Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_3XlYkzuFEtWwE88Zyx8MoQydMs.roa
File: _3XlYkzuFEtWwE88Zyx8MoQydMs.roa (raw, json)
Hash identifier: W15R8CdyRPSaCeWv2ZvbXzJQxHBHjA35UV98mrw8N3Y=
Subject key identifier: FF:75:E5:62:4C:EE:14:4B:56:C0:4F:3C:67:2C:7C:32:84:32:74:CB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C9E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_3XlYkzuFEtWwE88Zyx8MoQydMs.roa
Signing time: Fri 23 May 2025 21:38:32 +0000
ROA not before: Fri 23 May 2025 21:38:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3230 (0xc9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 21:38:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FF75E5624CEE144B56C04F3C672C7C32843274CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:99:e5:7f:f0:7c:86:58:ce:c2:fe:29:1b:8f:
fc:67:11:5a:63:72:88:77:31:a2:66:ff:93:cf:a8:
0d:6c:63:83:ae:95:18:2d:15:86:db:52:a0:89:55:
f7:98:1a:c3:78:b8:9f:66:07:ba:2b:a8:6d:7f:7d:
fa:be:1f:30:3b:35:94:1f:0a:86:31:83:ba:eb:dd:
77:ee:57:a8:9e:d4:9a:3f:5b:a1:25:d9:86:6c:33:
b1:9f:c6:99:30:d8:a0:b7:e9:cf:df:89:c0:1c:d7:
90:3b:25:cc:a7:23:10:f7:90:94:fc:e1:51:74:e9:
ed:27:73:3e:1f:13:53:c6:b9:91:d0:05:95:98:31:
60:5a:13:fd:a1:0e:fc:15:eb:b9:06:41:91:48:84:
4c:92:75:2d:ad:e5:4f:2b:03:90:04:d4:98:fe:a2:
12:65:38:0d:7b:8f:9f:27:4c:3b:48:1a:8a:87:75:
c8:16:eb:dc:04:d4:b3:2d:13:e9:b6:87:54:08:3e:
4e:cd:e1:c9:b5:a1:81:0c:4c:14:37:66:09:06:32:
3e:9c:55:24:07:06:9f:b6:f9:a2:c0:2d:25:b0:fb:
df:05:d9:d3:e0:15:33:77:bf:0e:8a:90:13:d8:3a:
cd:e7:66:8d:74:47:6a:0b:db:d4:e2:99:bf:c8:62:
fe:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:75:E5:62:4C:EE:14:4B:56:C0:4F:3C:67:2C:7C:32:84:32:74:CB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_3XlYkzuFEtWwE88Zyx8MoQydMs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:c5:b2:5a:28:3f:04:99:5a:47:00:31:d3:3b:e2:6b:d6:4a:
ac:87:1b:5d:1f:df:09:34:7a:53:a5:c5:42:66:dc:45:b2:9e:
f7:75:c9:f4:af:e1:4a:0c:77:a9:ab:be:f3:c7:fa:39:ba:c0:
d3:00:69:2a:a8:b2:4a:32:2b:17:7b:12:5d:9f:1c:f8:30:e5:
48:6e:b1:6c:5c:b2:0f:47:f9:96:23:9a:71:a5:f6:80:2e:dd:
1c:d6:08:c5:dc:4d:1e:17:8b:2d:3d:e1:9f:69:ef:68:e6:e3:
31:72:3f:9e:12:ef:61:fd:bb:e9:72:30:a3:9e:29:28:46:37:
74:02:83:54:b8:08:39:1e:9a:8f:79:fe:41:29:3b:91:a7:b5:
f5:00:18:e0:f8:f9:58:78:9c:53:94:cb:89:7a:3e:08:5d:53:
13:1f:ec:d1:f0:03:76:a8:8b:eb:47:c8:b5:f4:58:79:b7:6e:
9c:db:cb:69:60:bc:6e:7d:4d:79:82:51:b5:d3:d7:dc:ec:b4:
a4:ff:25:a8:4f:66:f1:ab:9f:94:2c:40:3c:22:1c:df:b4:ef:
d9:4b:12:4d:54:ae:63:23:e7:37:ec:b1:b8:e8:98:0b:d3:db:
0e:1d:23:fa:01:16:80:02:5c:6e:36:53:c6:95:a8:b1:4d:1b:
9a:4b:7d:14
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMy
MTM4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZGNzVFNTYyNENFRTE0
NEI1NkMwNEYzQzY3MkM3QzMyODQzMjc0Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQComeV/8HyGWM7C/ikbj/xnEVpjcoh3MaJm/5PPqA1sY4OulRgt
FYbbUqCJVfeYGsN4uJ9mB7orqG1/ffq+HzA7NZQfCoYxg7rr3XfuV6ie1Jo/W6El
2YZsM7Gfxpkw2KC36c/ficAc15A7JcynIxD3kJT84VF06e0ncz4fE1PGuZHQBZWY
MWBaE/2hDvwV67kGQZFIhEySdS2t5U8rA5AE1Jj+ohJlOA17j58nTDtIGoqHdcgW
69wE1LMtE+m2h1QIPk7N4cm1oYEMTBQ3ZgkGMj6cVSQHBp+2+aLALSWw+98F2dPg
FTN3vw6KkBPYOs3nZo10R2oL29Timb/IYv6pAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/3XlYkzuFEtWwE88Zyx8MoQydMswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fM1hsWWt6dUZFdFd3RTg4
Wnl4OE1vUXlkTXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACHFslooPwSZWkcAMdM74mvWSqyHG10f3wk0
elOlxUJm3EWynvd1yfSv4UoMd6mrvvPH+jm6wNMAaSqoskoyKxd7El2fHPgw5Uhu
sWxcsg9H+ZYjmnGl9oAu3RzWCMXcTR4Xiy094Z9p72jm4zFyP54S72H9u+lyMKOe
KShGN3QCg1S4CDkemo95/kEpO5GntfUAGOD4+Vh4nFOUy4l6PghdUxMf7NHwA3ao
i+tHyLX0WHm3bpzby2lgvG59TXmCUbXT19zstKT/JahPZvGrn5QsQDwiHN+079lL
Ek1UrmMj5zfssbjomAvT2w4dI/oBFoACXG42U8aVqLFNG5pLfRQ=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:49 2025 by rpki-client