9:66:08:5b:6c:14:
90:3a:2a:03:65:d1:d2:14:0f:da:61:31:59:32:f4:e7:32:c2:
f8:f3:ab:fe:c5:17:e0:64:94:91:9e:9c:cf:4d:18:0f:48:03:
e5:9b:16:d6:17:eb:0f:b0:66:96:2d:81:92:b7:d6:69:71:42:
e4:f8:8a:7d:c9:db:2f:4b:7c:22:9b:e7:b3:e7:88:38:71:a7:
2d:7e:d6:74:48:e1:6c:02:2b:74:71:0f:d3:72:4c:9b:4b:8c:
f5:8a:b3:b3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcy
MTA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAxQTQ2RDMyM0I3MEQ5
NjI3MDJEQjVENTUxQ0FBQkU3ODFERTRFQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj5iXLIOxVOZ4FW11lP3znlrehZkDh0R7/mMRRDI+z5zgiFhHg
AOdU0YddzOY9bfBiKAEHLcviaHeJUsywp6x2LflMrssJMb5lH2XbSkDjVZgD1nJ2
64Icelz6H+p2Y1bPmeQD/dgNl9hXgwQkoAnLH69CWW2AtuVGirWywnVvlWhvsUE2
7ZH83kD1MSuW6q5KojFHXHEipxBotq35jl6soQWsIO4dkrFBVEHsKQglAX7RjCrZ
EGkBiyLbs4CrG09/Sqqm+oNciItXef8xWK+DEmz+luvpli8pvVOr+/Nk3brRqN79
xO3GBpm8dDbY86/rWeJNKh9LZAqrlZ303nk9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAaRtMjtw2WJwLbXVUcqr54HeTsEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BYVJ0TWp0dzJXSndMYlhW
VWNxcjU0SGVUc0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAfM6u6T4abNJGpPu2+I30SHl4hsU4J/qphx
wA4ydPw2LB7cjlTTLlbxG7ZMxCtR8ch8sqkh+/r+0uQgGcpEBJOqEB4ZW7/v/viy
nmYsTjHuJxp2eUPpJiLS3ZWAlNQUZ2H2LVcUBN8L34blNZNBFUqAZJ8hdHm1PIrl
fSoFF64SUYxy/+XseEUr+CLrGjOYGT7nmo/qzD3TOOWHIblmCFtsFJA6KgNl0dIU
D9phMVky9Ocywvjzq/7FF+BklJGenM9NGA9IA+WbFtYX6w+wZpYtgZK31mlxQuT4
in3J2y9LfCKb57PniDhxpy1+1nRI4WwCK3RxD9NyTJtLjPWKs7M=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:10:02 2025 by rpki-client