Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Au2TWRm1B3m0kVyUdeTpgPgoII8.roa
File: Au2TWRm1B3m0kVyUdeTpgPgoII8.roa (raw, json)
Hash identifier: 69o88sEiggc/eYXLW5tFesdpJOAcpgSEReESd9EzBIk=
Subject key identifier: 02:ED:93:59:19:B5:07:79:B4:91:5C:94:75:E4:E9:80:F8:28:20:8F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12D2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Au2TWRm1B3m0kVyUdeTpgPgoII8.roa
Signing time: Sun 01 Jun 2025 04:09:08 +0000
ROA not before: Sun 01 Jun 2025 04:09:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4818 (0x12d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 04:09:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=02ED935919B50779B4915C9475E4E980F828208F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:76:89:94:43:fa:94:14:95:4e:cb:5b:c2:d4:
38:b2:d6:18:d7:60:94:17:e1:7f:57:e7:34:4c:80:
b5:41:53:db:20:ea:f3:28:56:cb:18:38:bb:05:56:
72:c5:72:1b:3d:ab:72:14:a0:e7:d9:f8:7f:f5:0f:
60:e4:54:a9:fe:21:b5:76:0a:b4:0e:ce:33:47:d7:
b2:a6:1e:a3:5b:dc:2d:5c:94:a3:8d:26:df:46:e8:
6d:64:8a:45:65:9a:4b:cc:29:54:7a:71:8c:c6:cc:
f4:72:00:3d:50:64:43:f3:86:5e:6a:d9:41:8b:88:
63:db:97:c9:76:2e:a8:c7:65:d5:97:8a:20:f4:98:
88:db:d5:84:55:f1:66:b8:b0:ff:dd:d8:35:a3:c0:
39:c5:e7:e3:1e:65:df:66:74:07:13:44:30:bd:ea:
58:b5:30:09:d2:2b:98:00:32:02:5c:9c:7e:89:66:
0d:75:5f:5c:b9:39:76:ec:cd:5c:cc:75:eb:18:35:
df:3e:25:ed:82:85:bc:07:50:a5:18:55:1e:70:2c:
f2:9c:da:4d:8d:2d:bf:bc:ce:e1:1d:7c:72:67:be:
cb:25:75:82:95:9c:e6:70:a8:d0:c7:05:d8:68:a6:
2c:7b:51:08:39:3a:60:25:9b:d9:97:3b:29:e6:c3:
62:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:ED:93:59:19:B5:07:79:B4:91:5C:94:75:E4:E9:80:F8:28:20:8F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Au2TWRm1B3m0kVyUdeTpgPgoII8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:68:35:38:4e:19:86:83:a3:62:50:54:15:97:5b:f4:e6:69:
9e:cd:73:33:91:47:e0:93:69:a7:f1:9c:5d:d8:97:d1:c7:03:
fa:9e:83:1f:26:d1:ad:ee:69:1c:cb:0d:06:08:3d:96:70:11:
36:a7:bc:f4:0b:97:95:ef:43:4d:be:b6:6a:40:8f:ec:ae:2b:
31:13:b6:4d:61:d4:b3:74:34:88:57:49:cb:f9:99:aa:ea:4d:
83:6c:4d:56:15:35:f2:59:e3:59:11:f0:4f:bd:30:7b:72:65:
3c:d5:e5:bd:ef:46:57:7a:5c:07:21:ec:c9:8a:3e:c8:e7:c5:
21:f7:3b:a8:4b:b9:4f:61:7c:2f:ae:a8:ef:41:85:76:f4:4d:
80:7d:55:b0:e9:e9:97:36:61:61:b6:29:4e:c8:b1:02:c8:b0:
58:00:88:87:b3:4b:53:0f:b1:79:3e:eb:9a:e2:28:c0:b2:b3:
c9:34:51:9d:9f:54:42:4e:fe:dc:21:72:13:23:c3:44:79:a5:
45:19:75:62:98:c6:2c:be:0d:ce:9d:b3:3f:c6:16:29:67:74:
aa:af:a0:12:9c:96:b4:3d:96:f9:36:d8:5a:01:46:d9:67:af:
a9:ca:76:8e:9f:75:9e:47:4b:46:25:09:ea:0c:40:b3:e2:73:
e1:8d:03:93
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEw
NDA5MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDAyRUQ5MzU5MTlCNTA3
NzlCNDkxNUM5NDc1RTRFOTgwRjgyODIwOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDudomUQ/qUFJVOy1vC1Diy1hjXYJQX4X9X5zRMgLVBU9sg6vMo
VssYOLsFVnLFchs9q3IUoOfZ+H/1D2DkVKn+IbV2CrQOzjNH17KmHqNb3C1clKON
Jt9G6G1kikVlmkvMKVR6cYzGzPRyAD1QZEPzhl5q2UGLiGPbl8l2LqjHZdWXiiD0
mIjb1YRV8Wa4sP/d2DWjwDnF5+MeZd9mdAcTRDC96li1MAnSK5gAMgJcnH6JZg11
X1y5OXbszVzMdesYNd8+Je2ChbwHUKUYVR5wLPKc2k2NLb+8zuEdfHJnvssldYKV
nOZwqNDHBdhopix7UQg5OmAlm9mXOynmw2LRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUAu2TWRm1B3m0kVyUdeTpgPgoII8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9BdTJUV1JtMUIzbTBrVnlV
ZGVUcGdQZ29JSTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAD1oNThOGYaDo2JQVBWXW/TmaZ7NczORR+CT
aafxnF3Yl9HHA/qegx8m0a3uaRzLDQYIPZZwETanvPQLl5XvQ02+tmpAj+yuKzET
tk1h1LN0NIhXScv5marqTYNsTVYVNfJZ41kR8E+9MHtyZTzV5b3vRld6XAch7MmK
PsjnxSH3O6hLuU9hfC+uqO9BhXb0TYB9VbDp6Zc2YWG2KU7IsQLIsFgAiIezS1MP
sXk+65riKMCys8k0UZ2fVEJO/twhchMjw0R5pUUZdWKYxiy+Dc6dsz/GFilndKqv
oBKclrQ9lvk22FoBRtlnr6nKdo6fdZ5HS0YlCeoMQLPic+GNA5M=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:55:26 2025 by rpki-client