Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/aRbpgIsoiy4ssC54gQd2D-5jfNE.roa
File: aRbpgIsoiy4ssC54gQd2D-5jfNE.roa (raw, json)
Hash identifier: dL26trmk4dLj+67lZDOGeQa/jR4KfSAajvrgai7pT9c=
Subject key identifier: 69:16:E9:80:8B:28:8B:2E:2C:B0:2E:78:81:07:76:0F:EE:63:7C:D1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04FE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aRbpgIsoiy4ssC54gQd2D-5jfNE.roa
Signing time: Tue 13 May 2025 17:37:57 +0000
ROA not before: Tue 13 May 2025 17:37:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1278 (0x4fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 17:37:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6916E9808B288B2E2CB02E788107760FEE637CD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:48:a4:4c:f6:5a:2e:ae:de:76:77:7c:08:
de:e9:fe:b4:c9:aa:bd:08:8b:79:88:35:9d:27:7a:
0e:1b:02:4d:1e:e1:f3:13:2d:b1:23:ab:3a:cd:c3:
97:5f:7f:d1:e2:b9:d2:0f:07:47:c8:9d:79:a2:c1:
87:c0:78:99:0d:07:47:67:de:5c:06:9e:0e:6f:1c:
f2:9d:8f:51:ae:bc:31:df:27:64:b3:40:a0:2d:3c:
49:84:49:24:49:40:ba:85:46:62:35:5e:ea:0a:45:
98:b7:75:f1:6d:51:7c:0a:e8:ec:0a:e7:2f:cd:f3:
28:d2:1b:e0:c1:8c:9d:35:16:78:d8:f5:80:dc:c9:
f7:ff:8c:c5:58:e0:07:5c:58:69:2e:b0:7a:d7:10:
e8:8a:d4:42:57:80:d3:96:a2:ec:12:ed:7a:fb:af:
a1:ac:01:a0:2d:22:c8:4d:96:b9:83:1c:89:13:f9:
24:ce:be:33:ec:15:4e:7c:6f:3a:8b:c6:de:79:cc:
30:36:45:54:ad:f9:b1:89:a6:b4:6c:49:c7:b8:61:
87:ac:e4:52:73:11:a8:c9:36:24:da:13:74:58:b7:
40:33:71:6f:d0:eb:fb:b8:2b:7f:68:53:2e:df:80:
11:d4:0f:e4:95:65:88:68:57:00:61:a8:cc:62:67:
b0:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:16:E9:80:8B:28:8B:2E:2C:B0:2E:78:81:07:76:0F:EE:63:7C:D1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/aRbpgIsoiy4ssC54gQd2D-5jfNE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:46:46:23:23:1b:b8:5d:8e:5a:38:d0:69:83:f1:d8:7e:e5:
f4:08:5d:d1:62:c4:19:29:f4:88:38:c3:81:4c:28:6a:48:7a:
42:da:f7:57:c6:7f:ae:46:4a:76:8e:6b:18:b2:3a:77:33:38:
53:d0:2c:73:67:e2:0e:51:ed:50:02:57:29:d0:48:37:9c:31:
77:07:a1:4e:3d:23:93:e2:b0:74:fd:64:09:97:5e:58:32:b5:
c8:c7:04:ee:4f:f0:42:b9:d8:92:69:9c:4c:88:76:66:e7:58:
59:28:0e:10:60:88:b6:4c:a1:80:b7:40:58:ff:6e:56:c7:74:
6b:9e:3f:01:af:82:35:5f:ea:5f:6a:a3:e1:97:d5:53:8c:f7:
b6:f2:a9:1f:b0:74:42:56:5a:0b:55:bf:bb:6e:96:1d:3c:d6:
fe:86:b5:a2:9c:e9:46:4c:92:f1:58:bc:ec:a2:26:b8:ea:7b:
74:fc:e0:4a:01:41:03:6d:fa:2c:47:36:ca:fd:3a:e5:c6:6a:
74:17:5c:db:86:6e:7e:54:8d:bf:52:06:c8:79:14:8d:a2:4f:
f3:4e:2a:ab:8d:5a:45:bf:6c:cb:2a:d0:19:01:73:b7:5a:80:
46:e7:3b:8a:72:c5:f6:ab:e9:e8:13:c4:27:19:5b:86:fd:af:
60:91:1f:25
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMx
NzM3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY5MTZFOTgwOEIyODhC
MkUyQ0IwMkU3ODgxMDc3NjBGRUU2MzdDRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5mUikTPZaLq7ednd8CN7p/rTJqr0Ii3mINZ0neg4bAk0e4fMT
LbEjqzrNw5dff9HiudIPB0fInXmiwYfAeJkNB0dn3lwGng5vHPKdj1GuvDHfJ2Sz
QKAtPEmESSRJQLqFRmI1XuoKRZi3dfFtUXwK6OwK5y/N8yjSG+DBjJ01FnjY9YDc
yff/jMVY4AdcWGkusHrXEOiK1EJXgNOWouwS7Xr7r6GsAaAtIshNlrmDHIkT+STO
vjPsFU58bzqLxt55zDA2RVSt+bGJprRsSce4YYes5FJzEajJNiTaE3RYt0AzcW/Q
6/u4K39oUy7fgBHUD+SVZYhoVwBhqMxiZ7DTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUaRbpgIsoiy4ssC54gQd2D+5jfNEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9hUmJwZ0lzb2l5NHNzQzU0
Z1FkMkQtNWpmTkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFNGRiMjG7hdjlo40GmD8dh+5fQIXdFixBkp
9Ig4w4FMKGpIekLa91fGf65GSnaOaxiyOnczOFPQLHNn4g5R7VACVynQSDecMXcH
oU49I5PisHT9ZAmXXlgytcjHBO5P8EK52JJpnEyIdmbnWFkoDhBgiLZMoYC3QFj/
blbHdGuePwGvgjVf6l9qo+GX1VOM97byqR+wdEJWWgtVv7tulh081v6GtaKc6UZM
kvFYvOyiJrjqe3T84EoBQQNt+ixHNsr9OuXGanQXXNuGbn5Ujb9SBsh5FI2iT/NO
KquNWkW/bMsq0BkBc7dagEbnO4pyxfar6egTxCcZW4b9r2CRHyU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:10:17 2025 by rpki-client