Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aPD33ySXXqB-WSoBcbQdlQRmEZg.roa
File: aPD33ySXXqB-WSoBcbQdlQRmEZg.roa (raw, json)
Hash identifier: 5qKAAyXJSVW0hX5eGDX4jF8xwuXiUQnrpNmwZ4U95Ak=
Subject key identifier: 68:F0:F7:DF:24:97:5E:A0:7E:59:2A:01:71:B4:1D:95:04:66:11:98
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BD2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aPD33ySXXqB-WSoBcbQdlQRmEZg.roa
Signing time: Thu 22 May 2025 20:08:24 +0000
ROA not before: Thu 22 May 2025 20:08:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3026 (0xbd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 20:08:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=68F0F7DF24975EA07E592A0171B41D9504661198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:91:c3:0a:5e:8c:40:90:63:a9:e4:e0:f6:
3c:f6:6c:bb:d8:2d:7f:0e:b6:5e:7c:79:83:3d:15:
be:91:5f:d8:41:39:c4:85:1d:b5:0e:69:fc:6b:34:
d5:1e:20:cf:bc:48:3d:8a:cc:4e:f2:46:9b:fd:c5:
95:d7:b9:56:8c:04:29:ca:45:8a:5a:d2:85:b6:a2:
30:0a:1e:21:56:39:87:a9:8d:86:59:9b:01:49:06:
bc:e2:58:1e:8b:3c:6c:16:3b:55:6c:16:d4:2a:cd:
05:fe:af:1b:f3:ae:9c:79:41:09:41:d9:5d:43:da:
e9:52:5e:2a:a7:e7:8d:8b:7d:57:e4:b1:29:33:85:
1d:b4:ba:fa:65:dd:90:6a:78:ef:16:3b:33:68:f8:
3e:9a:0d:42:4d:5e:0b:3e:0d:78:3f:76:bd:ee:d0:
e4:3f:af:11:ea:c0:94:bd:e7:28:38:fa:00:61:c4:
53:2c:c4:77:83:be:51:2d:98:29:97:6e:cb:86:33:
42:3e:05:e0:1d:d0:c1:36:8b:64:c3:e4:e9:e0:2e:
52:8e:98:54:0b:55:d7:b4:45:00:83:dd:41:3b:b0:
bc:87:94:2d:bf:00:2c:d0:e3:2f:fc:b2:e2:74:ad:
bc:93:65:f2:45:15:b7:d9:fe:be:b0:e9:ae:9f:f9:
51:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F0:F7:DF:24:97:5E:A0:7E:59:2A:01:71:B4:1D:95:04:66:11:98
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aPD33ySXXqB-WSoBcbQdlQRmEZg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:b3:a1:44:d7:ac:07:a0:80:46:ef:91:ff:0e:fc:54:78:91:
85:76:f3:53:b0:42:ff:e0:b7:88:df:da:42:4a:4d:96:a6:18:
f6:5b:c3:0a:77:a3:1e:c4:00:8c:01:e4:03:9c:a0:8b:98:21:
8e:49:47:1e:bf:7f:63:b9:a3:6a:be:eb:3a:25:cd:ab:c1:63:
74:9f:b3:44:7e:91:ad:f4:46:0e:f1:67:b5:39:24:3e:9f:67:
31:4b:f3:38:6f:ae:cc:ef:52:4f:2c:43:16:21:12:a1:09:c7:
8d:50:3d:46:99:b7:88:04:be:70:2c:b4:c2:04:3a:02:4d:9c:
e1:ae:cf:32:68:9c:de:ac:78:66:9c:37:e0:ca:8b:1b:b9:ba:
fc:e8:f8:f2:79:05:03:c9:d2:b6:f4:2e:c6:69:ae:05:92:90:
28:7d:04:54:0a:6c:38:9e:93:1f:a1:6b:01:c2:69:90:6e:8d:
c4:33:b2:4f:a3:e6:59:bc:46:8f:68:8c:44:42:0f:b9:6a:f9:
1d:85:f2:0c:f3:67:19:1e:d8:7a:52:2f:1e:7f:27:71:88:63:
f0:e6:6a:24:9a:cc:3b:ad:04:a5:f9:71:4d:2e:e7:f7:36:d9:
a5:31:38:f6:8d:ea:6d:a0:ee:ff:96:24:b3:1f:8e:5a:39:d3:
cd:c3:a8:8f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIy
MDA4MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY4RjBGN0RGMjQ5NzVF
QTA3RTU5MkEwMTcxQjQxRDk1MDQ2NjExOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2BZHDCl6MQJBjqeTg9jz2bLvYLX8Otl58eYM9Fb6RX9hBOcSF
HbUOafxrNNUeIM+8SD2KzE7yRpv9xZXXuVaMBCnKRYpa0oW2ojAKHiFWOYepjYZZ
mwFJBrziWB6LPGwWO1VsFtQqzQX+rxvzrpx5QQlB2V1D2ulSXiqn542LfVfksSkz
hR20uvpl3ZBqeO8WOzNo+D6aDUJNXgs+DXg/dr3u0OQ/rxHqwJS95yg4+gBhxFMs
xHeDvlEtmCmXbsuGM0I+BeAd0ME2i2TD5OngLlKOmFQLVde0RQCD3UE7sLyHlC2/
ACzQ4y/8suJ0rbyTZfJFFbfZ/r6w6a6f+VG3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaPD33ySXXqB+WSoBcbQdlQRmEZgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hUEQzM3lTWFhxQi1XU29C
Y2JRZGxRUm1FWmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADGzoUTXrAeggEbvkf8O/FR4kYV281OwQv/g
t4jf2kJKTZamGPZbwwp3ox7EAIwB5AOcoIuYIY5JRx6/f2O5o2q+6zolzavBY3Sf
s0R+ka30Rg7xZ7U5JD6fZzFL8zhvrszvUk8sQxYhEqEJx41QPUaZt4gEvnAstMIE
OgJNnOGuzzJonN6seGacN+DKixu5uvzo+PJ5BQPJ0rb0LsZprgWSkCh9BFQKbDie
kx+hawHCaZBujcQzsk+j5lm8Ro9ojERCD7lq+R2F8gzzZxke2HpSLx5/J3GIY/Dm
aiSazDutBKX5cU0u5/c22aUxOPaN6m2g7v+WJLMfjlo5083DqI8=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:24:48 2025 by rpki-client