Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fTilgfNM-iuOMoThowA5kvCv-Qw.roa
File: fTilgfNM-iuOMoThowA5kvCv-Qw.roa (raw, json)
Hash identifier: 57R2e+1u4gF5Kg6ZpHV9/dXG02vhpCxTK9k6e0oTOMs=
Subject key identifier: 7D:38:A5:81:F3:4C:FA:2B:8E:32:84:E1:A3:00:39:92:F0:AF:F9:0C
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C2A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fTilgfNM-iuOMoThowA5kvCv-Qw.roa
Signing time: Fri 23 May 2025 07:08:25 +0000
ROA not before: Fri 23 May 2025 07:08:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3114 (0xc2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 07:08:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7D38A581F34CFA2B8E3284E1A3003992F0AFF90C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f2:dc:36:19:47:fb:96:7d:6e:bb:b6:3e:3f:
e5:0b:76:08:70:d9:4a:fb:f9:cb:89:7a:b1:d8:c7:
47:fb:3d:cf:59:76:b1:48:80:c8:3d:df:1a:4b:21:
21:b1:09:09:49:39:49:53:32:4d:ab:2a:7f:ce:f6:
39:c8:20:36:df:29:23:f1:b5:18:a1:82:20:11:da:
c1:90:bc:af:04:a8:dd:9f:3e:02:53:62:58:a9:1d:
d7:bd:70:6b:cd:44:85:8e:98:32:6e:3a:5c:fc:ee:
f0:90:47:00:74:87:b6:3d:36:f2:df:59:86:da:3b:
55:8c:75:6e:70:cf:21:8c:c2:c0:e1:f2:cd:f5:10:
7e:e7:1f:e2:48:55:ad:fd:ad:73:a1:c2:40:33:d5:
84:49:3b:f9:ac:dd:c6:72:54:9d:3e:68:02:67:d5:
f0:9c:f8:e4:20:3f:16:14:2b:9d:e0:f2:09:b3:8b:
54:29:03:ca:3d:f6:b0:a0:3a:d2:db:b9:a0:14:23:
ff:c6:22:f5:d9:4d:a4:93:19:f5:68:f9:cf:58:40:
37:23:9e:e1:57:4d:ef:19:40:d4:81:91:6f:34:55:
fa:fc:cc:e7:fc:ad:42:55:70:48:b2:0d:48:50:93:
57:67:26:20:0b:7f:54:64:31:4d:97:25:83:64:97:
5e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:38:A5:81:F3:4C:FA:2B:8E:32:84:E1:A3:00:39:92:F0:AF:F9:0C
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fTilgfNM-iuOMoThowA5kvCv-Qw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:2f:5a:25:9d:66:23:47:64:84:62:ef:5d:96:a7:6e:80:7d:
ff:6a:54:4a:30:48:43:6f:90:70:a3:65:5e:07:17:bf:93:24:
49:f4:d0:02:bb:73:72:e8:34:e0:e9:9d:c5:6e:b8:60:cb:2f:
0a:be:f5:c0:94:24:36:d6:6c:24:e7:69:4e:94:46:bf:3d:e1:
b2:bf:d5:99:c5:50:7c:cc:a6:7e:e0:50:40:d5:1b:3e:b9:6f:
4a:0f:68:3c:02:0e:1a:31:87:56:5e:41:11:14:eb:3e:04:81:
c4:f7:3e:34:29:bc:98:c1:18:f1:73:52:99:7b:93:13:4e:f0:
7e:d6:24:ad:97:f9:a1:18:f7:68:c7:75:0f:d8:1e:71:b9:05:
48:75:30:b9:40:f6:4c:58:74:8d:2c:71:b1:8c:21:20:84:99:
55:30:2b:22:c0:cb:be:7d:3f:c3:62:ed:df:8f:ce:44:67:90:
d3:a1:9e:67:1e:df:9f:5f:3b:24:44:ec:0d:12:40:2e:e6:02:
e3:77:6c:95:4e:8f:df:2c:22:1b:3c:52:5d:85:2f:5c:d8:19:
6a:fb:58:13:07:cc:8d:36:1d:8b:6a:40:60:34:2b:23:0c:73:
48:87:2e:63:b9:a1:16:9a:c4:da:a5:30:60:d3:de:56:b6:a9:
49:0b:da:8b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
NzA4MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdEMzhBNTgxRjM0Q0ZB
MkI4RTMyODRFMUEzMDAzOTkyRjBBRkY5MEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq8tw2GUf7ln1uu7Y+P+ULdghw2Ur7+cuJerHYx0f7Pc9ZdrFI
gMg93xpLISGxCQlJOUlTMk2rKn/O9jnIIDbfKSPxtRihgiAR2sGQvK8EqN2fPgJT
YlipHde9cGvNRIWOmDJuOlz87vCQRwB0h7Y9NvLfWYbaO1WMdW5wzyGMwsDh8s31
EH7nH+JIVa39rXOhwkAz1YRJO/ms3cZyVJ0+aAJn1fCc+OQgPxYUK53g8gmzi1Qp
A8o99rCgOtLbuaAUI//GIvXZTaSTGfVo+c9YQDcjnuFXTe8ZQNSBkW80Vfr8zOf8
rUJVcEiyDUhQk1dnJiALf1RkMU2XJYNkl149AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfTilgfNM+iuOMoThowA5kvCv+QwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mVGlsZ2ZOTS1pdU9Nb1Ro
b3dBNWt2Q3YtUXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE4vWiWdZiNHZIRi712Wp26Aff9qVEowSENv
kHCjZV4HF7+TJEn00AK7c3LoNODpncVuuGDLLwq+9cCUJDbWbCTnaU6URr894bK/
1ZnFUHzMpn7gUEDVGz65b0oPaDwCDhoxh1ZeQREU6z4EgcT3PjQpvJjBGPFzUpl7
kxNO8H7WJK2X+aEY92jHdQ/YHnG5BUh1MLlA9kxYdI0scbGMISCEmVUwKyLAy759
P8Ni7d+PzkRnkNOhnmce359fOyRE7A0SQC7mAuN3bJVOj98sIhs8Ul2FL1zYGWr7
WBMHzI02HYtqQGA0KyMMc0iHLmO5oRaaxNqlMGDT3la2qUkL2os=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:29:15 2025 by rpki-client