Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VPQ9WV68VrjwD_McDk-Aislo6FY.roa
File: VPQ9WV68VrjwD_McDk-Aislo6FY.roa (raw, json)
Hash identifier: gMFzKedrYZwhcAUBFxIwNN2nvr87UmMsZibJgAhMgkg=
Subject key identifier: 54:F4:3D:59:5E:BC:56:B8:F0:0F:F3:1C:0E:4F:80:8A:C9:68:E8:56
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0982
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VPQ9WV68VrjwD_McDk-Aislo6FY.roa
Signing time: Mon 19 May 2025 18:08:11 +0000
ROA not before: Mon 19 May 2025 18:08:11 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2434 (0x982)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 18:08:11 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=54F43D595EBC56B8F00FF31C0E4F808AC968E856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:03:bd:09:9b:58:fc:2a:20:35:c4:ae:ae:72:
34:5b:3f:10:9a:ab:72:d0:3a:6e:7c:dd:61:20:f2:
e7:c7:a7:5b:6c:f6:84:84:03:24:45:b2:e6:3f:92:
1e:97:77:12:f5:0c:27:38:be:04:d5:6f:a7:cd:13:
e1:4c:12:8a:d1:f3:b0:17:a9:ef:95:23:0f:d5:d9:
53:bc:08:d5:14:6d:ba:92:6a:fc:96:93:20:fd:b4:
58:75:a3:49:1e:ce:be:4d:b2:91:97:51:78:39:cc:
0f:de:25:92:8b:19:6d:01:7a:1b:bf:98:bd:4a:88:
02:86:ca:c8:a6:21:bb:83:ee:3f:18:01:47:d5:ef:
13:56:2c:65:88:66:1c:34:5c:99:e9:8d:5b:13:fa:
0b:4e:c4:30:49:ce:83:38:01:6c:20:f1:2e:3c:c7:
25:af:88:3f:0b:9e:23:38:12:bd:6e:37:3f:de:2b:
da:fb:96:82:e4:a8:5c:f1:68:37:4c:47:40:f1:2a:
ce:7c:f8:0f:79:dc:4a:c9:35:ef:d8:c0:08:b7:bd:
f0:d9:c8:d6:c1:04:e1:cf:13:18:80:40:02:81:50:
d0:39:9f:94:39:55:b9:53:c7:0a:70:18:08:ee:d0:
64:71:80:3d:d9:3f:1e:3f:36:b3:11:17:b7:70:b0:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F4:3D:59:5E:BC:56:B8:F0:0F:F3:1C:0E:4F:80:8A:C9:68:E8:56
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VPQ9WV68VrjwD_McDk-Aislo6FY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:e7:37:b8:c3:8d:89:fe:60:78:9d:66:60:fb:5e:79:10:0a:
6f:4e:08:66:cf:48:35:c7:17:94:37:50:8e:a9:37:61:a5:05:
a8:b8:00:b2:40:20:b9:3d:91:ca:85:f2:74:10:8a:9d:fa:70:
ad:92:f2:fe:8c:ce:89:dc:db:c0:f3:f4:69:1e:1e:31:33:77:
02:bb:28:4c:88:ad:c9:dd:01:1f:b5:1b:27:48:97:39:22:d3:
d3:44:6f:8f:62:16:70:6a:99:48:75:cc:42:90:1d:4d:05:78:
a2:9d:57:2a:e7:bc:de:15:d8:62:b8:4a:ff:ac:ad:4a:0e:2d:
f8:3f:46:42:31:dc:7e:75:63:4b:ef:aa:f4:53:37:08:2e:a8:
da:b6:75:30:8e:03:8d:96:e8:e1:48:60:22:7c:a1:61:ea:e4:
68:12:6c:7a:84:ee:85:2a:b4:ec:48:66:d4:08:e2:8b:8a:82:
06:d6:b6:d0:e1:95:c3:0d:98:b6:99:58:b8:83:9f:57:39:2a:
e0:21:09:4d:02:08:7f:b2:32:58:eb:ed:23:16:0e:7d:cf:9e:
c7:f2:70:6a:8d:0c:7a:62:b9:04:34:d0:91:bb:ab:fc:ec:fc:
bf:86:6a:27:3b:90:c4:47:17:f0:c2:13:5a:31:04:c0:58:fc:
c8:2a:7f:fc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkx
ODA4MTFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU0RjQzRDU5NUVCQzU2
QjhGMDBGRjMxQzBFNEY4MDhBQzk2OEU4NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtA70Jm1j8KiA1xK6ucjRbPxCaq3LQOm583WEg8ufHp1ts9oSE
AyRFsuY/kh6XdxL1DCc4vgTVb6fNE+FMEorR87AXqe+VIw/V2VO8CNUUbbqSavyW
kyD9tFh1o0kezr5NspGXUXg5zA/eJZKLGW0Behu/mL1KiAKGysimIbuD7j8YAUfV
7xNWLGWIZhw0XJnpjVsT+gtOxDBJzoM4AWwg8S48xyWviD8LniM4Er1uNz/eK9r7
loLkqFzxaDdMR0DxKs58+A953ErJNe/YwAi3vfDZyNbBBOHPExiAQAKBUNA5n5Q5
VblTxwpwGAju0GRxgD3ZPx4/NrMRF7dwsJWBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVPQ9WV68VrjwD/McDk+Aislo6FYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WUFE5V1Y2OFZyandEX01j
RGstQWlzbG82Rlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACDnN7jDjYn+YHidZmD7XnkQCm9OCGbPSDXH
F5Q3UI6pN2GlBai4ALJAILk9kcqF8nQQip36cK2S8v6Mzonc28Dz9GkeHjEzdwK7
KEyIrcndAR+1GydIlzki09NEb49iFnBqmUh1zEKQHU0FeKKdVyrnvN4V2GK4Sv+s
rUoOLfg/RkIx3H51Y0vvqvRTNwguqNq2dTCOA42W6OFIYCJ8oWHq5GgSbHqE7oUq
tOxIZtQI4ouKggbWttDhlcMNmLaZWLiDn1c5KuAhCU0CCH+yMljr7SMWDn3Pnsfy
cGqNDHpiuQQ00JG7q/zs/L+Gaic7kMRHF/DCE1oxBMBY/Mgqf/w=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:30:51 2025 by rpki-client