Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DFTS8Wow6iHQv5CtDaMu97Dw24M.roa
File: DFTS8Wow6iHQv5CtDaMu97Dw24M.roa (raw, json)
Hash identifier: 086Sg1ZP7v6q06F0UxNi/yC5c9q02Gg2CjPIYs/l0HU=
Subject key identifier: 0C:54:D2:F1:6A:30:EA:21:D0:BF:90:AD:0D:A3:2E:F7:B0:F0:DB:83
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B86
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DFTS8Wow6iHQv5CtDaMu97Dw24M.roa
Signing time: Thu 22 May 2025 10:38:35 +0000
ROA not before: Thu 22 May 2025 10:38:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2950 (0xb86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 10:38:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0C54D2F16A30EA21D0BF90AD0DA32EF7B0F0DB83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:db:43:45:e1:46:f0:46:33:39:4b:9d:3e:0f:
a6:ac:e8:7a:fb:b2:5c:35:83:3a:c2:1d:78:e0:56:
d1:f3:04:69:9d:be:7f:47:13:61:ee:82:0b:95:1b:
57:e6:54:06:e8:8d:cf:e0:34:8d:6f:40:9b:8c:b3:
83:3b:70:c0:78:49:4b:4e:60:f1:d3:4d:cb:f4:48:
65:a6:0e:cb:c2:3c:5e:89:47:e0:23:30:df:10:94:
43:bd:56:06:94:7c:ca:33:93:ea:14:67:34:24:13:
fc:da:99:ec:69:7a:47:27:0a:bb:56:43:03:9f:fe:
2f:d0:cc:14:69:99:34:32:0d:fa:63:f1:a4:99:d2:
ba:35:c3:22:45:99:08:cc:31:74:4a:08:85:d1:eb:
7a:c0:9d:31:22:ca:e9:cf:36:99:e9:24:51:95:29:
01:80:20:5c:71:be:61:44:36:fd:c4:73:67:71:6c:
eb:25:a8:7b:5d:0f:64:d2:46:28:1b:35:da:52:e5:
fe:0e:8d:2e:1e:1d:b9:13:46:43:60:a6:e7:72:72:
89:28:a0:b9:fd:1b:72:72:3d:62:61:b9:b5:cb:16:
23:d4:6a:18:df:8b:87:16:1a:c6:f8:7b:75:4b:f5:
7d:65:e7:3a:45:45:29:9a:c8:fb:13:95:96:b4:23:
19:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:54:D2:F1:6A:30:EA:21:D0:BF:90:AD:0D:A3:2E:F7:B0:F0:DB:83
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DFTS8Wow6iHQv5CtDaMu97Dw24M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:12:b8:5d:d6:7f:ac:8c:9c:84:4c:33:3f:66:84:49:26:af:
4b:5b:f5:43:d4:ca:63:50:cc:5a:c6:44:f5:f9:06:49:c4:03:
12:fc:3f:8b:2b:12:16:2b:49:39:03:3d:51:4a:87:1d:e9:9d:
c1:17:9d:25:c3:f4:0d:c9:57:66:89:7f:30:ad:85:5c:2e:93:
d3:5c:24:38:14:f1:16:3d:36:a4:53:97:a3:2d:47:1e:04:69:
82:f2:0b:75:3a:2e:c1:fd:df:84:76:65:4f:5f:cd:5d:ba:c4:
6e:01:ec:03:4c:7c:4c:af:51:d5:d5:f6:e7:9c:1b:ce:2a:76:
c5:54:39:d6:e3:22:07:f0:51:b1:62:b8:d1:e4:c0:d6:75:22:
7e:07:cf:bf:91:23:ef:3e:af:7e:ae:5b:00:5a:93:71:c3:fc:
5e:fb:34:91:0f:58:c7:ac:55:25:5b:be:5e:9a:b1:e5:07:79:
b8:e0:8b:a2:96:c3:d3:3b:7f:3d:22:1c:3d:c6:27:50:fa:f9:
53:f4:f4:05:2c:2b:56:a8:70:21:7e:17:09:53:21:2d:79:8b:
2e:4b:20:93:eb:f9:63:34:f2:a7:ed:91:e8:8d:15:a3:1d:72:
7e:c7:65:1b:93:d9:18:b4:f1:ab:e1:78:12:7e:d5:ef:27:63:
d1:2e:e4:35
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
MDM4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBDNTREMkYxNkEzMEVB
MjFEMEJGOTBBRDBEQTMyRUY3QjBGMERCODMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDo20NF4UbwRjM5S50+D6as6Hr7slw1gzrCHXjgVtHzBGmdvn9H
E2HugguVG1fmVAbojc/gNI1vQJuMs4M7cMB4SUtOYPHTTcv0SGWmDsvCPF6JR+Aj
MN8QlEO9VgaUfMozk+oUZzQkE/zamexpekcnCrtWQwOf/i/QzBRpmTQyDfpj8aSZ
0ro1wyJFmQjMMXRKCIXR63rAnTEiyunPNpnpJFGVKQGAIFxxvmFENv3Ec2dxbOsl
qHtdD2TSRigbNdpS5f4OjS4eHbkTRkNgpudycokooLn9G3JyPWJhubXLFiPUahjf
i4cWGsb4e3VL9X1l5zpFRSmayPsTlZa0IxllAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDFTS8Wow6iHQv5CtDaMu97Dw24MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ERlRTOFdvdzZpSFF2NUN0
RGFNdTk3RHcyNE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAC0SuF3Wf6yMnIRMMz9mhEkmr0tb9UPUymNQ
zFrGRPX5BknEAxL8P4srEhYrSTkDPVFKhx3pncEXnSXD9A3JV2aJfzCthVwuk9Nc
JDgU8RY9NqRTl6MtRx4EaYLyC3U6LsH934R2ZU9fzV26xG4B7ANMfEyvUdXV9uec
G84qdsVUOdbjIgfwUbFiuNHkwNZ1In4Hz7+RI+8+r36uWwBak3HD/F77NJEPWMes
VSVbvl6aseUHebjgi6KWw9M7fz0iHD3GJ1D6+VP09AUsK1aocCF+FwlTIS15iy5L
IJPr+WM08qftkeiNFaMdcn7HZRuT2Ri08avheBJ+1e8nY9Eu5DU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:54:38 2025 by rpki-client