Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/PA-N7XAvOOrLJdG1rszJ8f5K4Vc.roa
File: PA-N7XAvOOrLJdG1rszJ8f5K4Vc.roa (raw, json)
Hash identifier: wQ7O4RvAbJRJRko9x5VZMQ2J8Gj0X7WoHQJmGthNWkU=
Subject key identifier: 3C:0F:8D:ED:70:2F:38:EA:CB:25:D1:B5:AE:CC:C9:F1:FE:4A:E1:57
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 021E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PA-N7XAvOOrLJdG1rszJ8f5K4Vc.roa
Signing time: Fri 09 May 2025 21:37:48 +0000
ROA not before: Fri 09 May 2025 21:37:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 542 (0x21e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 21:37:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3C0F8DED702F38EACB25D1B5AECCC9F1FE4AE157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:44:10:e2:f0:46:3b:e2:20:bb:82:54:77:5d:
8c:4c:37:14:93:62:13:58:e3:c6:64:e8:25:99:55:
62:f7:4f:76:96:d5:d6:f3:3d:9f:6f:8c:9d:99:16:
f8:10:08:98:82:62:3a:3f:32:31:7d:00:e0:4b:4e:
74:93:c2:68:db:4e:60:39:1f:9f:63:b4:bd:d2:9d:
44:a4:bb:26:04:2b:65:25:64:3d:b9:db:71:1a:5c:
6d:7a:87:57:c1:f3:9c:5c:9e:b7:bf:e8:90:40:67:
d9:ec:01:c9:7b:5f:1a:86:9f:0c:4c:2c:d5:c6:ca:
2e:57:a3:2d:47:7f:fb:ba:a0:2e:6e:4b:2b:76:2d:
88:a7:ab:d6:96:1e:e3:e6:c2:e6:3e:c0:8b:84:d6:
c4:6a:ac:f9:c2:43:0e:46:8b:47:11:59:73:9e:f0:
ce:ed:14:ba:7d:dc:95:61:24:55:d2:a3:af:75:b1:
0a:a8:82:74:1b:b4:47:20:0e:cf:dc:96:7c:59:f5:
3d:16:1e:c4:18:ef:b9:a7:1f:2a:d4:b1:05:0c:41:
2a:d0:73:0a:c5:c6:6e:02:13:61:f5:dc:b1:f2:68:
1c:3e:f0:92:94:91:6b:c3:eb:68:ae:2d:fb:aa:4a:
c9:85:1f:8b:d8:5c:f1:c2:c4:ef:bc:90:d5:8b:53:
31:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:0F:8D:ED:70:2F:38:EA:CB:25:D1:B5:AE:CC:C9:F1:FE:4A:E1:57
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/PA-N7XAvOOrLJdG1rszJ8f5K4Vc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
75:52:cd:63:11:83:41:47:68:4a:a1:d1:fa:82:c6:a0:93:ba:
c0:36:c5:12:a2:6e:e3:60:6c:2e:e7:89:11:87:34:64:86:1a:
5e:85:2c:78:86:17:96:81:9b:36:c9:55:05:d4:2d:0d:d3:0f:
f7:ad:98:59:2d:d7:1c:e1:83:0d:27:ea:c3:5e:6b:3e:ea:45:
12:b0:ac:bd:6a:f4:ae:ce:43:b9:ff:1c:b0:e1:bc:56:d5:12:
69:e4:73:07:ef:b3:6d:7b:81:96:6a:35:7c:49:3e:51:00:2a:
f2:2a:f1:20:d8:69:02:c5:73:27:6e:e6:48:86:7c:0b:af:28:
19:93:6f:da:63:b5:db:40:79:db:e6:ab:3a:4e:9d:e6:bf:ff:
5c:89:2c:eb:38:3e:d1:61:c7:b9:d0:56:9b:7c:21:dc:63:17:
ed:fd:e3:bb:69:1c:39:8d:b7:84:6f:e9:1e:9e:83:b8:4d:0b:
dc:db:dc:51:25:e1:f5:f8:22:f6:6d:bb:62:5d:a6:96:eb:4e:
7c:10:c4:56:6d:6e:0e:0a:cc:db:38:9d:77:53:ff:0a:93:b9:
db:57:a3:9f:95:67:d4:8f:a5:40:04:26:a7:f9:44:4a:a5:92:
f9:66:a1:b1:3c:01:6e:7c:c8:e7:b7:a4:37:85:16:5d:63:e2:
db:44:ee:5b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDky
MTM3NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNDMEY4REVENzAyRjM4
RUFDQjI1RDFCNUFFQ0NDOUYxRkU0QUUxNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvRBDi8EY74iC7glR3XYxMNxSTYhNY48Zk6CWZVWL3T3aW1dbz
PZ9vjJ2ZFvgQCJiCYjo/MjF9AOBLTnSTwmjbTmA5H59jtL3SnUSkuyYEK2UlZD25
23EaXG16h1fB85xcnre/6JBAZ9nsAcl7XxqGnwxMLNXGyi5Xoy1Hf/u6oC5uSyt2
LYinq9aWHuPmwuY+wIuE1sRqrPnCQw5Gi0cRWXOe8M7tFLp93JVhJFXSo691sQqo
gnQbtEcgDs/clnxZ9T0WHsQY77mnHyrUsQUMQSrQcwrFxm4CE2H13LHyaBw+8JKU
kWvD62iuLfuqSsmFH4vYXPHCxO+8kNWLUzHvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPA+N7XAvOOrLJdG1rszJ8f5K4VcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QQS1ON1hBdk9PckxKZEcx
cnN6SjhmNUs0VmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHVSzWMRg0FHaEqh0fqCxqCTusA2xRKibuNg
bC7niRGHNGSGGl6FLHiGF5aBmzbJVQXULQ3TD/etmFkt1xzhgw0n6sNeaz7qRRKw
rL1q9K7OQ7n/HLDhvFbVEmnkcwfvs217gZZqNXxJPlEAKvIq8SDYaQLFcydu5kiG
fAuvKBmTb9pjtdtAedvmqzpOnea//1yJLOs4PtFhx7nQVpt8IdxjF+3947tpHDmN
t4Rv6R6eg7hNC9zb3FEl4fX4IvZtu2JdppbrTnwQxFZtbg4KzNs4nXdT/wqTudtX
o5+VZ9SPpUAEJqf5REqlkvlmobE8AW58yOe3pDeFFl1j4ttE7ls=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:56:45 2025 by rpki-client