Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/UsbS8hYZTxEHU_VGJnwYgP_MNM8.roa
File: UsbS8hYZTxEHU_VGJnwYgP_MNM8.roa (raw, json)
Hash identifier: zyptTSdWNdZ6N8d7/JdX8NBcj5Yf2mmv1+uHPXTM5ng=
Subject key identifier: 52:C6:D2:F2:16:19:4F:11:07:53:F5:46:26:7C:18:80:FF:CC:34:CF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 087E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UsbS8hYZTxEHU_VGJnwYgP_MNM8.roa
Signing time: Sun 18 May 2025 09:38:09 +0000
ROA not before: Sun 18 May 2025 09:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2174 (0x87e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 09:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=52C6D2F216194F110753F546267C1880FFCC34CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:49:9b:96:13:e0:4c:e3:4c:07:b8:80:de:f5:
64:20:27:4d:fe:fa:a3:98:da:ae:fc:64:af:b6:4e:
f7:7a:04:fe:aa:e8:91:15:f0:5d:52:52:b5:4d:5c:
6c:6c:d9:8f:bd:27:e5:11:3f:96:12:af:d3:01:d0:
fe:de:73:b0:26:68:14:d9:09:13:20:4f:95:77:d4:
2b:dc:87:b1:7b:18:e8:73:e4:2c:6c:94:84:62:90:
0a:e8:ae:e6:23:99:26:6e:b2:b8:d3:23:e6:77:7f:
22:80:1a:5b:74:bb:26:b5:d1:0b:38:89:38:99:be:
e5:b9:8e:43:1d:76:40:10:67:60:b5:02:d2:ef:c3:
cb:6b:d1:41:24:42:7d:68:55:2d:9c:ae:60:25:3e:
9a:ea:b9:16:72:04:69:2e:f1:17:81:46:75:81:e9:
f3:62:c6:af:83:8f:a7:fe:a7:4f:c3:c8:d9:0d:18:
d9:aa:cc:22:40:03:e8:2c:19:f4:8e:6c:85:6c:e4:
7b:4a:bd:33:53:ea:ca:ac:29:f5:44:71:d2:46:4f:
47:08:a0:91:8f:1b:bf:7e:84:9f:d9:ba:50:83:f4:
e0:cc:cc:eb:b3:5e:b6:23:de:90:8c:36:29:e5:10:
5c:46:9a:20:35:40:59:80:82:62:09:f8:c1:fc:ee:
b1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C6:D2:F2:16:19:4F:11:07:53:F5:46:26:7C:18:80:FF:CC:34:CF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/UsbS8hYZTxEHU_VGJnwYgP_MNM8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:03:15:8a:fd:09:58:52:d2:25:07:73:1e:5b:72:c1:1c:5a:
23:f5:a1:f3:31:8a:d5:3b:cf:fa:44:1f:ed:9a:4d:b6:3e:5e:
bc:7a:75:3d:2e:f5:02:59:53:6f:c4:88:bd:e9:c1:1a:01:b4:
fd:2b:c8:0e:4e:5d:8c:63:41:ee:20:3d:2e:2c:0f:34:fe:b3:
d3:23:f4:d4:5f:bd:a8:ab:11:b2:67:9c:fa:0b:7b:ee:db:8c:
34:70:86:90:06:34:26:42:d2:e3:1d:02:3d:af:82:56:95:88:
b8:fa:df:fb:d8:af:e8:ce:eb:19:10:41:de:36:ab:44:b4:54:
91:d5:5f:78:e0:f6:99:e1:33:18:e9:d0:26:14:5c:db:79:67:
30:b5:35:79:61:9f:44:a0:ef:8b:ad:5d:a8:98:28:93:57:3b:
34:0b:1a:69:6c:a4:1b:37:d5:40:44:47:45:d7:03:48:5e:fb:
6a:a4:ac:36:cc:0d:2d:ab:41:b1:4b:85:8d:4e:a1:3f:c2:39:
8b:f4:51:bd:72:45:15:53:c8:92:14:64:3a:13:ff:0a:0b:01:
3a:95:d4:6b:a7:37:fc:de:89:75:d8:e0:2b:ec:14:f5:ae:f5:
a7:e2:42:d7:e5:c3:17:fb:97:5c:ca:23:92:ee:ae:d8:90:a3:
ae:85:92:06
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
OTM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDUyQzZEMkYyMTYxOTRG
MTEwNzUzRjU0NjI2N0MxODgwRkZDQzM0Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgSZuWE+BM40wHuIDe9WQgJ03++qOY2q78ZK+2Tvd6BP6q6JEV
8F1SUrVNXGxs2Y+9J+URP5YSr9MB0P7ec7AmaBTZCRMgT5V31Cvch7F7GOhz5Cxs
lIRikAroruYjmSZusrjTI+Z3fyKAGlt0uya10Qs4iTiZvuW5jkMddkAQZ2C1AtLv
w8tr0UEkQn1oVS2crmAlPprquRZyBGku8ReBRnWB6fNixq+Dj6f+p0/DyNkNGNmq
zCJAA+gsGfSObIVs5HtKvTNT6sqsKfVEcdJGT0cIoJGPG79+hJ/ZulCD9ODMzOuz
XrYj3pCMNinlEFxGmiA1QFmAgmIJ+MH87rHRAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUsbS8hYZTxEHU/VGJnwYgP/MNM8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Vc2JTOGhZWlR4RUhVX1ZH
Sm53WWdQX01OTTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACoDFYr9CVhS0iUHcx5bcsEcWiP1ofMxitU7
z/pEH+2aTbY+Xrx6dT0u9QJZU2/EiL3pwRoBtP0ryA5OXYxjQe4gPS4sDzT+s9Mj
9NRfvairEbJnnPoLe+7bjDRwhpAGNCZC0uMdAj2vglaViLj63/vYr+jO6xkQQd42
q0S0VJHVX3jg9pnhMxjp0CYUXNt5ZzC1NXlhn0Sg74utXaiYKJNXOzQLGmlspBs3
1UBER0XXA0he+2qkrDbMDS2rQbFLhY1OoT/COYv0Ub1yRRVTyJIUZDoT/woLATqV
1GunN/zeiXXY4CvsFPWu9afiQtflwxf7l1zKI5LurtiQo66FkgY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:03 2025 by rpki-client