Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bE9daKuyK0cA9yxizt42HXLYhD8.roa
File: bE9daKuyK0cA9yxizt42HXLYhD8.roa (raw, json)
Hash identifier: 9Cf5iS2lckwBSBygrkI4XXwM7B0Qb0m1kiMYvbhnqvA=
Subject key identifier: 6C:4F:5D:68:AB:B2:2B:47:00:F7:2C:62:CE:DE:36:1D:72:D8:84:3F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C4A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bE9daKuyK0cA9yxizt42HXLYhD8.roa
Signing time: Fri 23 May 2025 11:08:44 +0000
ROA not before: Fri 23 May 2025 11:08:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3146 (0xc4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 11:08:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6C4F5D68ABB22B4700F72C62CEDE361D72D8843F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:fc:b3:4a:6b:6e:66:64:8c:a7:8e:2c:fa:3f:
8f:12:50:56:50:4d:cb:4e:97:ce:04:31:8f:c0:f5:
40:2e:d7:3a:8d:9f:3f:00:2e:66:70:62:09:c3:89:
8d:6b:9c:c8:78:ae:f5:e8:30:45:29:8e:20:2c:13:
32:aa:de:8b:ae:01:48:f9:0c:ed:02:e0:3b:1a:af:
48:38:78:fb:b5:81:58:91:61:07:8b:c8:1e:69:7c:
e8:a4:8a:dd:aa:80:7b:2a:cf:7d:61:0a:15:39:59:
38:bc:df:df:63:5c:0e:40:26:93:a2:e6:d8:83:58:
6a:96:01:8b:d1:1a:69:a0:00:7a:23:6a:eb:1e:32:
71:ac:fe:d0:03:e5:99:90:76:de:31:27:2c:9c:4e:
d2:2c:b3:37:fb:b0:31:ce:34:9d:cc:23:db:99:b8:
22:da:a0:7c:d9:fe:ff:50:ae:85:a0:e3:ad:a3:02:
0a:49:67:4c:ce:f7:04:0a:71:6b:1f:6c:b6:a6:8c:
04:79:11:3e:2e:87:64:d8:e6:e4:c4:f3:75:af:fe:
68:07:60:c2:12:fa:63:57:71:bf:63:23:de:67:aa:
17:ba:51:4b:44:a0:4b:09:50:0b:a9:e3:e6:d4:a5:
a6:43:dc:48:03:d1:70:f4:a2:41:f7:09:b6:f5:35:
fe:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:4F:5D:68:AB:B2:2B:47:00:F7:2C:62:CE:DE:36:1D:72:D8:84:3F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bE9daKuyK0cA9yxizt42HXLYhD8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:20:ad:69:90:e9:01:b3:27:30:82:7d:fb:04:d9:f6:b6:b3:
02:2b:07:da:33:88:04:8e:b9:f8:cd:b5:b2:d8:40:fc:37:52:
2f:bb:a4:64:3b:6f:3f:6a:3f:06:1c:36:85:ac:f5:76:17:9f:
3a:33:a1:ff:55:08:d5:81:50:f3:e4:7d:7a:1e:aa:a7:db:8b:
79:00:33:30:73:9a:82:1a:e9:71:ec:a1:df:4d:46:15:ba:31:
38:63:ba:4a:08:35:77:4e:41:c5:71:63:56:9a:60:07:f3:c1:
da:e6:f8:88:5c:ff:10:7e:82:67:da:bf:9e:7c:73:96:1e:bf:
2f:9d:c7:6e:3f:d9:20:b5:13:6f:1b:94:d3:20:a9:b0:8d:42:
35:af:0b:36:25:4b:3a:94:75:37:0a:c7:9c:71:b5:c2:0e:0c:
ad:79:02:66:84:1a:4b:7e:4d:15:3b:8a:9c:3d:6f:5e:b3:46:
a0:83:6a:27:70:da:5c:ad:65:d4:d2:79:f7:61:93:39:4f:cc:
28:77:6f:fd:84:10:be:f1:71:07:1f:61:81:de:95:1b:8a:e1:
1a:92:a6:96:2b:5d:92:92:b3:af:97:83:1b:f4:aa:90:98:e0:
82:d1:53:87:46:81:4c:e3:7e:b2:3a:11:de:49:6d:5a:82:9d:
57:29:4b:f3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDEowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMx
MTA4NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZDNEY1RDY4QUJCMjJC
NDcwMEY3MkM2MkNFREUzNjFENzJEODg0M0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS/LNKa25mZIynjiz6P48SUFZQTctOl84EMY/A9UAu1zqNnz8A
LmZwYgnDiY1rnMh4rvXoMEUpjiAsEzKq3ouuAUj5DO0C4Dsar0g4ePu1gViRYQeL
yB5pfOikit2qgHsqz31hChU5WTi8399jXA5AJpOi5tiDWGqWAYvRGmmgAHojause
MnGs/tAD5ZmQdt4xJyycTtIsszf7sDHONJ3MI9uZuCLaoHzZ/v9QroWg462jAgpJ
Z0zO9wQKcWsfbLamjAR5ET4uh2TY5uTE83Wv/mgHYMIS+mNXcb9jI95nqhe6UUtE
oEsJUAup4+bUpaZD3EgD0XD0okH3Cbb1Nf4TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbE9daKuyK0cA9yxizt42HXLYhD8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iRTlkYUt1eUswY0E5eXhp
enQ0MkhYTFloRDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACkgrWmQ6QGzJzCCffsE2fa2swIrB9oziASO
ufjNtbLYQPw3Ui+7pGQ7bz9qPwYcNoWs9XYXnzozof9VCNWBUPPkfXoeqqfbi3kA
MzBzmoIa6XHsod9NRhW6MThjukoINXdOQcVxY1aaYAfzwdrm+Ihc/xB+gmfav558
c5Yevy+dx24/2SC1E28blNMgqbCNQjWvCzYlSzqUdTcKx5xxtcIODK15AmaEGkt+
TRU7ipw9b16zRqCDaidw2lytZdTSefdhkzlPzCh3b/2EEL7xcQcfYYHelRuK4RqS
ppYrXZKSs6+Xgxv0qpCY4ILRU4dGgUzjfrI6Ed5JbVqCnVcpS/M=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:08:13 2025 by rpki-client