Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/W4qeE2VbVR9L2xF0SGxyQZRGnWU.roa
File: W4qeE2VbVR9L2xF0SGxyQZRGnWU.roa (raw, json)
Hash identifier: Gg2kCI6d8YJ9AIiDWcTuhaF3b6q6AYhccoM6WEWak3M=
Subject key identifier: 5B:8A:9E:13:65:5B:55:1F:4B:DB:11:74:48:6C:72:41:94:46:9D:65
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DEE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W4qeE2VbVR9L2xF0SGxyQZRGnWU.roa
Signing time: Sun 25 May 2025 15:38:35 +0000
ROA not before: Sun 25 May 2025 15:38:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3566 (0xdee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 15:38:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5B8A9E13655B551F4BDB1174486C724194469D65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3c:60:1e:96:de:fe:a4:db:82:7a:b4:c3:e4:
ca:43:d3:2c:10:e7:48:02:0f:0c:0c:d4:9d:e5:2e:
6a:a4:7a:29:a9:55:53:3c:ba:a5:a6:ba:af:08:21:
d4:91:42:19:41:46:06:19:fc:a9:b6:c2:39:b3:1d:
13:c6:fc:41:d3:bc:71:70:01:b5:ff:4d:68:d4:e7:
05:3b:ca:fe:a3:ff:ab:04:f6:a5:e5:d0:ad:0d:09:
95:c2:26:16:fe:15:a8:b5:7d:1d:ef:49:7a:ec:ba:
3b:88:27:07:db:81:40:7c:2f:e8:8b:72:17:9f:f3:
a0:39:07:92:f3:1b:b3:b6:ad:03:62:0e:ba:62:38:
1d:b1:6a:1c:b2:86:9a:33:29:34:12:62:1e:34:1d:
62:55:59:6d:05:03:17:0b:50:e2:e0:fa:45:d2:f8:
3d:e1:b0:c7:a4:ad:f3:08:f3:9d:a0:05:b5:fa:65:
a7:9a:a4:16:54:0f:33:10:0a:ba:b5:e2:c8:e9:a2:
09:19:f1:a7:dd:a0:b1:6d:c2:65:55:02:44:f6:fc:
bc:05:96:01:cd:3f:59:03:20:9f:a4:91:2e:a4:f6:
31:21:d5:a1:00:d1:4d:d2:07:eb:fa:30:34:44:72:
68:d5:db:69:d3:b3:b0:26:50:06:7f:c5:97:81:d3:
c6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8A:9E:13:65:5B:55:1F:4B:DB:11:74:48:6C:72:41:94:46:9D:65
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W4qeE2VbVR9L2xF0SGxyQZRGnWU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:67:4c:66:90:48:25:0c:df:1b:46:c3:af:d2:3a:d2:96:36:
71:f6:7f:d4:46:8e:a3:5c:17:7a:55:b8:8c:7e:a5:a8:c3:5a:
37:71:bf:fc:45:2f:82:2e:bc:e5:02:0b:a9:0d:d6:7c:b0:34:
31:53:8d:5c:f6:21:3b:05:c9:f4:1e:b5:47:b6:28:4a:46:1b:
1e:61:b0:34:66:0b:ab:f4:57:8a:78:8c:89:fa:1c:ae:e2:cb:
c0:08:de:5c:20:e8:b2:ef:b5:2f:e3:8e:21:2a:28:88:95:b7:
65:ea:c8:d1:fa:66:1e:20:02:e0:43:bf:92:70:9a:29:d6:31:
e2:73:d7:3d:91:65:10:f6:6f:79:5f:ed:d5:8c:17:30:be:d6:
8a:d8:07:15:6e:0c:3c:e1:65:30:2a:9b:e6:d5:3f:2c:55:b1:
5e:1a:d2:2b:a8:a7:fd:e0:e7:c7:63:ad:82:a2:22:ea:d1:12:
39:df:13:6a:38:25:8f:3b:d0:0d:49:5f:a7:d8:25:21:bd:c7:
12:82:86:c2:67:ac:b9:7a:11:b6:32:20:04:47:a6:4f:18:af:
94:0c:07:5c:bd:30:11:03:b8:5e:0d:b9:c3:d5:d7:80:50:54:
61:16:96:fb:f9:c6:05:f4:07:dc:ba:0c:eb:d0:5e:f0:99:30:
e6:6b:0d:de
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUx
NTM4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVCOEE5RTEzNjU1QjU1
MUY0QkRCMTE3NDQ4NkM3MjQxOTQ0NjlENjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSPGAelt7+pNuCerTD5MpD0ywQ50gCDwwM1J3lLmqkeimpVVM8
uqWmuq8IIdSRQhlBRgYZ/Km2wjmzHRPG/EHTvHFwAbX/TWjU5wU7yv6j/6sE9qXl
0K0NCZXCJhb+Fai1fR3vSXrsujuIJwfbgUB8L+iLchef86A5B5LzG7O2rQNiDrpi
OB2xahyyhpozKTQSYh40HWJVWW0FAxcLUOLg+kXS+D3hsMekrfMI852gBbX6Zaea
pBZUDzMQCrq14sjpogkZ8afdoLFtwmVVAkT2/LwFlgHNP1kDIJ+kkS6k9jEh1aEA
0U3SB+v6MDREcmjV22nTs7AmUAZ/xZeB08YHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUW4qeE2VbVR9L2xF0SGxyQZRGnWUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XNHFlRTJWYlZSOUwyeEYw
U0d4eVFaUkduV1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEZnTGaQSCUM3xtGw6/SOtKWNnH2f9RGjqNc
F3pVuIx+pajDWjdxv/xFL4IuvOUCC6kN1nywNDFTjVz2ITsFyfQetUe2KEpGGx5h
sDRmC6v0V4p4jIn6HK7iy8AI3lwg6LLvtS/jjiEqKIiVt2XqyNH6Zh4gAuBDv5Jw
minWMeJz1z2RZRD2b3lf7dWMFzC+1orYBxVuDDzhZTAqm+bVPyxVsV4a0iuop/3g
58djrYKiIurREjnfE2o4JY870A1JX6fYJSG9xxKChsJnrLl6EbYyIARHpk8Yr5QM
B1y9MBEDuF4NucPV14BQVGEWlvv5xgX0B9y6DOvQXvCZMOZrDd4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:18:12 2025 by rpki-client