Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/E8v6SATzIvW91vf4BpBATnRUzh0.roa
File: E8v6SATzIvW91vf4BpBATnRUzh0.roa (raw, json)
Hash identifier: dUhRE/072jIYacwd2Oz9bNFWC+CB/HTsSBT28d2Aeqg=
Subject key identifier: 13:CB:FA:48:04:F3:22:F5:BD:D6:F7:F8:06:90:40:4E:74:54:CE:1D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0866
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E8v6SATzIvW91vf4BpBATnRUzh0.roa
Signing time: Sun 18 May 2025 06:38:09 +0000
ROA not before: Sun 18 May 2025 06:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2150 (0x866)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 06:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=13CBFA4804F322F5BDD6F7F80690404E7454CE1D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:38:45:09:ce:3b:cd:2b:55:c6:84:ae:c1:fd:
19:27:1a:de:39:7d:11:2a:81:8b:f9:c4:ce:72:b9:
70:2d:a7:3e:7c:62:34:b4:b0:d3:25:56:76:96:e7:
d1:be:6d:68:fb:51:52:a5:db:4e:87:87:7f:82:1a:
85:32:13:d3:d0:ac:4d:79:aa:f2:3c:e4:ac:f2:0d:
55:c9:33:dc:d6:20:22:58:2e:74:67:c1:50:30:d1:
bf:41:c1:47:cb:f5:4d:09:36:9e:71:f8:6a:a4:f3:
24:7a:69:e9:d5:39:fa:1f:76:e8:8a:55:1e:31:b8:
70:55:21:83:fa:b4:85:60:19:94:94:11:da:f7:28:
f8:c0:8f:c8:90:44:12:51:a0:d3:d3:89:7e:c9:cb:
de:9d:77:84:92:b6:ec:0f:3c:db:96:ad:be:04:1c:
be:6e:7c:c5:de:af:b6:fe:59:48:f2:57:7b:be:23:
f6:36:21:a6:54:5f:04:76:55:bc:de:40:b7:22:b1:
e4:cf:ab:24:04:74:ca:8a:fe:67:2d:ba:82:8a:b5:
34:55:86:6d:64:dd:37:c2:57:c2:ee:d0:0e:d6:41:
c3:aa:ad:d4:34:9c:48:85:7c:a4:2a:cb:be:6e:05:
5a:cb:20:90:44:d9:9e:84:53:a4:b5:65:3c:ab:c4:
0f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CB:FA:48:04:F3:22:F5:BD:D6:F7:F8:06:90:40:4E:74:54:CE:1D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E8v6SATzIvW91vf4BpBATnRUzh0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:97:9f:33:43:d6:c5:2d:b0:d1:e0:ed:d9:12:55:78:48:66:
67:d4:26:4a:05:07:2e:40:e6:cb:86:34:8f:1e:04:f9:77:70:
37:3d:11:35:c6:ea:ea:86:bc:d9:37:9c:a2:5a:c1:18:6d:5b:
80:16:66:3b:9b:c0:10:82:f2:cf:d6:a4:b6:cf:5a:96:da:85:
ad:2c:40:1b:5b:c1:49:7a:e5:a5:3d:d9:7b:fe:3e:c6:22:e7:
1a:b9:9a:5a:21:ad:42:4b:a8:82:ce:e7:c8:92:08:f1:c2:90:
86:2d:d1:96:68:0a:ba:83:fe:22:31:6b:b1:77:a8:b1:00:3f:
16:b2:57:0f:b2:50:df:be:7a:cc:fe:96:52:13:33:8f:9e:d8:
fd:07:d1:19:e0:96:fc:97:d7:ad:2c:31:9a:69:96:17:65:c3:
a6:f9:50:34:bd:30:59:9a:2e:9b:7e:c6:51:0f:2d:e2:12:be:
c9:f5:5b:c5:64:66:db:e9:a9:e7:e9:3f:38:34:68:03:0f:b8:
61:76:9d:29:b5:13:94:7a:f8:be:fe:35:e9:59:bf:57:9b:ba:
fa:81:1d:f6:6a:97:9a:be:11:56:a2:78:3b:5d:a7:ef:69:2a:
d0:e5:2a:8f:60:11:33:58:be:18:f0:e6:10:ff:b3:44:0f:e0:
9f:0e:a7:30
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
NjM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEzQ0JGQTQ4MDRGMzIy
RjVCREQ2RjdGODA2OTA0MDRFNzQ1NENFMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD8OEUJzjvNK1XGhK7B/RknGt45fREqgYv5xM5yuXAtpz58YjS0
sNMlVnaW59G+bWj7UVKl206Hh3+CGoUyE9PQrE15qvI85KzyDVXJM9zWICJYLnRn
wVAw0b9BwUfL9U0JNp5x+Gqk8yR6aenVOfofduiKVR4xuHBVIYP6tIVgGZSUEdr3
KPjAj8iQRBJRoNPTiX7Jy96dd4SStuwPPNuWrb4EHL5ufMXer7b+WUjyV3u+I/Y2
IaZUXwR2VbzeQLciseTPqyQEdMqK/mctuoKKtTRVhm1k3TfCV8Lu0A7WQcOqrdQ0
nEiFfKQqy75uBVrLIJBE2Z6EU6S1ZTyrxA97AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUE8v6SATzIvW91vf4BpBATnRUzh0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FOHY2U0FUekl2VzkxdmY0
QnBCQVRuUlV6aDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEWXnzND1sUtsNHg7dkSVXhIZmfUJkoFBy5A
5suGNI8eBPl3cDc9ETXG6uqGvNk3nKJawRhtW4AWZjubwBCC8s/WpLbPWpbaha0s
QBtbwUl65aU92Xv+PsYi5xq5mlohrUJLqILO58iSCPHCkIYt0ZZoCrqD/iIxa7F3
qLEAPxayVw+yUN++esz+llITM4+e2P0H0RnglvyX160sMZpplhdlw6b5UDS9MFma
Lpt+xlEPLeISvsn1W8VkZtvpqefpPzg0aAMPuGF2nSm1E5R6+L7+NelZv1ebuvqB
HfZql5q+EVaieDtdp+9pKtDlKo9gETNYvhjw5hD/s0QP4J8OpzA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:19:58 2025 by rpki-client