Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/XzRM3fsuOzbkgEP6HKNTa59u-1k.roa
File: XzRM3fsuOzbkgEP6HKNTa59u-1k.roa (raw, json)
Hash identifier: /b9nFZRGWZsIDrUUCaHN4uI5QH9vgehhOwhxQTv6e7o=
Subject key identifier: 5F:34:4C:DD:FB:2E:3B:36:E4:80:43:FA:1C:A3:53:6B:9F:6E:FB:59
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E76
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XzRM3fsuOzbkgEP6HKNTa59u-1k.roa
Signing time: Mon 26 May 2025 08:38:40 +0000
ROA not before: Mon 26 May 2025 08:38:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3702 (0xe76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 08:38:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5F344CDDFB2E3B36E48043FA1CA3536B9F6EFB59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:43:17:b1:be:ff:23:15:df:7b:1e:89:83:
53:31:9c:db:92:b7:62:06:7d:70:2a:c4:97:74:e5:
84:a6:c5:3a:55:d1:5e:df:bd:da:20:ca:24:67:f7:
49:6a:99:fb:1f:ca:ae:ef:64:93:1b:2b:13:5c:22:
03:94:34:50:2a:7c:c2:9a:e0:66:46:cf:02:63:f6:
9e:fa:79:31:d8:0e:c9:19:e9:80:13:12:03:5b:a4:
3e:be:e3:07:8f:d5:34:6c:0c:18:3a:15:bb:0d:74:
f8:4c:f6:f6:a4:51:40:fc:60:09:6b:07:0a:48:c6:
39:60:46:46:3c:b8:77:c7:80:09:65:51:ca:63:22:
7e:76:ad:cd:e8:9b:5d:88:6f:fd:f6:72:64:96:cc:
bf:83:71:c4:ba:8e:97:86:46:95:3e:9b:f5:5b:12:
bf:7b:f3:e3:12:9e:10:e4:97:9c:c4:43:72:e0:64:
24:5a:1f:6a:93:aa:b3:8a:96:8e:e4:97:59:a2:bb:
57:71:79:ce:6f:d8:4b:59:c5:c4:88:b2:66:69:c7:
29:3d:28:17:cc:3b:67:b8:61:d6:c8:aa:53:9a:3a:
26:14:c1:4d:06:2b:29:d5:7e:dd:9a:80:9f:1d:14:
9e:f2:b0:89:a9:ab:3b:f2:31:dd:2f:6d:4b:3e:d3:
f2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:34:4C:DD:FB:2E:3B:36:E4:80:43:FA:1C:A3:53:6B:9F:6E:FB:59
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/XzRM3fsuOzbkgEP6HKNTa59u-1k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:ae:56:1a:e2:f8:84:71:15:9e:3e:71:c3:d3:ca:60:a5:b3:
fa:d0:b1:0d:40:15:97:15:b9:92:e3:0d:5a:34:e8:1d:de:23:
cf:38:40:04:4a:41:4b:55:8e:f2:64:e6:36:f1:02:4b:69:cc:
8f:91:11:25:87:da:29:12:a0:f3:71:27:89:1c:a5:42:ce:4c:
39:6b:d1:59:09:51:a8:80:df:54:2f:cc:c2:a7:d6:fd:39:cb:
2a:bc:a0:48:71:1c:cb:b3:bb:6a:40:1b:94:54:25:1d:ba:fd:
ab:82:58:c9:3b:c4:22:ce:49:b8:aa:03:9f:d8:2f:a8:99:43:
d0:8c:0b:9a:a9:21:c1:d8:53:dc:5e:26:7c:18:c7:a3:db:80:
ee:40:21:e4:a3:6b:53:15:e4:83:52:c4:ac:92:69:79:77:00:
ef:62:0a:e2:98:20:60:20:bc:1b:17:06:d7:41:df:77:76:8d:
3a:66:c3:9e:93:e2:1d:11:f0:c3:24:90:70:95:ae:c2:d9:f8:
b0:d8:47:2b:92:a9:55:21:02:22:06:5f:fc:a8:79:9b:c4:60:
9f:58:ae:35:20:ca:06:1c:af:3c:0f:b8:f2:f4:2e:bc:be:32:
52:f8:af:03:08:45:fe:63:77:1a:75:15:88:a3:e2:dc:c3:ee:
ff:36:d9:5f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
ODM4NDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVGMzQ0Q0RERkIyRTNC
MzZFNDgwNDNGQTFDQTM1MzZCOUY2RUZCNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC37kMXsb7/IxXfex6Jg1MxnNuSt2IGfXAqxJd05YSmxTpV0V7f
vdogyiRn90lqmfsfyq7vZJMbKxNcIgOUNFAqfMKa4GZGzwJj9p76eTHYDskZ6YAT
EgNbpD6+4weP1TRsDBg6FbsNdPhM9vakUUD8YAlrBwpIxjlgRkY8uHfHgAllUcpj
In52rc3om12Ib/32cmSWzL+DccS6jpeGRpU+m/VbEr978+MSnhDkl5zEQ3LgZCRa
H2qTqrOKlo7kl1miu1dxec5v2EtZxcSIsmZpxyk9KBfMO2e4YdbIqlOaOiYUwU0G
KynVft2agJ8dFJ7ysImpqzvyMd0vbUs+0/J1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUXzRM3fsuOzbkgEP6HKNTa59u+1kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9YelJNM2ZzdU96YmtnRVA2
SEtOVGE1OXUtMWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHKuVhri+IRxFZ4+ccPTymCls/rQsQ1AFZcV
uZLjDVo06B3eI884QARKQUtVjvJk5jbxAktpzI+RESWH2ikSoPNxJ4kcpULOTDlr
0VkJUaiA31QvzMKn1v05yyq8oEhxHMuzu2pAG5RUJR26/auCWMk7xCLOSbiqA5/Y
L6iZQ9CMC5qpIcHYU9xeJnwYx6PbgO5AIeSja1MV5INSxKySaXl3AO9iCuKYIGAg
vBsXBtdB33d2jTpmw56T4h0R8MMkkHCVrsLZ+LDYRyuSqVUhAiIGX/yoeZvEYJ9Y
rjUgygYcrzwPuPL0Lry+MlL4rwMIRf5jdxp1FYij4tzD7v822V8=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:28:07 2025 by rpki-client