Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/OjBmhFUX8L2dCGXWMYCknmODpQ0.roa
File: OjBmhFUX8L2dCGXWMYCknmODpQ0.roa (raw, json)
Hash identifier: GYh3y5Oxlo4WLTqNGaOQ9RYYm0q1BY9OSpPyfq7ARQA=
Subject key identifier: 3A:30:66:84:55:17:F0:BD:9D:08:65:D6:31:80:A4:9E:63:83:A5:0D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F02
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OjBmhFUX8L2dCGXWMYCknmODpQ0.roa
Signing time: Tue 27 May 2025 02:09:03 +0000
ROA not before: Tue 27 May 2025 02:09:03 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3842 (0xf02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 02:09:03 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3A3066845517F0BD9D0865D63180A49E6383A50D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d1:a6:18:63:4b:bf:3d:98:ae:f2:6d:d2:ba:
db:51:9f:6e:ef:74:d1:da:18:94:e6:b7:f0:a4:87:
c7:19:a4:cb:b8:91:e8:fd:96:ee:2c:58:dc:cb:b9:
eb:6d:32:e7:d5:64:02:78:16:b1:1d:44:2c:17:fd:
2e:3b:25:d0:70:ba:a9:e0:7d:50:6c:a8:97:ba:4d:
94:37:54:4d:15:83:80:1f:5e:55:7c:b6:f0:ba:11:
fc:dc:39:c4:0f:bf:c5:a0:a2:b0:16:4f:11:f7:4e:
c1:fd:aa:e0:ff:ef:26:f9:19:4e:4e:3f:e4:09:a7:
4d:22:6c:48:1a:b7:c4:1f:87:75:e7:80:62:c1:6b:
62:a1:c2:c4:09:b2:7c:c9:76:1e:bb:56:91:53:6f:
08:e8:a4:02:65:cf:61:82:8e:3d:52:dc:86:70:c1:
29:01:5c:4a:43:bb:71:36:a6:0b:93:38:99:cb:87:
ca:34:df:64:7e:7a:27:6a:63:25:88:16:97:89:78:
a5:cc:13:3b:b7:66:48:5a:db:74:8d:e9:9e:d5:17:
f2:ee:8b:c8:a2:60:cb:c2:c9:14:48:f5:69:99:fb:
3b:f9:dc:bf:3a:7a:7e:3d:df:74:fc:96:33:d3:ad:
d0:85:e5:d0:73:40:ce:bb:71:71:5d:33:17:fc:91:
09:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:30:66:84:55:17:F0:BD:9D:08:65:D6:31:80:A4:9E:63:83:A5:0D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/OjBmhFUX8L2dCGXWMYCknmODpQ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:dd:5f:87:e0:f3:5c:02:94:3a:7a:3f:a1:c9:5e:39:a2:aa:
e6:f0:09:36:6b:c2:c9:37:84:00:6c:4e:f2:3d:d4:13:e2:d6:
aa:69:9b:ef:ad:1d:9c:48:98:01:40:ed:27:ae:e7:14:05:25:
ab:2e:02:ea:a6:4d:25:25:96:80:5d:26:6f:a7:d6:bf:c7:e2:
84:98:af:d8:49:c8:19:16:84:81:40:71:11:c0:69:88:0f:d4:
74:c6:f5:86:75:fe:af:3c:c1:ef:8d:4a:a0:e0:85:49:c1:a7:
18:af:1c:d3:51:9c:68:d6:a0:4b:81:4c:fb:b9:39:57:07:ab:
ea:e1:26:ee:a8:44:3b:99:36:b9:62:2d:b0:de:7a:b3:82:fd:
34:66:6c:42:b8:2e:9a:bf:d0:ae:ce:ac:b1:61:dd:da:42:42:
b5:fd:aa:47:98:8c:8b:cc:d0:4e:33:a0:d2:9c:9d:d7:86:16:
76:c6:ab:51:36:e3:c6:3a:77:98:ec:85:fb:da:bf:d1:a0:07:
06:ad:81:55:17:65:ed:f5:30:83:35:73:26:d3:74:3e:6e:29:
10:3b:fa:ff:be:9d:21:b1:25:4a:19:e0:e4:88:b5:9d:fa:d7:
3b:a8:7b:90:51:ee:88:dc:5a:7e:40:c7:a9:8f:70:16:58:ca:
61:cb:25:39
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
MjA5MDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNBMzA2Njg0NTUxN0Yw
QkQ5RDA4NjVENjMxODBBNDlFNjM4M0E1MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT0aYYY0u/PZiu8m3SuttRn27vdNHaGJTmt/Ckh8cZpMu4kej9
lu4sWNzLuettMufVZAJ4FrEdRCwX/S47JdBwuqngfVBsqJe6TZQ3VE0Vg4AfXlV8
tvC6EfzcOcQPv8WgorAWTxH3TsH9quD/7yb5GU5OP+QJp00ibEgat8Qfh3XngGLB
a2KhwsQJsnzJdh67VpFTbwjopAJlz2GCjj1S3IZwwSkBXEpDu3E2pguTOJnLh8o0
32R+eidqYyWIFpeJeKXMEzu3Zkha23SN6Z7VF/Lui8iiYMvCyRRI9WmZ+zv53L86
en4933T8ljPTrdCF5dBzQM67cXFdMxf8kQlTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUOjBmhFUX8L2dCGXWMYCknmODpQ0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9PakJtaEZVWDhMMmRDR1hX
TVlDa25tT0RwUTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ7dX4fg81wClDp6P6HJXjmiqubwCTZrwsk3
hABsTvI91BPi1qppm++tHZxImAFA7Seu5xQFJasuAuqmTSUlloBdJm+n1r/H4oSY
r9hJyBkWhIFAcRHAaYgP1HTG9YZ1/q88we+NSqDghUnBpxivHNNRnGjWoEuBTPu5
OVcHq+rhJu6oRDuZNrliLbDeerOC/TRmbEK4Lpq/0K7OrLFh3dpCQrX9qkeYjIvM
0E4zoNKcndeGFnbGq1E248Y6d5jshfvav9GgBwatgVUXZe31MIM1cybTdD5uKRA7
+v++nSGxJUoZ4OSItZ361zuoe5BR7ojcWn5Ax6mPcBZYymHLJTk=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:20 2025 by rpki-client