Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/b_HKuMMid4EpJwUw999DnQgrf8w.roa
File: b_HKuMMid4EpJwUw999DnQgrf8w.roa (raw, json)
Hash identifier: NajYQEfbh7AfUV+mk3YZNCtPfyfjqyGbuSYrNdfsSjc=
Subject key identifier: 6F:F1:CA:B8:C3:22:77:81:29:27:05:30:F7:DF:43:9D:08:2B:7F:CC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07B2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/b_HKuMMid4EpJwUw999DnQgrf8w.roa
Signing time: Sat 17 May 2025 08:08:54 +0000
ROA not before: Sat 17 May 2025 08:08:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1970 (0x7b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 08:08:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6FF1CAB8C322778129270530F7DF439D082B7FCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5d:61:ec:98:3a:f3:4c:6c:13:c5:0a:3a:69:
9e:f1:5f:15:25:f5:d9:83:e3:ce:6f:42:6d:d1:b3:
4e:5a:80:a9:6a:ee:86:b0:59:75:cf:4f:bf:e5:a9:
88:00:b2:2b:41:fa:9e:1a:dd:2d:38:39:dc:ed:2d:
aa:e0:f3:00:10:28:e1:3c:a2:71:fc:25:d1:87:66:
92:fd:40:92:86:79:45:64:53:c3:11:9d:7f:eb:ca:
15:fb:88:11:16:06:b4:6b:15:90:ff:af:2c:41:f2:
50:b8:00:0d:94:23:4f:54:5f:76:cc:91:a3:72:be:
3e:ec:eb:21:5e:64:6c:4b:00:05:e2:89:f0:2f:f2:
05:05:91:f7:98:0c:5d:bc:9c:ae:1b:38:27:e0:65:
69:76:dc:70:ab:64:4c:12:7d:60:e7:63:cf:5f:a9:
41:0c:1e:14:15:02:bd:17:cc:f1:97:ec:f4:32:f6:
e9:08:4c:0a:35:71:1c:d9:15:7a:73:ed:f2:b0:1f:
7f:b4:43:82:db:ef:e1:51:42:d1:eb:45:8e:e8:89:
98:e7:25:98:cf:d9:cc:07:d4:83:55:03:d7:35:bd:
a8:48:51:e8:49:68:e8:52:31:67:12:b0:06:a1:ae:
81:80:20:75:ed:6b:5b:6f:7c:58:1c:12:ad:21:0c:
3d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F1:CA:B8:C3:22:77:81:29:27:05:30:F7:DF:43:9D:08:2B:7F:CC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/b_HKuMMid4EpJwUw999DnQgrf8w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:61:ff:01:55:82:ef:8a:4a:32:99:f5:12:18:0a:e3:d8:be:
eb:ec:16:87:60:30:87:ae:5a:74:b5:ee:b7:bd:23:8c:88:83:
91:db:ec:78:8b:3a:32:07:06:14:44:70:4c:2f:92:55:2c:76:
e6:0b:bc:2c:f3:1d:85:95:54:a6:1e:2a:d0:a2:6b:43:81:40:
09:29:0d:5f:16:6a:30:3a:57:0d:35:9b:15:09:4b:cd:12:62:
14:67:e8:03:a6:eb:64:82:05:90:a4:77:56:a8:e3:95:7f:e8:
57:ed:12:d7:a4:27:9b:58:5c:97:d6:6a:93:6b:2e:60:33:3a:
20:3b:43:af:f2:c3:47:f1:9d:f0:7d:4c:72:43:8c:ef:4b:de:
d4:84:3b:b0:22:53:53:99:20:a6:2a:db:72:2f:5e:28:d2:c1:
68:93:06:9e:46:18:2f:8f:f1:55:7b:4e:4c:d2:be:f8:7f:e0:
d6:78:97:cb:9f:17:f2:50:3f:66:3a:27:f8:d6:3c:26:8f:30:
5d:ed:a4:44:2c:f9:95:a1:0a:07:0b:87:6c:48:e8:ae:05:2b:
19:9b:f3:d7:32:f3:52:f9:d9:c2:57:80:b4:12:53:6d:81:b5:
00:23:e4:ec:e6:63:04:5d:37:80:a6:b4:5f:7f:57:6d:ce:51:
dc:b1:7e:f7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB7IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
ODA4NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZGRjFDQUI4QzMyMjc3
ODEyOTI3MDUzMEY3REY0MzlEMDgyQjdGQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzXWHsmDrzTGwTxQo6aZ7xXxUl9dmD485vQm3Rs05agKlq7oaw
WXXPT7/lqYgAsitB+p4a3S04OdztLarg8wAQKOE8onH8JdGHZpL9QJKGeUVkU8MR
nX/ryhX7iBEWBrRrFZD/ryxB8lC4AA2UI09UX3bMkaNyvj7s6yFeZGxLAAXiifAv
8gUFkfeYDF28nK4bOCfgZWl23HCrZEwSfWDnY89fqUEMHhQVAr0XzPGX7PQy9ukI
TAo1cRzZFXpz7fKwH3+0Q4Lb7+FRQtHrRY7oiZjnJZjP2cwH1INVA9c1vahIUehJ
aOhSMWcSsAahroGAIHXta1tvfFgcEq0hDD0nAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUb/HKuMMid4EpJwUw999DnQgrf8wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iX0hLdU1NaWQ0RXBKd1V3
OTk5RG5RZ3JmOHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABph/wFVgu+KSjKZ9RIYCuPYvuvsFodgMIeu
WnS17re9I4yIg5Hb7HiLOjIHBhREcEwvklUsduYLvCzzHYWVVKYeKtCia0OBQAkp
DV8WajA6Vw01mxUJS80SYhRn6AOm62SCBZCkd1ao45V/6FftEtekJ5tYXJfWapNr
LmAzOiA7Q6/yw0fxnfB9THJDjO9L3tSEO7AiU1OZIKYq23IvXijSwWiTBp5GGC+P
8VV7TkzSvvh/4NZ4l8ufF/JQP2Y6J/jWPCaPMF3tpEQs+ZWhCgcLh2xI6K4FKxmb
89cy81L52cJXgLQSU22BtQAj5OzmYwRdN4CmtF9/V23OUdyxfvc=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:30:21 2025 by rpki-client