Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/DvqdFRbqDgNcxTfYkIL3XfaQQEM.roa
File: DvqdFRbqDgNcxTfYkIL3XfaQQEM.roa (raw, json)
Hash identifier: Q99J1W4cU5Ya63Xj2hpZM/QztbEeqI/kpZStnntnRa0=
Subject key identifier: 0E:FA:9D:15:16:EA:0E:03:5C:C5:37:D8:90:82:F7:5D:F6:90:40:43
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0B52
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DvqdFRbqDgNcxTfYkIL3XfaQQEM.roa
Signing time: Thu 22 May 2025 04:09:03 +0000
ROA not before: Thu 22 May 2025 04:09:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2898 (0xb52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 04:09:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0EFA9D1516EA0E035CC537D89082F75DF6904043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b2:46:38:d4:fa:26:a7:8c:e2:64:84:5d:83:
ae:11:a4:59:ee:f0:a2:4c:71:71:1c:99:71:6e:1e:
ec:ec:7d:a6:a5:34:af:cc:91:74:5d:29:05:65:5d:
4f:f8:92:0d:f2:7a:70:91:4e:8c:8b:b8:d6:dc:75:
49:d3:0e:ba:7a:14:88:2e:7d:01:90:29:78:a0:94:
6c:64:d6:e8:ee:9e:85:79:be:1e:5e:80:d1:48:95:
bf:d6:df:a8:23:d3:b4:02:fa:b7:a0:ad:b0:9c:70:
80:2b:db:b0:f8:9b:87:f6:52:71:85:1a:4d:93:ab:
98:e2:07:88:15:dd:48:34:19:fc:cf:9c:65:d8:35:
3e:c5:d5:bf:a3:6e:ed:e5:20:c2:fc:b0:23:88:11:
5f:98:3f:4a:80:08:6e:6c:dd:39:8e:8a:0e:81:9d:
8d:25:3e:8c:68:ca:c9:35:34:61:82:0d:53:60:b2:
0c:93:67:62:6b:f2:b6:c3:39:ee:58:d6:f5:88:0d:
d2:c1:e1:75:f7:2f:47:4a:b1:40:3e:4f:ce:a2:78:
ea:f2:ee:09:bf:97:74:d3:48:51:f4:7a:66:ef:5e:
ab:93:be:4c:0a:ac:5d:6d:8d:62:0c:31:58:60:ad:
e3:0e:12:8c:e0:a4:ef:44:36:57:71:da:16:fc:da:
43:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FA:9D:15:16:EA:0E:03:5C:C5:37:D8:90:82:F7:5D:F6:90:40:43
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/DvqdFRbqDgNcxTfYkIL3XfaQQEM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:c6:d4:c2:1d:f0:54:18:b4:31:e1:55:2e:fd:46:ca:f4:9a:
6c:c4:fb:ee:17:64:6f:c5:3f:1d:1e:f3:5f:ef:4f:4c:65:af:
de:f3:e9:82:9c:7d:1e:85:57:20:d0:a3:3b:86:9a:dc:76:b7:
bc:51:74:b8:86:47:d7:50:29:cf:bd:7d:24:60:1b:36:06:24:
66:86:6b:2a:1c:52:90:fb:bb:48:9e:96:23:56:27:79:5b:01:
b0:4b:0e:8f:5b:26:fe:cf:76:e9:14:d6:ec:06:1b:ed:08:a3:
9c:46:5d:d8:32:ae:05:44:f3:78:e2:6e:2e:11:f2:2e:27:d1:
ab:eb:f2:49:d5:0b:5c:90:fe:92:b2:1f:2f:82:a2:59:86:ca:
64:9d:e5:ef:d8:ec:e2:80:a8:c2:40:bb:39:b2:81:d1:c3:7f:
1f:28:0c:92:15:80:16:c3:35:00:11:68:ad:46:b8:3c:eb:7f:
5c:93:9f:ee:28:21:5f:df:ae:cd:be:69:58:5b:dd:48:15:2c:
14:24:5d:b0:6c:27:76:ef:8f:58:a9:62:c4:02:7b:0d:85:60:
32:09:fe:24:9d:ee:87:cc:88:20:e1:1d:83:64:d0:a7:23:f3:
90:22:5c:e7:1c:c8:73:33:0c:45:12:61:b1:c7:8f:77:2f:d0:
56:fc:22:6d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC1IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIw
NDA5MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBFRkE5RDE1MTZFQTBF
MDM1Q0M1MzdEODkwODJGNzVERjY5MDQwNDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOskY41Pomp4ziZIRdg64RpFnu8KJMcXEcmXFuHuzsfaalNK/M
kXRdKQVlXU/4kg3yenCRToyLuNbcdUnTDrp6FIgufQGQKXiglGxk1ujunoV5vh5e
gNFIlb/W36gj07QC+regrbCccIAr27D4m4f2UnGFGk2Tq5jiB4gV3Ug0GfzPnGXY
NT7F1b+jbu3lIML8sCOIEV+YP0qACG5s3TmOig6BnY0lPoxoysk1NGGCDVNgsgyT
Z2Jr8rbDOe5Y1vWIDdLB4XX3L0dKsUA+T86ieOry7gm/l3TTSFH0embvXquTvkwK
rF1tjWIMMVhgreMOEozgpO9ENldx2hb82kPlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUDvqdFRbqDgNcxTfYkIL3XfaQQEMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9EdnFkRlJicURnTmN4VGZZ
a0lMM1hmYVFRRU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAH3G1MId8FQYtDHhVS79Rsr0mmzE++4XZG/F
Px0e81/vT0xlr97z6YKcfR6FVyDQozuGmtx2t7xRdLiGR9dQKc+9fSRgGzYGJGaG
ayocUpD7u0ieliNWJ3lbAbBLDo9bJv7PdukU1uwGG+0Io5xGXdgyrgVE83jibi4R
8i4n0avr8knVC1yQ/pKyHy+ColmGymSd5e/Y7OKAqMJAuzmygdHDfx8oDJIVgBbD
NQARaK1GuDzrf1yTn+4oIV/frs2+aVhb3UgVLBQkXbBsJ3bvj1ipYsQCew2FYDIJ
/iSd7ofMiCDhHYNk0Kcj85AiXOccyHMzDEUSYbHHj3cv0Fb8Im0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:45:17 2025 by rpki-client