Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jsKQdtL-mDFbgt_-Oeg2v9SuQzo.roa
File: jsKQdtL-mDFbgt_-Oeg2v9SuQzo.roa (raw, json)
Hash identifier: Dcy1IPS8N7J/Ygo9XsfsyKN47YOHc8zl4rZ0X4MIeAI=
Subject key identifier: 8E:C2:90:76:D2:FE:98:31:5B:82:DF:FE:39:E8:36:BF:D4:AE:43:3A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F1E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jsKQdtL-mDFbgt_-Oeg2v9SuQzo.roa
Signing time: Tue 27 May 2025 05:38:48 +0000
ROA not before: Tue 27 May 2025 05:38:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3870 (0xf1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 05:38:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8EC29076D2FE98315B82DFFE39E836BFD4AE433A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0b:90:6f:e1:21:00:15:2e:a9:96:78:e7:64:
58:14:a9:78:30:77:5a:27:64:a6:68:1c:59:22:85:
15:29:e6:26:2b:a5:9b:16:d9:21:2f:09:e6:2b:3d:
67:b0:89:aa:61:51:50:2f:50:9e:d6:86:9c:81:02:
89:9b:55:31:9d:f7:af:09:6a:5a:ed:52:0c:7e:72:
c9:af:17:84:7c:b4:db:41:cc:23:90:7b:f1:a1:7e:
b1:4c:3c:28:ba:3d:db:7b:28:79:58:3a:f8:64:72:
1a:ce:c8:50:11:dd:fe:3f:9a:62:59:44:98:dc:ae:
4a:1c:52:bc:3e:2c:e8:e2:e0:1e:68:46:8d:0b:c9:
ef:8b:9b:5e:9b:6f:6d:af:24:3e:5b:c2:f6:17:c8:
6d:c3:5d:a2:fa:05:c9:53:0a:82:43:89:f4:36:ed:
62:65:db:76:69:7f:f1:ff:4a:e7:21:ba:e8:3b:89:
5c:e4:b6:73:af:a2:72:bd:05:63:68:62:e1:2e:a3:
c7:f8:08:83:80:d1:12:1c:3f:f2:52:f2:9d:d9:6e:
b6:c8:fc:14:d1:81:8c:52:d7:72:30:39:b6:4b:8f:
a9:b2:81:04:24:df:42:47:17:76:11:9c:5a:54:5b:
97:79:4f:56:e1:40:0b:44:18:da:d1:88:b6:87:98:
b0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C2:90:76:D2:FE:98:31:5B:82:DF:FE:39:E8:36:BF:D4:AE:43:3A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jsKQdtL-mDFbgt_-Oeg2v9SuQzo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:30:c8:be:e2:18:52:19:19:22:41:1d:fe:d6:78:4e:cb:3e:
7d:2b:46:35:86:66:11:93:1c:ff:90:7f:7c:df:fd:6f:f0:34:
9b:cb:16:6b:60:2a:99:d7:10:a0:ec:36:bf:13:1c:25:30:12:
63:be:7c:60:38:8d:ef:c3:a7:20:1f:b5:e1:5c:9f:55:3a:1b:
22:50:6f:7f:41:b8:56:f8:56:d4:c1:9a:ac:87:85:b5:d0:d3:
3b:79:de:8f:06:e0:2e:a0:9b:f9:bc:40:22:98:5b:34:88:4d:
ea:6a:79:9b:4c:28:1f:69:c6:f4:0d:c3:05:11:97:a6:bf:77:
a7:24:33:1e:9f:d7:9c:c8:c9:59:f9:3a:c5:ce:c1:d5:2e:c9:
08:59:cf:ac:0c:20:1d:bb:42:3e:62:67:53:1f:3a:f6:44:37:
e2:37:63:54:e0:e5:2d:d9:79:86:d9:b5:e9:d3:6a:ae:82:ae:
b0:73:3b:8d:0e:fd:95:52:2f:93:19:87:08:d7:7d:9c:4a:f2:
94:01:d5:18:c6:94:00:56:3e:f6:75:cc:c9:71:e8:33:78:fe:
b2:47:47:db:96:de:19:20:1b:96:42:f0:d3:af:52:59:09:28:
6d:9a:47:cc:23:04:e6:b3:b5:fd:d8:7f:21:ac:5a:62:6e:4a:
91:a8:da:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDx4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
NTM4NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhFQzI5MDc2RDJGRTk4
MzE1QjgyREZGRTM5RTgzNkJGRDRBRTQzM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYC5Bv4SEAFS6plnjnZFgUqXgwd1onZKZoHFkihRUp5iYrpZsW
2SEvCeYrPWewiaphUVAvUJ7WhpyBAombVTGd968JalrtUgx+csmvF4R8tNtBzCOQ
e/GhfrFMPCi6Pdt7KHlYOvhkchrOyFAR3f4/mmJZRJjcrkocUrw+LOji4B5oRo0L
ye+Lm16bb22vJD5bwvYXyG3DXaL6BclTCoJDifQ27WJl23Zpf/H/Suchuug7iVzk
tnOvonK9BWNoYuEuo8f4CIOA0RIcP/JS8p3ZbrbI/BTRgYxS13IwObZLj6mygQQk
30JHF3YRnFpUW5d5T1bhQAtEGNrRiLaHmLAXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjsKQdtL+mDFbgt/+Oeg2v9SuQzowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qc0tRZHRMLW1ERmJndF8t
T2VnMnY5U3VRem8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKswyL7iGFIZGSJBHf7WeE7LPn0rRjWGZhGT
HP+Qf3zf/W/wNJvLFmtgKpnXEKDsNr8THCUwEmO+fGA4je/DpyAfteFcn1U6GyJQ
b39BuFb4VtTBmqyHhbXQ0zt53o8G4C6gm/m8QCKYWzSITepqeZtMKB9pxvQNwwUR
l6a/d6ckMx6f15zIyVn5OsXOwdUuyQhZz6wMIB27Qj5iZ1MfOvZEN+I3Y1Tg5S3Z
eYbZtenTaq6CrrBzO40O/ZVSL5MZhwjXfZxK8pQB1RjGlABWPvZ1zMlx6DN4/rJH
R9uW3hkgG5ZC8NOvUlkJKG2aR8wjBOaztf3YfyGsWmJuSpGo2o0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:23:38 2025 by rpki-client