Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bd2Egc_YytjJy55KEuLYH0foh-8.roa
File: bd2Egc_YytjJy55KEuLYH0foh-8.roa (raw, json)
Hash identifier: ESWEsBiVuAa6AIQGM4E4E6POkgjCI4LUy4A0Pn0fnjk=
Subject key identifier: 6D:DD:84:81:CF:D8:CA:D8:C9:CB:9E:4A:12:E2:D8:1F:47:E8:87:EF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 12E6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bd2Egc_YytjJy55KEuLYH0foh-8.roa
Signing time: Sun 01 Jun 2025 06:39:14 +0000
ROA not before: Sun 01 Jun 2025 06:39:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4838 (0x12e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 06:39:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6DDD8481CFD8CAD8C9CB9E4A12E2D81F47E887EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:12:2b:85:4b:5a:c6:65:cf:a2:13:b6:cf:14:
f6:de:d2:7b:a2:b0:16:8a:a4:5d:f2:a1:33:11:f7:
b3:ad:66:f0:39:4a:2d:40:f0:ab:5b:b1:f7:e2:33:
d0:5b:b2:d7:de:88:17:9a:90:47:93:b4:5c:64:8d:
d7:62:8c:8d:5b:76:44:2f:92:fd:01:ba:0e:97:94:
c8:48:80:7d:1d:9b:35:c7:a6:8e:75:f5:55:8c:96:
88:27:e0:ed:3d:db:be:af:56:24:2d:f0:62:cc:43:
63:43:86:4d:28:20:ef:ca:e9:f4:29:89:59:77:f1:
a1:42:5c:39:b4:de:60:64:6f:c1:72:6f:34:93:0e:
cd:eb:c7:cf:6d:8d:11:4a:b6:b5:02:3a:3a:26:74:
1c:98:94:dc:db:e9:f6:71:cf:94:e4:9c:9d:2f:de:
0d:cb:3b:a9:dd:90:bb:45:c5:7d:bd:86:19:bb:82:
62:c0:5b:ba:03:8a:0c:9f:59:2f:09:77:f1:40:2f:
f6:df:51:d8:be:3c:d0:36:28:69:24:aa:b4:4d:02:
be:d6:b1:77:34:fd:d3:5a:2a:08:a1:f0:9b:7a:6d:
bc:54:03:0a:07:ba:1d:2e:75:6c:95:00:fa:3a:cc:
d3:1d:56:3d:0f:b6:c2:f6:16:8d:3f:7c:ed:6d:a9:
c7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DD:84:81:CF:D8:CA:D8:C9:CB:9E:4A:12:E2:D8:1F:47:E8:87:EF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bd2Egc_YytjJy55KEuLYH0foh-8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:4b:36:cd:09:4e:5e:7e:fe:16:e2:a2:da:dc:c2:7e:4e:51:
3e:db:04:e5:1c:fd:b5:72:8d:cd:31:8b:4a:cf:53:9c:80:fc:
03:96:fa:dd:0f:a4:17:2f:a4:8e:49:e4:32:24:71:05:4a:9b:
07:39:e4:46:46:d2:22:e5:ed:24:c9:e2:68:61:7f:11:7f:fd:
0f:64:14:27:55:70:ca:66:cf:b1:82:d2:69:7c:e7:77:d0:55:
d5:f4:54:08:bf:d4:0b:85:0e:80:58:42:ae:14:9c:42:09:3d:
28:37:ac:1b:5c:b7:f0:2e:7d:94:8e:4d:dd:5f:a7:bb:90:7f:
bd:76:3c:06:37:50:e4:be:a8:57:08:0a:e0:2e:4d:ce:e1:50:
02:6a:5e:6c:36:a1:ab:34:53:dd:55:ea:13:51:79:6c:f6:bb:
7e:2c:45:7f:aa:9f:cd:0b:3b:b2:9e:54:d9:74:9b:45:0d:e7:
3d:0b:2e:44:6e:3c:a5:9d:ed:ae:fd:33:2e:44:01:38:98:44:
10:69:e1:46:1c:99:33:8e:8b:41:21:9c:2a:8a:7c:9c:f3:db:
9f:6c:04:41:4c:b9:45:f7:b5:de:8b:f8:0b:be:bc:df:db:cc:
cf:61:db:ab:1e:f3:f3:ed:7f:2f:f9:2a:a1:56:33:c3:ec:24:
61:1e:d0:8c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEuYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEw
NjM5MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZEREQ4NDgxQ0ZEOENB
RDhDOUNCOUU0QTEyRTJEODFGNDdFODg3RUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZEiuFS1rGZc+iE7bPFPbe0nuisBaKpF3yoTMR97OtZvA5Si1A
8KtbsffiM9BbstfeiBeakEeTtFxkjddijI1bdkQvkv0Bug6XlMhIgH0dmzXHpo51
9VWMlogn4O09276vViQt8GLMQ2NDhk0oIO/K6fQpiVl38aFCXDm03mBkb8FybzST
Ds3rx89tjRFKtrUCOjomdByYlNzb6fZxz5TknJ0v3g3LO6ndkLtFxX29hhm7gmLA
W7oDigyfWS8Jd/FAL/bfUdi+PNA2KGkkqrRNAr7WsXc0/dNaKgih8Jt6bbxUAwoH
uh0udWyVAPo6zNMdVj0PtsL2Fo0/fO1tqcfPAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbd2Egc/YytjJy55KEuLYH0foh+8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iZDJFZ2NfWXl0akp5NTVL
RXVMWUgwZm9oLTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACVLNs0JTl5+/hbiotrcwn5OUT7bBOUc/bVy
jc0xi0rPU5yA/AOW+t0PpBcvpI5J5DIkcQVKmwc55EZG0iLl7STJ4mhhfxF//Q9k
FCdVcMpmz7GC0ml853fQVdX0VAi/1AuFDoBYQq4UnEIJPSg3rBtct/AufZSOTd1f
p7uQf712PAY3UOS+qFcICuAuTc7hUAJqXmw2oas0U91V6hNReWz2u34sRX+qn80L
O7KeVNl0m0UN5z0LLkRuPKWd7a79My5EATiYRBBp4UYcmTOOi0EhnCqKfJzz259s
BEFMuUX3td6L+Au+vN/bzM9h26se8/Ptfy/5KqFWM8PsJGEe0Iw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 03:50:14 2025 by rpki-client