Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/W5YSRPi8iezSmK4xoeypiLN4b2w.roa
File: W5YSRPi8iezSmK4xoeypiLN4b2w.roa (raw, json)
Hash identifier: Vy64I0XhuNuIyYqmNP25eLmApKZwcHz0Lw64/zntK+0=
Subject key identifier: 5B:96:12:44:F8:BC:89:EC:D2:98:AE:31:A1:EC:A9:88:B3:78:6F:6C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E12
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W5YSRPi8iezSmK4xoeypiLN4b2w.roa
Signing time: Sun 25 May 2025 20:08:36 +0000
ROA not before: Sun 25 May 2025 20:08:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3602 (0xe12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 20:08:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5B961244F8BC89ECD298AE31A1ECA988B3786F6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c8:f1:6b:59:07:da:89:cd:7d:ad:66:38:10:
64:73:bd:dc:f8:98:50:cd:a9:92:9d:33:52:66:2c:
49:57:cd:14:ed:d8:02:5a:50:37:93:59:55:6d:5b:
0c:ee:ca:78:5e:a1:77:29:48:8c:25:b7:e0:09:8d:
44:8c:86:cb:ce:21:0e:8f:60:9c:12:c7:9f:95:f5:
23:15:b2:68:94:41:e8:63:99:16:d7:ff:b0:b2:96:
5a:7f:4d:28:be:3d:51:ee:4b:b5:77:a7:04:58:6e:
a4:6b:b9:39:f9:5f:06:6a:f7:6f:53:e6:b6:d3:3a:
57:fb:3c:e8:f1:08:dc:d4:25:64:a8:5c:e4:fe:d5:
d0:da:79:94:66:36:1f:d4:24:ea:28:0e:72:2b:69:
5d:42:d8:88:67:f8:4e:a9:be:a2:ed:81:59:ac:a3:
4f:42:7b:29:4f:97:91:46:a5:b4:2a:19:56:41:a0:
c7:67:f5:4a:a9:91:27:1a:ce:1e:7e:4f:ca:fd:42:
44:3a:12:09:b6:4d:30:79:62:36:06:5f:49:29:55:
47:68:36:c8:11:c2:c8:12:cc:e5:bc:7b:28:ba:0c:
81:ec:b1:0d:48:9e:1f:94:66:79:95:5f:52:99:bb:
46:f4:3b:9e:0c:51:df:84:55:67:f6:32:e3:db:de:
45:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:96:12:44:F8:BC:89:EC:D2:98:AE:31:A1:EC:A9:88:B3:78:6F:6C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/W5YSRPi8iezSmK4xoeypiLN4b2w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:07:10:60:26:b5:ef:85:aa:56:ee:7f:67:8f:3f:c3:07:86:
15:14:e7:13:75:8e:2f:c1:c8:ff:88:9c:1d:6d:5b:e3:0d:bb:
19:e1:d5:ac:c1:2c:7b:14:c9:f3:0f:4b:d7:fc:a0:be:0c:8e:
99:d9:d0:9b:49:c2:ca:92:c7:81:59:45:e7:9f:73:ba:41:0b:
3c:18:96:f8:fa:ef:c7:d2:4d:82:1c:7d:fa:b0:b8:69:9c:43:
eb:50:aa:a6:99:d2:89:53:ce:ff:37:b7:5e:1e:49:05:1d:40:
22:a6:9d:f3:74:b6:0a:2d:37:7a:b8:4c:d8:f8:03:44:89:d7:
70:d4:ca:7c:be:67:25:8f:b4:67:f9:26:9a:86:bd:2d:a7:2d:
c7:d5:52:ae:e2:8c:50:28:41:5d:9a:de:a7:c7:46:b2:0c:63:
ec:d2:58:d0:f2:2d:7a:70:2f:d4:4f:c6:41:d4:ea:b9:4f:71:
22:c9:54:17:36:b7:7f:95:49:91:25:d0:64:ee:b0:cd:6c:a5:
8c:7e:61:47:ad:95:3e:6e:17:97:e2:61:83:be:99:fb:d1:fb:
f9:80:1e:14:5e:0e:e1:90:8b:86:93:01:d1:1a:cd:be:9a:98:
e8:69:45:a0:48:2a:6d:de:1b:fd:4f:0f:34:25:4f:bb:63:fc:
68:91:47:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUy
MDA4MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVCOTYxMjQ0RjhCQzg5
RUNEMjk4QUUzMUExRUNBOTg4QjM3ODZGNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9yPFrWQfaic19rWY4EGRzvdz4mFDNqZKdM1JmLElXzRTt2AJa
UDeTWVVtWwzuynheoXcpSIwlt+AJjUSMhsvOIQ6PYJwSx5+V9SMVsmiUQehjmRbX
/7Cyllp/TSi+PVHuS7V3pwRYbqRruTn5XwZq929T5rbTOlf7POjxCNzUJWSoXOT+
1dDaeZRmNh/UJOooDnIraV1C2Ihn+E6pvqLtgVmso09CeylPl5FGpbQqGVZBoMdn
9UqpkScazh5+T8r9QkQ6Egm2TTB5YjYGX0kpVUdoNsgRwsgSzOW8eyi6DIHssQ1I
nh+UZnmVX1KZu0b0O54MUd+EVWf2MuPb3kVNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUW5YSRPi8iezSmK4xoeypiLN4b2wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XNVlTUlBpOGllelNtSzR4
b2V5cGlMTjRiMncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKoHEGAmte+Fqlbuf2ePP8MHhhUU5xN1ji/B
yP+InB1tW+MNuxnh1azBLHsUyfMPS9f8oL4MjpnZ0JtJwsqSx4FZReefc7pBCzwY
lvj678fSTYIcffqwuGmcQ+tQqqaZ0olTzv83t14eSQUdQCKmnfN0tgotN3q4TNj4
A0SJ13DUyny+ZyWPtGf5JpqGvS2nLcfVUq7ijFAoQV2a3qfHRrIMY+zSWNDyLXpw
L9RPxkHU6rlPcSLJVBc2t3+VSZEl0GTusM1spYx+YUetlT5uF5fiYYO+mfvR+/mA
HhReDuGQi4aTAdEazb6amOhpRaBIKm3eG/1PDzQlT7tj/GiRR5s=
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:17:06 2025 by rpki-client