Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/GcnaRVhH7VLDDNg2n53V-5SGNhE.roa
File: GcnaRVhH7VLDDNg2n53V-5SGNhE.roa (raw, json)
Hash identifier: 8ZTR70Gqx3R7qUjERgjspENm0XFhV+9ZDSRVC93jxig=
Subject key identifier: 19:C9:DA:45:58:47:ED:52:C3:0C:D8:36:9F:9D:D5:FB:94:86:36:11
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0496
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GcnaRVhH7VLDDNg2n53V-5SGNhE.roa
Signing time: Tue 13 May 2025 04:38:02 +0000
ROA not before: Tue 13 May 2025 04:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1174 (0x496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 04:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=19C9DA455847ED52C30CD8369F9DD5FB94863611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:6e:c4:08:71:9f:48:3d:86:55:ef:38:fe:2f:
f2:6d:8b:1c:dc:68:fa:b0:0b:cc:3a:7b:f8:ea:11:
a4:0e:aa:52:52:e5:f0:dd:b0:24:d2:82:50:2e:6e:
49:05:f3:eb:03:6d:55:d8:26:13:06:26:8c:66:55:
61:c8:c9:f4:27:13:be:f7:4a:ae:43:7f:d8:00:ea:
da:9b:46:cc:75:1f:7a:cb:86:d3:6a:9d:f4:f1:03:
a3:5b:6c:a0:04:63:f9:79:f6:b4:2f:f1:53:4f:b6:
83:2f:a2:d9:31:cf:2e:ed:d1:23:7f:bd:e8:3e:5e:
11:73:56:c5:11:54:40:0c:4a:84:23:93:0d:da:01:
55:ff:36:bb:9a:7a:61:35:76:4c:11:b1:40:ef:0a:
f1:71:20:87:c0:43:b0:75:8d:28:fe:30:15:ca:1b:
15:9b:8a:b6:65:06:32:fd:25:52:13:0b:8a:de:67:
5e:ae:ce:63:d6:12:55:77:9d:ab:db:1b:99:9e:bf:
ec:5a:ae:11:b9:52:cd:7d:ce:c1:44:8e:b9:97:71:
6f:6e:2a:f0:a8:a1:5e:3e:68:e2:a6:c9:bb:7a:05:
2f:9f:ec:5b:a2:e4:18:bf:be:81:fe:c1:d3:aa:90:
4d:42:03:ab:3b:52:05:3b:8a:fd:5b:2b:71:22:f4:
a7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C9:DA:45:58:47:ED:52:C3:0C:D8:36:9F:9D:D5:FB:94:86:36:11
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/GcnaRVhH7VLDDNg2n53V-5SGNhE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:08:b7:cc:63:10:48:1b:c5:f4:e6:d6:d6:74:3f:38:7d:d1:
db:e1:9e:3a:ac:3d:f5:7a:af:53:96:f7:dc:3c:e1:7e:87:14:
f9:e7:3d:8f:c9:5e:c0:bc:7f:4d:4c:72:9c:b8:de:ee:a5:42:
63:41:48:a8:e6:e1:55:89:02:63:10:25:52:ef:06:5c:d1:da:
26:31:e0:a1:c2:c6:ae:5b:57:37:a4:a9:a0:56:b8:90:9e:1a:
56:94:cb:70:4c:42:95:fa:01:c2:29:55:08:f5:df:a5:3a:b1:
d0:4e:54:ee:73:9c:48:fa:4f:53:15:cd:ed:71:60:a1:4a:bb:
99:d7:d9:5e:8d:18:88:7f:39:9b:18:fe:55:33:3c:08:d6:eb:
bc:c3:5f:59:ea:24:d9:10:07:2d:78:5d:55:eb:64:bd:e8:f7:
52:7e:27:25:b8:9f:ed:26:40:be:d2:e1:26:e8:a8:a9:13:2b:
e3:c4:79:42:a8:a2:f1:e0:cc:a7:a2:f0:e2:d3:ac:ee:9b:b4:
a5:65:57:89:67:ef:b1:4f:03:a9:6b:49:69:27:8c:78:76:b6:
a0:4a:ab:ac:97:36:67:f3:ad:8b:7c:96:78:2c:2a:17:44:96:
99:29:e7:95:d0:66:85:98:52:37:e7:8d:1a:1c:34:44:8f:c8:
f4:5b:27:a1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBJYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NDM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDE5QzlEQTQ1NTg0N0VE
NTJDMzBDRDgzNjlGOURENUZCOTQ4NjM2MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnbsQIcZ9IPYZV7zj+L/JtixzcaPqwC8w6e/jqEaQOqlJS5fDd
sCTSglAubkkF8+sDbVXYJhMGJoxmVWHIyfQnE773Sq5Df9gA6tqbRsx1H3rLhtNq
nfTxA6NbbKAEY/l59rQv8VNPtoMvotkxzy7t0SN/veg+XhFzVsURVEAMSoQjkw3a
AVX/NruaemE1dkwRsUDvCvFxIIfAQ7B1jSj+MBXKGxWbirZlBjL9JVITC4reZ16u
zmPWElV3navbG5mev+xarhG5Us19zsFEjrmXcW9uKvCooV4+aOKmybt6BS+f7Fui
5Bi/voH+wdOqkE1CA6s7UgU7iv1bK3Ei9KeJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUGcnaRVhH7VLDDNg2n53V+5SGNhEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9HY25hUlZoSDdWTERETmcy
bjUzVi01U0dOaEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGsIt8xjEEgbxfTm1tZ0Pzh90dvhnjqsPfV6
r1OW99w84X6HFPnnPY/JXsC8f01Mcpy43u6lQmNBSKjm4VWJAmMQJVLvBlzR2iYx
4KHCxq5bVzekqaBWuJCeGlaUy3BMQpX6AcIpVQj136U6sdBOVO5znEj6T1MVze1x
YKFKu5nX2V6NGIh/OZsY/lUzPAjW67zDX1nqJNkQBy14XVXrZL3o91J+JyW4n+0m
QL7S4SboqKkTK+PEeUKoovHgzKei8OLTrO6btKVlV4ln77FPA6lrSWknjHh2tqBK
q6yXNmfzrYt8lngsKhdElpkp55XQZoWYUjfnjRocNESPyPRbJ6E=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:01:46 2025 by rpki-client