Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ruiy1ICMAJXsklhPfdnou2lcQlA.roa
File: Ruiy1ICMAJXsklhPfdnou2lcQlA.roa (raw, json)
Hash identifier: BZo4pxjkq+p2w/Wz6CGKCI5Z9WUOeLYsHWmdudh//4M=
Subject key identifier: 46:E8:B2:D4:80:8C:00:95:EC:92:58:4F:7D:D9:E8:BB:69:5C:42:50
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 128E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ruiy1ICMAJXsklhPfdnou2lcQlA.roa
Signing time: Sat 31 May 2025 19:39:52 +0000
ROA not before: Sat 31 May 2025 19:39:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4750 (0x128e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 19:39:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=46E8B2D4808C0095EC92584F7DD9E8BB695C4250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e2:3d:a1:fa:c3:9e:69:66:e1:99:ef:78:d6:
76:6f:49:21:55:be:92:e8:ce:88:af:dc:44:90:58:
9f:35:23:a0:b1:e6:0b:c4:b6:e8:94:13:02:5a:12:
89:55:49:9a:b3:47:72:bf:df:57:25:a4:ec:9d:b0:
fa:30:51:83:77:0f:cd:3b:e3:50:8c:b4:16:73:7a:
95:85:ce:b3:41:9a:ff:01:99:1c:d8:bf:cf:c8:61:
62:cf:11:67:5a:86:03:0a:c1:77:45:af:7a:f0:3e:
35:01:3c:92:28:72:6e:8f:d2:7f:1d:5a:9e:f2:68:
f9:01:55:fb:55:67:c3:78:eb:e3:4c:1d:d8:ae:81:
2c:d3:a9:f3:f8:61:e6:22:e3:94:13:97:a6:65:dc:
1f:da:c7:30:d0:64:c0:5b:ea:13:28:17:3c:91:47:
37:4b:9f:f2:2c:3d:a1:88:2b:3e:f3:15:5d:f8:07:
64:d7:6a:69:71:e3:62:7c:a6:dd:f8:4b:8f:fa:8a:
b1:c5:64:38:9c:5c:06:a4:f0:e5:e0:4b:d2:29:2d:
86:c3:dd:86:61:ec:d6:cf:90:68:24:3d:99:8f:92:
0e:a8:8d:76:f3:cd:d7:0f:41:90:6d:64:ad:10:9b:
d5:3e:6f:5d:47:1c:91:1b:a4:ec:87:45:d7:0b:e7:
fd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E8:B2:D4:80:8C:00:95:EC:92:58:4F:7D:D9:E8:BB:69:5C:42:50
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ruiy1ICMAJXsklhPfdnou2lcQlA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:aa:8f:24:7e:6a:03:a8:09:7b:f1:84:b6:c6:12:1e:dc:6d:
92:ca:62:5e:71:1e:3e:9c:ae:47:6c:8d:24:77:a7:7b:dc:d0:
a8:a5:a4:4d:d9:f0:8e:8a:34:ac:ed:bd:0c:3c:e5:3c:9d:57:
55:82:a1:98:7f:50:26:2d:04:97:0c:26:e1:5d:e0:6d:0f:44:
45:46:08:b7:ae:cc:7d:77:f3:a4:10:62:10:9b:9c:2f:da:16:
43:37:48:f0:83:0a:64:24:64:63:79:6e:56:66:cd:b0:80:87:
8a:02:6e:a6:fa:96:22:2a:60:b5:1c:0e:6a:79:36:fe:8d:70:
e8:0f:0f:65:11:8c:90:94:42:86:b9:c6:de:3c:4e:b4:a5:b9:
69:f7:05:aa:72:de:2d:99:44:b3:ed:3d:de:50:82:b3:49:6b:
bd:31:f6:3f:15:c7:02:ab:42:de:94:7f:7c:ea:4d:7d:57:de:
22:0b:10:19:53:c3:88:49:72:68:c4:b9:37:00:f5:21:2b:19:
66:c5:2a:62:32:a7:33:85:88:fc:b5:bd:f5:6e:8e:34:70:c3:
b7:ba:91:0d:6f:a2:77:96:2b:5a:9e:e4:07:d3:ac:d9:61:ab:
e0:46:59:78:bb:9d:99:af:53:46:ad:63:45:56:2f:9e:cd:67:
af:a0:7c:8e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
OTM5NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ2RThCMkQ0ODA4QzAw
OTVFQzkyNTg0RjdERDlFOEJCNjk1QzQyNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDq4j2h+sOeaWbhme941nZvSSFVvpLozoiv3ESQWJ81I6Cx5gvE
tuiUEwJaEolVSZqzR3K/31clpOydsPowUYN3D80741CMtBZzepWFzrNBmv8BmRzY
v8/IYWLPEWdahgMKwXdFr3rwPjUBPJIocm6P0n8dWp7yaPkBVftVZ8N46+NMHdiu
gSzTqfP4YeYi45QTl6Zl3B/axzDQZMBb6hMoFzyRRzdLn/IsPaGIKz7zFV34B2TX
amlx42J8pt34S4/6irHFZDicXAak8OXgS9IpLYbD3YZh7NbPkGgkPZmPkg6ojXbz
zdcPQZBtZK0Qm9U+b11HHJEbpOyHRdcL5/1TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURuiy1ICMAJXsklhPfdnou2lcQlAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SdWl5MUlDTUFKWHNrbGhQ
ZmRub3UybGNRbEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFOqjyR+agOoCXvxhLbGEh7cbZLKYl5xHj6c
rkdsjSR3p3vc0KilpE3Z8I6KNKztvQw85TydV1WCoZh/UCYtBJcMJuFd4G0PREVG
CLeuzH1386QQYhCbnC/aFkM3SPCDCmQkZGN5blZmzbCAh4oCbqb6liIqYLUcDmp5
Nv6NcOgPD2URjJCUQoa5xt48TrSluWn3Bapy3i2ZRLPtPd5QgrNJa70x9j8VxwKr
Qt6Uf3zqTX1X3iILEBlTw4hJcmjEuTcA9SErGWbFKmIypzOFiPy1vfVujjRww7e6
kQ1voneWK1qe5AfTrNlhq+BGWXi7nZmvU0atY0VWL57NZ6+gfI4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:12:13 2025 by rpki-client