Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/VSKuIBzYLgGM_vR0_S6P6yc49yY.roa
File: VSKuIBzYLgGM_vR0_S6P6yc49yY.roa (raw, json)
Hash identifier: Laq1kh3jPJCPDBkwb+avj8UrmBLL+fc8dqvYJf5esFQ=
Subject key identifier: 55:22:AE:20:1C:D8:2E:01:8C:FE:F4:74:FD:2E:8F:EB:27:38:F7:26
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0ABE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VSKuIBzYLgGM_vR0_S6P6yc49yY.roa
Signing time: Wed 21 May 2025 09:38:18 +0000
ROA not before: Wed 21 May 2025 09:38:18 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2750 (0xabe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 09:38:18 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5522AE201CD82E018CFEF474FD2E8FEB2738F726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:db:af:a2:26:38:54:dd:27:0a:96:29:c3:54:
67:2b:10:e2:9e:75:ae:4e:6b:da:ef:dd:92:29:54:
45:f7:47:6f:2e:d7:b6:01:93:c8:19:a4:de:5c:bf:
48:8f:5d:d6:04:e7:ed:8e:85:66:25:05:75:8c:f4:
cd:58:96:59:5d:e1:6a:17:82:a3:5f:ef:6e:96:9a:
1b:4b:0b:ff:1f:c2:84:2b:06:7c:2e:b0:48:69:69:
99:e7:cb:66:d9:08:67:88:16:10:d5:1a:82:f7:c9:
eb:40:d9:d3:58:1d:5c:5f:ad:08:06:c9:6b:7b:7d:
7a:b8:73:e7:a3:ee:aa:27:a5:18:58:0d:af:f3:23:
93:1b:98:cb:58:38:7a:6e:ff:96:da:e1:f9:30:be:
d3:f6:61:96:92:cd:83:17:ae:3a:62:15:78:54:a6:
6c:06:53:ec:40:1a:58:11:e1:59:9f:3f:15:69:ed:
be:b1:b1:64:be:6a:62:d9:1a:d8:a2:3c:f4:b3:4f:
6b:a7:85:0a:8a:73:c9:69:96:0b:a0:f4:57:ad:5e:
ff:bf:d1:33:30:be:45:c8:36:ff:5e:f5:a5:d2:8c:
25:b1:35:e0:cb:78:10:55:3b:16:ef:b9:c2:70:1a:
85:62:25:c6:43:5e:e3:33:04:98:a0:a9:15:21:7b:
a4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:22:AE:20:1C:D8:2E:01:8C:FE:F4:74:FD:2E:8F:EB:27:38:F7:26
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/VSKuIBzYLgGM_vR0_S6P6yc49yY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:e3:45:08:ed:f0:58:da:d2:7d:a7:a1:e0:e7:2f:ff:0e:9b:
ec:65:f0:87:08:44:0d:02:46:46:36:bc:95:9c:c6:40:b4:3f:
ce:d4:da:bc:f0:1e:a0:c1:a7:7d:70:af:9e:a2:e3:54:7b:d8:
e0:8f:9c:7e:7f:78:e5:93:3e:ce:60:f0:35:76:41:ac:93:99:
b3:b9:38:2b:02:d6:a5:9f:cb:0a:d8:fe:f2:2b:74:6f:52:d4:
4b:f9:a6:48:2e:a8:e3:e1:86:20:41:1a:ef:26:d6:88:0c:45:
60:8b:5c:29:10:bf:7d:c1:a7:56:2c:fb:e0:c1:2f:ce:59:a1:
5a:26:5e:03:79:bb:fc:dd:60:ca:ff:f4:ed:56:de:e4:85:2b:
f3:12:d9:de:96:f9:69:cc:25:36:7d:e0:99:3b:99:3f:7f:b4:
8a:a0:c2:80:db:33:48:fe:02:bf:34:64:e0:a3:91:ca:05:6c:
f2:0d:55:87:c4:5b:0d:e0:de:59:1f:17:1b:3e:ba:9f:6f:e0:
d6:b7:15:61:58:db:40:06:b4:66:c1:0a:f5:9c:01:f4:30:f7:
bc:a2:d5:ed:d8:34:79:ba:58:16:66:52:81:35:95:d7:a4:c0:
03:0d:fa:db:18:91:94:9a:5d:24:43:f4:51:14:f4:19:bd:d6:
44:a3:cc:e5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
OTM4MThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDU1MjJBRTIwMUNEODJF
MDE4Q0ZFRjQ3NEZEMkU4RkVCMjczOEY3MjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK26+iJjhU3ScKlinDVGcrEOKeda5Oa9rv3ZIpVEX3R28u17YB
k8gZpN5cv0iPXdYE5+2OhWYlBXWM9M1Yllld4WoXgqNf726WmhtLC/8fwoQrBnwu
sEhpaZnny2bZCGeIFhDVGoL3yetA2dNYHVxfrQgGyWt7fXq4c+ej7qonpRhYDa/z
I5MbmMtYOHpu/5ba4fkwvtP2YZaSzYMXrjpiFXhUpmwGU+xAGlgR4VmfPxVp7b6x
sWS+amLZGtiiPPSzT2unhQqKc8lplgug9FetXv+/0TMwvkXINv9e9aXSjCWxNeDL
eBBVOxbvucJwGoViJcZDXuMzBJigqRUhe6QJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUVSKuIBzYLgGM/vR0/S6P6yc49yYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9WU0t1SUJ6WUxnR01fdlIw
X1M2UDZ5YzQ5eVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABXjRQjt8Fja0n2noeDnL/8Om+xl8IcIRA0C
RkY2vJWcxkC0P87U2rzwHqDBp31wr56i41R72OCPnH5/eOWTPs5g8DV2QayTmbO5
OCsC1qWfywrY/vIrdG9S1Ev5pkguqOPhhiBBGu8m1ogMRWCLXCkQv33Bp1Ys++DB
L85ZoVomXgN5u/zdYMr/9O1W3uSFK/MS2d6W+WnMJTZ94Jk7mT9/tIqgwoDbM0j+
Ar80ZOCjkcoFbPINVYfEWw3g3lkfFxs+up9v4Na3FWFY20AGtGbBCvWcAfQw97yi
1e3YNHm6WBZmUoE1ldekwAMN+tsYkZSaXSRD9FEU9Bm91kSjzOU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:32:33 2025 by rpki-client