Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/C9c0XI73tqOMiYtl9pI49yrNzrk.roa
File: C9c0XI73tqOMiYtl9pI49yrNzrk.roa (raw, json)
Hash identifier: HSLvd2oLMqyHfW4xI34Q3AzJTBl1JVtD28Aa8P1ZFrg=
Subject key identifier: 0B:D7:34:5C:8E:F7:B6:A3:8C:89:8B:65:F6:92:38:F7:2A:CD:CE:B9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B36
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/C9c0XI73tqOMiYtl9pI49yrNzrk.roa
Signing time: Thu 22 May 2025 00:38:34 +0000
ROA not before: Thu 22 May 2025 00:38:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2870 (0xb36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 00:38:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0BD7345C8EF7B6A38C898B65F69238F72ACDCEB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a9:50:cb:44:d8:3a:41:74:76:3a:61:c8:ad:
35:b0:ac:37:1d:f4:ac:94:76:ab:fb:52:47:9b:85:
5a:f1:00:7b:b3:ad:87:da:be:30:9e:81:c4:da:53:
5a:45:4f:bf:45:d2:fe:cd:8a:8b:73:a0:90:47:e7:
87:0e:28:ef:0b:8b:0e:34:d9:77:29:f5:00:96:ee:
0f:97:a8:ac:65:2b:36:79:12:6b:47:03:77:16:45:
f2:5b:c6:f8:23:ea:e9:4e:13:99:f9:cb:cf:c2:80:
56:9a:77:2b:ac:72:f0:79:f0:e1:aa:a2:4d:a6:73:
52:d0:c9:99:85:aa:70:89:76:36:3c:01:f6:3a:f8:
d2:e9:9d:46:fd:f8:43:fc:d0:0c:05:d7:df:85:f8:
de:ba:ff:c1:46:af:c7:9b:4e:06:fb:32:6b:36:3f:
f7:c0:67:08:0e:de:0b:6a:bf:ec:f4:33:d0:7c:80:
cf:99:b7:dd:c2:4b:05:7e:3e:7e:7a:62:d6:06:19:
82:04:24:50:7d:d2:84:11:54:70:46:01:e8:9a:4e:
5d:76:e6:b7:a2:ca:7f:4f:98:45:5d:71:42:5e:8d:
9f:c8:73:a5:b9:0e:a6:c1:37:1b:41:b4:f7:4c:f7:
f5:a4:92:cd:16:05:a8:0c:ad:a4:32:3c:90:7f:28:
5c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:D7:34:5C:8E:F7:B6:A3:8C:89:8B:65:F6:92:38:F7:2A:CD:CE:B9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/C9c0XI73tqOMiYtl9pI49yrNzrk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:3d:77:ae:a2:25:68:df:9d:f0:8d:88:3b:bd:61:3b:6f:5b:
26:1e:ff:5f:0e:e9:fb:20:94:53:ba:aa:e3:4a:8b:60:b7:9a:
64:6b:9f:1c:1b:b1:48:d4:1b:ba:a7:ab:d2:fc:6e:4d:00:5e:
58:8e:82:8f:26:45:a3:b2:c8:b2:f7:40:57:80:e4:a5:16:7c:
32:23:b1:2f:8a:d9:6b:f7:da:90:27:37:2e:99:91:c0:5f:eb:
af:aa:10:2f:20:d1:76:4c:2b:f3:59:44:d8:3e:c0:e9:7c:42:
8d:3b:a1:b3:f7:ce:a3:3f:99:1d:3d:e3:04:01:36:be:8d:04:
6b:ef:cf:8d:58:c4:ef:5e:8b:94:06:90:25:55:70:34:94:b3:
30:e7:7e:45:01:62:e7:cb:52:be:11:d3:0c:85:5a:29:50:f5:
51:98:13:bf:ae:c8:ed:6c:60:eb:a8:22:cc:dd:7a:0f:bc:93:
f0:75:15:60:ee:a9:17:a0:27:46:00:d1:01:9b:80:3c:c8:77:
11:35:aa:60:3b:fa:2e:d6:8e:96:e8:3a:38:53:aa:29:b1:f8:
48:c1:f1:32:10:6a:00:d9:25:82:d8:18:f1:17:55:b3:da:6a:
45:5e:fa:a8:c9:45:fb:17:d2:e3:22:3b:78:73:80:4b:db:e1:
9f:66:9d:29
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
MDM4MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBCRDczNDVDOEVGN0I2
QTM4Qzg5OEI2NUY2OTIzOEY3MkFDRENFQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNqVDLRNg6QXR2OmHIrTWwrDcd9KyUdqv7UkebhVrxAHuzrYfa
vjCegcTaU1pFT79F0v7NiotzoJBH54cOKO8Liw402Xcp9QCW7g+XqKxlKzZ5EmtH
A3cWRfJbxvgj6ulOE5n5y8/CgFaadyuscvB58OGqok2mc1LQyZmFqnCJdjY8AfY6
+NLpnUb9+EP80AwF19+F+N66/8FGr8ebTgb7Mms2P/fAZwgO3gtqv+z0M9B8gM+Z
t93CSwV+Pn56YtYGGYIEJFB90oQRVHBGAeiaTl125reiyn9PmEVdcUJejZ/Ic6W5
DqbBNxtBtPdM9/Wkks0WBagMraQyPJB/KFzfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUC9c0XI73tqOMiYtl9pI49yrNzrkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DOWMwWEk3M3RxT01pWXRs
OXBJNDl5ck56cmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGs9d66iJWjfnfCNiDu9YTtvWyYe/18O6fsg
lFO6quNKi2C3mmRrnxwbsUjUG7qnq9L8bk0AXliOgo8mRaOyyLL3QFeA5KUWfDIj
sS+K2Wv32pAnNy6ZkcBf66+qEC8g0XZMK/NZRNg+wOl8Qo07obP3zqM/mR094wQB
Nr6NBGvvz41YxO9ei5QGkCVVcDSUszDnfkUBYufLUr4R0wyFWilQ9VGYE7+uyO1s
YOuoIszdeg+8k/B1FWDuqRegJ0YA0QGbgDzIdxE1qmA7+i7WjpboOjhTqimx+EjB
8TIQagDZJYLYGPEXVbPaakVe+qjJRfsX0uMiO3hzgEvb4Z9mnSk=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:14:42 2025 by rpki-client