Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/htQeCcjnaiVL2Co6uEMMczaranQ.roa
File: htQeCcjnaiVL2Co6uEMMczaranQ.roa (raw, json)
Hash identifier: sK+g5NGicUumdcJYHGjKMXjgnyChe9crfdKtXOVAo28=
Subject key identifier: 86:D4:1E:09:C8:E7:6A:25:4B:D8:2A:3A:B8:43:0C:73:36:AB:6A:74
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CEE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/htQeCcjnaiVL2Co6uEMMczaranQ.roa
Signing time: Sat 24 May 2025 07:38:32 +0000
ROA not before: Sat 24 May 2025 07:38:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3310 (0xcee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 07:38:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86D41E09C8E76A254BD82A3AB8430C7336AB6A74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:92:f8:d9:ad:65:0f:8f:3b:b1:93:4d:3b:7a:
85:6f:b8:5e:ba:89:69:06:c4:97:be:c4:53:6e:6e:
4a:e3:63:c9:7c:7a:d4:ff:14:c5:aa:4f:bf:e1:b9:
bf:fe:1d:36:26:2c:c3:f3:02:b8:cf:09:70:3c:1e:
75:6b:66:7c:e2:46:1c:b6:10:06:34:b6:eb:2f:b7:
58:1d:7e:7a:4a:f8:76:92:b0:0a:92:ff:3c:07:9f:
95:53:26:c3:30:eb:a3:72:d9:88:e7:de:2a:84:d0:
f3:a0:4e:a1:24:c8:6e:a5:60:e0:0d:84:d6:01:32:
75:56:3f:1c:3f:a7:13:67:c0:fc:81:19:32:36:23:
23:b8:b9:5e:69:82:71:ec:14:e2:42:f5:72:21:71:
4c:f6:58:52:65:2f:d2:85:04:c2:24:94:57:91:54:
e3:95:24:e6:87:31:a4:a5:45:41:8d:a7:fb:ca:f0:
50:50:9d:b7:25:b9:85:23:93:68:53:5f:ec:1f:bf:
c2:cc:6a:8a:0c:c3:77:3e:f5:9b:83:2a:3f:f0:96:
d2:38:88:fd:9e:1b:5e:0d:bb:53:b2:26:d0:8b:1c:
86:ba:ec:9a:4a:58:0b:10:ac:b2:cc:a8:0d:98:d9:
6a:fe:42:66:2a:69:1c:70:3e:cc:b2:0b:3a:52:77:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D4:1E:09:C8:E7:6A:25:4B:D8:2A:3A:B8:43:0C:73:36:AB:6A:74
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/htQeCcjnaiVL2Co6uEMMczaranQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:eb:b2:cd:19:c6:1b:f1:47:ee:d4:ae:ba:44:10:41:29:b4:
85:e2:04:82:45:1b:6c:84:5d:cc:6c:e0:52:89:d0:0e:53:7d:
c5:eb:f6:46:fc:ef:8b:a7:66:a8:49:10:7f:22:1f:a4:fa:75:
51:5d:a2:c0:94:24:44:e4:48:bb:57:c4:eb:f0:c6:e7:02:80:
81:d8:68:76:48:8f:ec:42:a2:12:f7:76:b2:4a:f7:ea:32:b7:
71:c5:6b:d1:a7:64:8b:9b:03:e1:6b:6f:2a:1e:6c:19:2f:8d:
23:1e:da:c8:30:5b:be:f2:2a:64:a7:67:6f:ab:b8:25:0e:b5:
45:b4:7b:e1:fa:c5:ab:f2:ba:a8:a9:48:e3:e3:80:f6:20:47:
7d:06:a4:f5:fd:6e:43:46:d5:9d:ba:17:42:6c:c3:6f:b3:83:
11:71:f1:8f:e5:46:48:84:12:68:11:9b:1e:98:5f:ad:38:b9:
40:99:35:7e:55:92:80:71:9d:40:e5:55:85:2c:65:6c:01:75:
b0:5d:d0:a5:85:22:0d:3d:fa:e7:8b:57:ca:37:35:f3:ea:49:
5c:b1:04:ac:7f:a0:2f:0b:66:ce:27:d4:50:eb:d1:f8:76:45:
c1:92:e2:f2:74:79:85:33:e7:f5:73:af:3c:7f:0f:e1:15:de:
f8:5f:b2:bd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQw
NzM4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2RDQxRTA5QzhFNzZB
MjU0QkQ4MkEzQUI4NDMwQzczMzZBQjZBNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+kvjZrWUPjzuxk007eoVvuF66iWkGxJe+xFNubkrjY8l8etT/
FMWqT7/hub/+HTYmLMPzArjPCXA8HnVrZnziRhy2EAY0tusvt1gdfnpK+HaSsAqS
/zwHn5VTJsMw66Ny2Yjn3iqE0POgTqEkyG6lYOANhNYBMnVWPxw/pxNnwPyBGTI2
IyO4uV5pgnHsFOJC9XIhcUz2WFJlL9KFBMIklFeRVOOVJOaHMaSlRUGNp/vK8FBQ
nbcluYUjk2hTX+wfv8LMaooMw3c+9ZuDKj/wltI4iP2eG14Nu1OyJtCLHIa67JpK
WAsQrLLMqA2Y2Wr+QmYqaRxwPsyyCzpSd70FAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhtQeCcjnaiVL2Co6uEMMczaranQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9odFFlQ2NqbmFpVkwyQ282
dUVNTWN6YXJhblEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACDrss0ZxhvxR+7UrrpEEEEptIXiBIJFG2yE
Xcxs4FKJ0A5TfcXr9kb874unZqhJEH8iH6T6dVFdosCUJETkSLtXxOvwxucCgIHY
aHZIj+xCohL3drJK9+oyt3HFa9GnZIubA+FrbyoebBkvjSMe2sgwW77yKmSnZ2+r
uCUOtUW0e+H6xavyuqipSOPjgPYgR30GpPX9bkNG1Z26F0Jsw2+zgxFx8Y/lRkiE
EmgRmx6YX604uUCZNX5VkoBxnUDlVYUsZWwBdbBd0KWFIg09+ueLV8o3NfPqSVyx
BKx/oC8LZs4n1FDr0fh2RcGS4vJ0eYUz5/Vzrzx/D+EV3vhfsr0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:40:11 2025 by rpki-client