Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BhPUbYgvnVDjJCCoUAP5MYle8sg.roa
File: BhPUbYgvnVDjJCCoUAP5MYle8sg.roa (raw, json)
Hash identifier: iTDYJqZQ9yKD3OeF33J2YUGZ+vKzV0PZioGCvlJOUnA=
Subject key identifier: 06:13:D4:6D:88:2F:9D:50:E3:24:20:A8:50:03:F9:31:89:5E:F2:C8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BF6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BhPUbYgvnVDjJCCoUAP5MYle8sg.roa
Signing time: Fri 23 May 2025 00:38:26 +0000
ROA not before: Fri 23 May 2025 00:38:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3062 (0xbf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 00:38:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0613D46D882F9D50E32420A85003F931895EF2C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:64:48:b1:b0:20:8d:7f:26:ff:c0:97:14:20:
d6:a2:a5:91:db:6c:8a:1f:d4:39:02:f4:ac:41:68:
a2:d3:21:d5:cc:f8:ae:21:7f:35:a9:b2:68:f7:fb:
43:a2:93:b3:59:12:9a:43:b3:4d:df:27:f7:75:71:
51:9b:e0:6d:f9:e5:27:24:cf:6f:89:09:20:e2:e6:
a2:0a:f2:de:5d:4d:7f:6b:a5:65:8a:42:6d:a7:cf:
e2:e2:e2:c5:b9:f0:c3:c2:5c:d4:6f:c6:70:20:ce:
07:bb:08:7c:da:21:8a:90:cf:62:22:c5:7d:65:78:
f4:db:cf:40:39:bf:f9:5d:2e:01:74:8f:8c:3c:d3:
d8:ff:dd:26:25:4e:a7:43:ff:7b:84:02:a9:14:68:
20:79:c4:bd:db:bd:58:eb:38:64:13:cf:d2:b0:e2:
fe:b3:c8:17:dd:6a:21:06:10:68:90:da:fa:dd:d0:
13:36:a3:8e:e9:b7:92:f2:6d:4a:68:7c:6a:ab:5d:
9c:ef:e3:e7:2f:98:4e:6d:ac:9b:3b:c7:75:21:2e:
17:ec:91:72:1c:bf:d4:6f:90:10:cc:29:a3:22:88:
9c:ac:0f:af:9c:8f:a8:c1:22:fc:39:13:bb:79:63:
8d:80:df:e6:bf:b2:76:74:16:3c:e4:2c:47:74:3c:
46:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:13:D4:6D:88:2F:9D:50:E3:24:20:A8:50:03:F9:31:89:5E:F2:C8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BhPUbYgvnVDjJCCoUAP5MYle8sg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:8b:33:c4:18:6a:fd:4c:a3:ef:b8:fb:74:ba:66:d0:b2:32:
07:61:af:1f:f7:f3:a7:34:13:b5:c8:b2:87:7b:54:df:75:01:
27:50:6a:84:f4:b5:92:2b:d4:c3:ac:49:a4:91:1a:04:02:66:
b3:62:a3:13:d4:fb:60:8e:71:e0:07:8e:30:e0:e6:a8:05:fb:
8e:ef:bb:99:7a:90:bc:8e:77:1c:44:76:a7:29:96:80:73:37:
ac:a5:c8:82:3c:38:c3:0f:22:57:3d:77:df:79:df:41:86:d8:
db:b3:a1:2f:b3:66:0a:98:7e:ee:03:c0:7b:2d:db:94:63:e9:
1e:16:30:4e:4f:3a:5c:9d:96:df:db:89:90:69:0b:14:48:17:
a5:f0:95:75:97:70:a4:a2:62:8a:f2:c1:a6:43:e5:9b:1a:f0:
84:6d:ec:13:0d:80:c3:ae:f7:ec:6c:a0:e6:1b:e3:9a:1b:7b:
6f:63:bd:6c:39:fd:3a:24:62:da:46:10:dc:78:0c:53:86:b3:
2b:f4:6e:25:ff:f7:2e:8a:07:c8:65:5d:82:35:c7:c3:8e:9e:
a7:19:72:1c:e4:b2:2a:ec:24:46:77:82:b0:10:84:d2:7a:43:
81:0d:3e:72:ee:3c:12:5a:35:e4:5b:5f:03:e1:d0:9d:2e:34:
70:e8:40:2b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC/YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
MDM4MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA2MTNENDZEODgyRjlE
NTBFMzI0MjBBODUwMDNGOTMxODk1RUYyQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmZEixsCCNfyb/wJcUINaipZHbbIof1DkC9KxBaKLTIdXM+K4h
fzWpsmj3+0Oik7NZEppDs03fJ/d1cVGb4G355Sckz2+JCSDi5qIK8t5dTX9rpWWK
Qm2nz+Li4sW58MPCXNRvxnAgzge7CHzaIYqQz2IixX1lePTbz0A5v/ldLgF0j4w8
09j/3SYlTqdD/3uEAqkUaCB5xL3bvVjrOGQTz9Kw4v6zyBfdaiEGEGiQ2vrd0BM2
o47pt5LybUpofGqrXZzv4+cvmE5trJs7x3UhLhfskXIcv9RvkBDMKaMiiJysD6+c
j6jBIvw5E7t5Y42A3+a/snZ0FjzkLEd0PEY/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBhPUbYgvnVDjJCCoUAP5MYle8sgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CaFBVYllndm5WRGpKQ0Nv
VUFQNU1ZbGU4c2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAWLM8QYav1Mo++4+3S6ZtCyMgdhrx/386c0
E7XIsod7VN91ASdQaoT0tZIr1MOsSaSRGgQCZrNioxPU+2COceAHjjDg5qgF+47v
u5l6kLyOdxxEdqcploBzN6ylyII8OMMPIlc9d99530GG2NuzoS+zZgqYfu4DwHst
25Rj6R4WME5POlydlt/biZBpCxRIF6XwlXWXcKSiYorywaZD5Zsa8IRt7BMNgMOu
9+xsoOYb45obe29jvWw5/TokYtpGENx4DFOGsyv0biX/9y6KB8hlXYI1x8OOnqcZ
chzksirsJEZ3grAQhNJ6Q4ENPnLuPBJaNeRbXwPh0J0uNHDoQCs=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:26:08 2025 by rpki-client