Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VBv-qO-HTD1_ur4jA6CWxJZeHbM.roa
File: VBv-qO-HTD1_ur4jA6CWxJZeHbM.roa (raw, json)
Hash identifier: SJ9BAm4zZ80yUHe5diZ+TONVlDykD4YkO+xjjcs3cKY=
Subject key identifier: 54:1B:FE:A8:EF:87:4C:3D:7F:BA:BE:23:03:A0:96:C4:96:5E:1D:B3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 06D6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VBv-qO-HTD1_ur4jA6CWxJZeHbM.roa
Signing time: Fri 16 May 2025 04:38:13 +0000
ROA not before: Fri 16 May 2025 04:38:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1750 (0x6d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 04:38:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=541BFEA8EF874C3D7FBABE2303A096C4965E1DB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:37:fa:01:c7:a8:41:43:d9:71:3b:c0:b7:6c:
4f:e2:af:c0:39:67:c0:2d:16:23:7e:d7:63:1f:f7:
51:34:da:5a:a3:8e:bb:37:d1:de:3b:52:2e:6a:e9:
69:8d:bb:99:21:8e:77:4f:77:64:78:2f:a5:34:44:
04:4b:71:1a:c7:8c:26:83:7d:6c:09:b5:97:e8:94:
71:61:dd:b0:ea:a8:22:18:54:a5:24:db:4a:ab:ee:
e5:9d:d6:12:0f:12:29:0b:c6:03:a2:e4:90:ed:fd:
22:3e:de:08:7b:6e:46:18:e1:47:e6:8f:05:ac:63:
4e:fb:cd:89:ed:ed:63:10:64:00:07:c9:b7:3d:dc:
1f:92:ff:ba:bb:0d:e3:e5:6b:7f:a4:51:6a:09:ea:
65:6d:2c:12:60:81:25:93:38:52:7d:da:b1:24:4c:
48:d2:98:54:3f:c9:6b:4c:a6:e6:38:29:28:0a:35:
54:8b:7b:43:c5:10:01:41:e7:7e:d0:36:38:d3:ac:
6c:b2:90:36:1a:61:8e:ad:e6:64:ec:c8:7f:df:23:
b3:81:d6:7b:20:dd:83:35:2e:1c:2c:31:78:21:2b:
22:70:84:d1:08:e6:51:77:2b:2a:69:4b:7f:07:f2:
84:ea:0a:75:58:47:9c:83:29:d5:f6:2a:05:67:b3:
07:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1B:FE:A8:EF:87:4C:3D:7F:BA:BE:23:03:A0:96:C4:96:5E:1D:B3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VBv-qO-HTD1_ur4jA6CWxJZeHbM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:e2:32:19:ae:59:67:e8:75:64:1f:35:6e:7f:bc:fe:4b:f0:
55:0f:b4:07:14:34:59:1a:d7:46:14:ab:7f:de:6c:6f:21:e4:
9a:fe:9d:60:e7:c9:72:a8:3d:25:3e:d1:c4:dc:e2:bb:56:5a:
b9:f6:b4:09:36:34:45:cd:f1:9f:a6:3f:27:6b:b6:0b:ec:44:
e8:48:7a:cb:6e:8e:c3:e2:eb:7f:7d:97:77:9f:03:2d:fa:6b:
71:2b:1b:1c:d1:58:08:70:82:70:99:bb:a4:f2:9f:eb:29:f0:
d8:09:09:e1:b8:61:c9:9c:c7:78:4c:d3:c9:cb:71:2a:e0:86:
84:a0:52:b9:7d:20:a1:49:4d:d7:ff:9b:7d:15:6a:4e:87:65:
40:18:ea:ff:4a:95:ed:e1:51:e2:32:f1:af:79:ae:4a:e8:22:
d8:15:a4:a7:ca:9d:e8:74:69:64:b3:a7:ac:24:8f:17:60:4b:
7e:3d:74:2b:60:82:16:17:7f:75:17:1b:57:da:dd:6d:20:18:
42:8a:8b:c5:79:1f:03:b0:aa:9f:95:88:da:68:95:6f:47:c9:
98:8b:80:5c:96:b6:de:28:3e:ec:57:da:55:97:1d:ae:ec:04:
80:0d:a1:fb:e4:fd:09:fd:19:cd:39:5d:0b:95:52:c1:8c:1d:
1c:b8:43:71
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBtYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYw
NDM4MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0MUJGRUE4RUY4NzRD
M0Q3RkJBQkUyMzAzQTA5NkM0OTY1RTFEQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVN/oBx6hBQ9lxO8C3bE/ir8A5Z8AtFiN+12Mf91E02lqjjrs3
0d47Ui5q6WmNu5khjndPd2R4L6U0RARLcRrHjCaDfWwJtZfolHFh3bDqqCIYVKUk
20qr7uWd1hIPEikLxgOi5JDt/SI+3gh7bkYY4UfmjwWsY077zYnt7WMQZAAHybc9
3B+S/7q7DePla3+kUWoJ6mVtLBJggSWTOFJ92rEkTEjSmFQ/yWtMpuY4KSgKNVSL
e0PFEAFB537QNjjTrGyykDYaYY6t5mTsyH/fI7OB1nsg3YM1LhwsMXghKyJwhNEI
5lF3KyppS38H8oTqCnVYR5yDKdX2KgVnswdDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVBv+qO+HTD1/ur4jA6CWxJZeHbMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WQnYtcU8tSFREMV91cjRq
QTZDV3hKWmVIYk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFLiMhmuWWfodWQfNW5/vP5L8FUPtAcUNFka
10YUq3/ebG8h5Jr+nWDnyXKoPSU+0cTc4rtWWrn2tAk2NEXN8Z+mPydrtgvsROhI
estujsPi6399l3efAy36a3ErGxzRWAhwgnCZu6Tyn+sp8NgJCeG4Ycmcx3hM08nL
cSrghoSgUrl9IKFJTdf/m30Vak6HZUAY6v9Kle3hUeIy8a95rkroItgVpKfKneh0
aWSzp6wkjxdgS349dCtgghYXf3UXG1fa3W0gGEKKi8V5HwOwqp+ViNpolW9HyZiL
gFyWtt4oPuxX2lWXHa7sBIANofvk/Qn9Gc05XQuVUsGMHRy4Q3E=
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:16:46 2025 by rpki-client