Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/dI1ebIvo9-1g_5aKmMjPCSwP0M8.roa
File: dI1ebIvo9-1g_5aKmMjPCSwP0M8.roa (raw, json)
Hash identifier: +ehR4tyDBpszGzpP9Za008olp6Dj+Bpa1oOhV4Gv3d8=
Subject key identifier: 74:8D:5E:6C:8B:E8:F7:ED:60:FF:96:8A:98:C8:CF:09:2C:0F:D0:CF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 09D2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dI1ebIvo9-1g_5aKmMjPCSwP0M8.roa
Signing time: Tue 20 May 2025 04:08:54 +0000
ROA not before: Tue 20 May 2025 04:08:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2514 (0x9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 04:08:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=748D5E6C8BE8F7ED60FF968A98C8CF092C0FD0CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:bc:d6:bb:3a:2e:22:4d:3b:13:9d:13:49:c2:
62:d4:f1:3d:8a:7b:98:21:fa:c3:52:4d:5e:45:41:
86:9a:1a:23:78:07:11:bf:28:4a:fe:63:95:1d:90:
e7:60:3f:90:5b:c0:c5:b1:d5:24:d6:e9:6f:1a:a3:
75:69:33:8d:8f:58:d7:ae:be:7f:fc:80:d9:a8:cd:
32:93:b8:e9:66:95:68:d4:c6:85:a7:ba:fb:de:1b:
e0:2d:a4:b7:1b:c9:5a:c3:7a:bd:83:9e:cf:eb:22:
e4:11:07:6b:20:0c:5d:1c:7c:52:84:0b:be:c4:f5:
a8:71:1e:ed:70:f5:12:f7:9a:ff:31:20:a3:df:47:
98:23:32:ca:7a:f8:65:15:9b:51:d1:9a:dc:78:21:
09:8b:d7:7b:c2:e2:ab:f4:40:18:34:c6:c4:c9:60:
dd:eb:15:33:26:8b:9d:c4:0f:11:c5:51:bb:b0:9f:
01:13:4d:b8:67:a8:f4:c5:e1:49:f4:e6:cc:55:d4:
48:08:af:4a:39:9e:da:11:86:c6:7d:76:e8:4b:93:
e6:f8:87:c5:e0:ea:07:1b:f1:83:56:ba:0c:08:85:
84:17:4a:59:45:01:d3:31:be:fb:f3:73:02:a0:b7:
cb:d9:f8:85:a9:16:ef:0d:27:2a:73:8d:81:0e:e5:
41:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8D:5E:6C:8B:E8:F7:ED:60:FF:96:8A:98:C8:CF:09:2C:0F:D0:CF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/dI1ebIvo9-1g_5aKmMjPCSwP0M8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:19:6b:3d:a9:d7:9e:eb:e1:5f:3f:d3:9b:1b:43:bd:e1:74:
46:50:23:a0:e2:29:21:3b:ff:61:a7:91:7e:04:76:a5:c9:8e:
3e:db:b8:fc:60:25:e2:4d:19:f1:47:e0:64:66:16:d3:6b:02:
5e:ab:62:d4:70:6a:50:d7:94:d4:0e:ee:b7:ce:66:47:8e:e3:
ca:ba:86:fe:d7:8e:1a:09:35:23:8d:c7:af:94:fc:f9:7d:d1:
14:34:94:df:6c:1c:77:c1:8f:bb:e6:94:04:a3:52:9a:ba:94:
b3:8e:49:03:82:85:69:d0:4e:9f:53:ff:45:ef:03:92:e6:d7:
34:6c:9e:2c:d9:0d:c7:ae:33:2f:e2:4f:e2:31:00:bf:50:31:
11:8e:5e:24:17:f5:7f:11:4c:9a:41:0b:12:87:8d:52:d6:1a:
e2:cc:9a:36:ea:06:04:35:9a:6e:83:6c:22:31:2f:68:36:a3:
a8:d2:75:e9:c9:46:06:09:36:2e:3a:21:b1:ce:3e:c5:e8:29:
f7:66:f2:f8:e3:0b:36:78:b2:99:33:a8:22:1f:2b:55:d6:77:
0a:05:49:74:7b:a8:a8:67:eb:e7:c4:88:40:fa:30:0b:84:5e:
5f:e0:27:43:77:58:98:33:61:98:ca:02:d7:1e:99:5e:b2:de:
da:1e:4a:21
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAw
NDA4NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc0OEQ1RTZDOEJFOEY3
RUQ2MEZGOTY4QTk4QzhDRjA5MkMwRkQwQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD7vNa7Oi4iTTsTnRNJwmLU8T2Ke5gh+sNSTV5FQYaaGiN4BxG/
KEr+Y5UdkOdgP5BbwMWx1STW6W8ao3VpM42PWNeuvn/8gNmozTKTuOlmlWjUxoWn
uvveG+AtpLcbyVrDer2Dns/rIuQRB2sgDF0cfFKEC77E9ahxHu1w9RL3mv8xIKPf
R5gjMsp6+GUVm1HRmtx4IQmL13vC4qv0QBg0xsTJYN3rFTMmi53EDxHFUbuwnwET
TbhnqPTF4Un05sxV1EgIr0o5ntoRhsZ9duhLk+b4h8Xg6gcb8YNWugwIhYQXSllF
AdMxvvvzcwKgt8vZ+IWpFu8NJypzjYEO5UF9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUdI1ebIvo9+1g/5aKmMjPCSwP0M8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9kSTFlYkl2bzktMWdfNWFL
bU1qUENTd1AwTTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEEZaz2p157r4V8/05sbQ73hdEZQI6DiKSE7
/2GnkX4EdqXJjj7buPxgJeJNGfFH4GRmFtNrAl6rYtRwalDXlNQO7rfOZkeO48q6
hv7XjhoJNSONx6+U/Pl90RQ0lN9sHHfBj7vmlASjUpq6lLOOSQOChWnQTp9T/0Xv
A5Lm1zRsnizZDceuMy/iT+IxAL9QMRGOXiQX9X8RTJpBCxKHjVLWGuLMmjbqBgQ1
mm6DbCIxL2g2o6jSdenJRgYJNi46IbHOPsXoKfdm8vjjCzZ4spkzqCIfK1XWdwoF
SXR7qKhn6+fEiED6MAuEXl/gJ0N3WJgzYZjKAtcemV6y3toeSiE=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:06:54 2025 by rpki-client