Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XPsV6ZOBBobIoTEIvwlXx8MI3Zs.roa
File: XPsV6ZOBBobIoTEIvwlXx8MI3Zs.roa (raw, json)
Hash identifier: ejUY+gXrSL0MZEcqk+/WR/CSnR3EABzllvzESltqmLY=
Subject key identifier: 5C:FB:15:E9:93:81:06:86:C8:A1:31:08:BF:09:57:C7:C3:08:DD:9B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E06
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XPsV6ZOBBobIoTEIvwlXx8MI3Zs.roa
Signing time: Sun 25 May 2025 18:38:36 +0000
ROA not before: Sun 25 May 2025 18:38:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3590 (0xe06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 18:38:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5CFB15E993810686C8A13108BF0957C7C308DD9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:48:c1:9a:95:25:c6:eb:93:78:7f:23:87:86:
23:7c:96:f1:fa:3f:9d:65:1c:29:58:bf:f3:06:f0:
2a:7d:c7:65:06:30:03:fd:0a:92:0d:96:e9:fa:05:
d6:99:51:9e:06:08:c4:61:ee:19:56:f4:4e:df:dd:
ea:93:84:18:12:cd:e6:e1:0e:bb:a1:79:dc:4a:8d:
f3:1f:c1:86:1f:4e:63:aa:d1:7d:f7:8d:53:43:ac:
49:35:fd:fc:c5:f6:e9:94:1a:d2:3a:42:6a:b9:a2:
83:e0:b5:b6:c7:f8:1c:03:f5:19:fd:21:ef:e1:af:
b3:53:60:a9:f5:0b:6d:b6:ea:b3:a8:1e:b1:ac:ff:
81:4f:91:84:9a:f5:52:09:7f:4f:2e:69:d2:9e:b4:
32:99:86:ba:0d:59:b3:27:6f:82:6c:3c:92:c6:05:
54:26:0b:5d:41:da:7a:fa:d2:9b:aa:88:7d:64:bb:
ec:b6:81:9d:af:67:1f:89:1c:26:4b:59:51:5c:22:
8e:02:a6:63:7e:39:ce:13:eb:51:84:23:11:c6:13:
33:16:66:32:d3:b3:f4:b6:bf:63:8d:7e:99:f9:1b:
26:76:31:06:fc:ae:aa:a5:04:4a:74:8c:73:28:b4:
c9:74:9f:01:e4:28:e7:06:a5:38:e8:8c:8c:1b:4c:
49:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FB:15:E9:93:81:06:86:C8:A1:31:08:BF:09:57:C7:C3:08:DD:9B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XPsV6ZOBBobIoTEIvwlXx8MI3Zs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:7d:10:e8:fa:9c:4c:40:62:3e:a7:8d:83:74:b0:50:57:d2:
50:df:f9:9b:41:6f:e0:70:e7:31:30:f9:c3:26:7b:2d:e6:5d:
61:a9:78:62:46:d1:9d:7c:0e:16:23:62:14:3b:cd:3d:58:65:
fa:c7:57:bd:7c:ea:b9:f6:59:69:b4:54:d6:b1:ab:cf:d2:2d:
de:af:92:0e:0e:80:c4:83:f9:af:0a:8f:b3:ea:0c:75:17:58:
61:7c:58:41:14:9e:3a:f5:73:8f:52:d9:df:41:30:64:6a:5e:
15:ff:fe:e2:d7:ee:3c:b9:3e:c6:17:f9:e9:4a:aa:cf:2f:7f:
a4:34:d4:a0:df:d9:3c:77:52:5c:26:fe:7c:2a:09:6b:e8:42:
92:91:a9:fd:bf:f4:bc:0d:63:fd:37:81:d5:0e:9f:ed:cc:a6:
cc:40:4a:e0:5b:20:2b:82:29:fc:e7:5f:ed:66:4d:19:41:d0:
f5:e9:2a:7a:df:74:3c:36:08:0d:41:d3:d0:0c:83:bc:50:ef:
b3:c1:d6:ce:d5:2b:2d:c2:b4:b0:e1:8a:8f:5b:c4:19:23:9e:
68:1d:84:6c:15:17:83:e4:c8:71:c5:6d:8a:77:e8:02:a2:a2:
ff:41:8c:67:a4:ca:d3:f6:43:60:ea:1d:48:ae:94:d1:23:fd:
d5:f5:86:f4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDgYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUx
ODM4MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVDRkIxNUU5OTM4MTA2
ODZDOEExMzEwOEJGMDk1N0M3QzMwOEREOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJSMGalSXG65N4fyOHhiN8lvH6P51lHClYv/MG8Cp9x2UGMAP9
CpINlun6BdaZUZ4GCMRh7hlW9E7f3eqThBgSzebhDruhedxKjfMfwYYfTmOq0X33
jVNDrEk1/fzF9umUGtI6Qmq5ooPgtbbH+BwD9Rn9Ie/hr7NTYKn1C2226rOoHrGs
/4FPkYSa9VIJf08uadKetDKZhroNWbMnb4JsPJLGBVQmC11B2nr60puqiH1ku+y2
gZ2vZx+JHCZLWVFcIo4CpmN+Oc4T61GEIxHGEzMWZjLTs/S2v2ONfpn5GyZ2MQb8
rqqlBEp0jHMotMl0nwHkKOcGpTjojIwbTEnrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXPsV6ZOBBobIoTEIvwlXx8MI3ZswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YUHNWNlpPQkJvYklvVEVJ
dndsWHg4TUkzWnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEx9EOj6nExAYj6njYN0sFBX0lDf+ZtBb+Bw
5zEw+cMmey3mXWGpeGJG0Z18DhYjYhQ7zT1YZfrHV7186rn2WWm0VNaxq8/SLd6v
kg4OgMSD+a8Kj7PqDHUXWGF8WEEUnjr1c49S2d9BMGRqXhX//uLX7jy5PsYX+elK
qs8vf6Q01KDf2Tx3Ulwm/nwqCWvoQpKRqf2/9LwNY/03gdUOn+3MpsxASuBbICuC
KfznX+1mTRlB0PXpKnrfdDw2CA1B09AMg7xQ77PB1s7VKy3CtLDhio9bxBkjnmgd
hGwVF4PkyHHFbYp36AKiov9BjGekytP2Q2DqHUiulNEj/dX1hvQ=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:06:02 2025 by rpki-client