Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jseYp-zg2PU2HGRRVLfUB6ntYBo.roa
File: jseYp-zg2PU2HGRRVLfUB6ntYBo.roa (raw, json)
Hash identifier: TaXnbaLRvrCnfKFVNKQiId8JG8UetoqMyAkZZKrw5t8=
Subject key identifier: 8E:C7:98:A7:EC:E0:D8:F5:36:1C:64:51:54:B7:D4:07:A9:ED:60:1A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E6A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jseYp-zg2PU2HGRRVLfUB6ntYBo.roa
Signing time: Mon 26 May 2025 07:09:25 +0000
ROA not before: Mon 26 May 2025 07:09:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3690 (0xe6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 07:09:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8EC798A7ECE0D8F5361C645154B7D407A9ED601A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:19:13:97:97:4a:3e:ba:7d:f9:c3:3b:25:b3:
97:e9:7b:0b:ac:18:4d:d3:22:51:06:95:d7:43:a8:
a2:d6:95:94:27:62:a0:49:cb:5d:8a:3f:cd:da:6a:
8a:64:b1:27:d5:ed:f6:26:98:f2:66:cc:27:ad:f8:
5f:f1:8a:2d:a7:11:fc:27:f3:be:4e:3f:c2:1f:31:
63:0d:87:17:b6:c2:17:89:7e:c5:b5:db:af:d6:d0:
2d:27:04:41:d1:99:cc:27:ab:18:4c:de:60:8d:9c:
d1:ad:8e:9c:08:a2:a3:e9:c4:9d:72:f8:06:1a:91:
85:2c:22:b5:92:aa:4b:c4:ab:71:a7:08:79:60:5f:
28:24:59:55:4b:ed:50:dd:68:67:f7:15:3f:90:1f:
1d:92:a4:50:15:cc:b4:ed:1a:4f:d7:83:c7:b0:a0:
f9:9d:1c:fc:99:1c:f4:fb:ca:66:6a:ca:db:24:6e:
3b:a7:40:75:91:0d:56:ec:a1:0c:2a:b5:55:59:00:
f6:f0:1e:18:9c:53:e6:f8:16:fc:a7:4b:69:b0:c3:
e6:2d:84:b0:a0:b4:15:4b:12:82:43:1c:e3:a7:0b:
a6:c7:b6:27:bd:a2:1d:91:e0:5f:b7:36:de:b7:31:
c1:89:78:ef:b1:73:6c:fb:6a:f4:b2:1c:72:39:ea:
e5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:C7:98:A7:EC:E0:D8:F5:36:1C:64:51:54:B7:D4:07:A9:ED:60:1A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jseYp-zg2PU2HGRRVLfUB6ntYBo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a7:ad:00:c8:7d:58:a7:1c:02:60:37:f8:aa:47:07:ed:b3:bc:
c9:fb:8f:fd:4a:00:e9:58:66:82:71:4b:89:40:6f:66:42:84:
f3:30:c4:6f:75:df:99:ac:3a:1b:74:dc:30:26:a4:b4:46:95:
86:71:29:34:cc:4e:b3:21:2d:1d:2b:ea:42:43:df:e9:77:18:
92:42:e2:af:e5:c8:b8:83:d7:3a:4b:f8:7f:93:6a:76:ed:d5:
8d:46:fa:90:92:4b:fd:57:c3:93:9b:d4:84:3f:98:97:c6:91:
c8:4c:8f:ad:b5:d2:37:8d:8c:88:ec:60:8a:4a:cb:09:6f:34:
69:73:a2:ca:c9:1c:28:16:70:c8:f8:80:71:13:67:03:33:75:
b0:db:84:f6:ea:3b:b7:75:23:21:f1:7c:3e:78:e5:46:19:7f:
7e:6d:99:c4:1a:fa:91:2b:88:65:25:0b:d1:ce:53:87:0a:fc:
78:f6:d2:2c:fd:eb:30:18:38:ef:11:26:4f:02:12:8f:be:28:
25:5d:27:85:4f:14:88:ea:a3:f3:d3:3f:90:5a:2c:ce:d4:f9:
a6:b3:57:a1:9f:51:4f:57:4a:86:53:ec:9e:82:2f:02:9c:12:
67:a3:4f:7f:ea:cf:df:2d:d4:a1:b6:a6:4f:53:3c:c0:42:d0:
12:2d:08:a2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
NzA5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhFQzc5OEE3RUNFMEQ4
RjUzNjFDNjQ1MTU0QjdENDA3QTlFRDYwMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD+GROXl0o+un35wzsls5fpewusGE3TIlEGlddDqKLWlZQnYqBJ
y12KP83aaopksSfV7fYmmPJmzCet+F/xii2nEfwn875OP8IfMWMNhxe2wheJfsW1
26/W0C0nBEHRmcwnqxhM3mCNnNGtjpwIoqPpxJ1y+AYakYUsIrWSqkvEq3GnCHlg
XygkWVVL7VDdaGf3FT+QHx2SpFAVzLTtGk/Xg8ewoPmdHPyZHPT7ymZqytskbjun
QHWRDVbsoQwqtVVZAPbwHhicU+b4FvynS2mww+YthLCgtBVLEoJDHOOnC6bHtie9
oh2R4F+3Nt63McGJeO+xc2z7avSyHHI56uUtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjseYp+zg2PU2HGRRVLfUB6ntYBowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qc2VZcC16ZzJQVTJIR1JS
VkxmVUI2bnRZQm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKetAMh9WKccAmA3+KpHB+2zvMn7j/1KAOlY
ZoJxS4lAb2ZChPMwxG9135msOht03DAmpLRGlYZxKTTMTrMhLR0r6kJD3+l3GJJC
4q/lyLiD1zpL+H+Tanbt1Y1G+pCSS/1Xw5Ob1IQ/mJfGkchMj6210jeNjIjsYIpK
ywlvNGlzosrJHCgWcMj4gHETZwMzdbDbhPbqO7d1IyHxfD545UYZf35tmcQa+pEr
iGUlC9HOU4cK/Hj20iz96zAYOO8RJk8CEo++KCVdJ4VPFIjqo/PTP5BaLM7U+aaz
V6GfUU9XSoZT7J6CLwKcEmejT3/qz98t1KG2pk9TPMBC0BItCKI=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:52:24 2025 by rpki-client