Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/l9ggzYT9LjiXxPJwjRjIvS4RqiQ.roa
File: l9ggzYT9LjiXxPJwjRjIvS4RqiQ.roa (raw, json)
Hash identifier: G9GQfDras+5/doHQ0XKUJ/7Ok+FGKAm7pEhLU8efN2c=
Subject key identifier: 97:D8:20:CD:84:FD:2E:38:97:C4:F2:70:8D:18:C8:BD:2E:11:AA:24
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 051E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/l9ggzYT9LjiXxPJwjRjIvS4RqiQ.roa
Signing time: Tue 13 May 2025 21:38:02 +0000
ROA not before: Tue 13 May 2025 21:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1310 (0x51e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 21:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=97D820CD84FD2E3897C4F2708D18C8BD2E11AA24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9d:24:b0:01:e3:f9:d2:81:fa:aa:b1:31:5f:
a9:27:38:c7:6a:17:02:91:5b:cc:e3:4b:75:53:26:
cb:98:6a:7a:12:1a:52:56:4c:47:37:aa:83:2c:18:
5d:65:02:be:ad:15:4b:45:ef:a8:20:87:e8:df:a8:
b7:00:a8:ae:d9:3c:ab:22:79:cb:27:17:6a:02:54:
b7:4a:36:13:d0:ec:ab:fa:ea:f8:da:de:07:86:7e:
b7:a3:47:52:67:5a:e7:b9:ab:07:16:e3:a0:f3:1c:
a8:d9:bd:1d:33:71:81:28:b4:94:9b:ce:a7:8b:c6:
bc:34:3d:b9:30:b5:ea:b5:f3:67:62:3c:d9:95:80:
f9:87:98:f0:ac:ab:43:78:b1:1f:7c:3b:08:80:08:
85:5f:90:db:bd:44:16:fc:e8:82:df:71:02:4f:6b:
47:d2:5b:72:33:cd:0d:b6:73:58:ba:1a:7b:df:f6:
19:f0:33:1e:5b:55:7c:24:46:6a:2d:a4:98:09:b2:
e9:ef:04:9e:bd:e3:ff:ea:b5:4a:2b:f9:79:cd:8b:
29:da:53:86:13:e0:5b:71:5d:3d:99:98:4e:30:33:
c2:12:9d:73:fd:e9:b4:82:4a:74:1e:1e:60:55:30:
db:b1:ed:9d:a7:cb:ee:85:46:58:4c:48:5e:f6:a9:
1a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D8:20:CD:84:FD:2E:38:97:C4:F2:70:8D:18:C8:BD:2E:11:AA:24
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/l9ggzYT9LjiXxPJwjRjIvS4RqiQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:0a:77:41:bc:13:14:7c:1d:81:92:fd:2e:10:e3:be:a6:46:
38:7d:e6:e5:dc:8b:ea:f3:97:fb:58:61:1c:f9:44:6b:17:55:
c4:e6:36:67:db:a9:07:e2:8a:27:cc:44:37:19:f4:6f:36:e0:
e5:96:b5:92:d9:cd:bd:ca:0f:ca:23:d1:14:b9:b1:9a:21:be:
81:72:5b:ba:c2:11:f9:c7:63:9a:5c:cd:14:f5:1d:1b:3a:97:
0c:51:7e:53:c2:96:33:f0:eb:d0:0d:24:31:6b:59:64:e1:a8:
1a:bc:a3:4b:d1:2c:63:b4:cb:7b:9e:38:80:51:8a:2a:76:9b:
8f:6c:19:3c:58:e2:3f:67:6e:c1:09:68:ba:0b:ee:d1:7c:34:
28:3a:6b:ba:df:e4:a2:be:da:2f:ed:37:c2:e7:e7:dd:55:78:
7a:d3:ca:f4:31:8b:a1:ac:c4:6f:8e:19:9e:e8:09:51:5b:93:
9c:fc:13:3a:de:4b:3a:1f:b7:f9:79:84:bb:b9:f3:b4:5e:b6:
1f:ab:57:90:a9:2a:15:80:41:30:49:2a:e5:6f:58:99:fa:2d:
a3:34:21:48:d8:3e:bc:8a:39:cc:12:56:26:f8:20:bb:b7:36:
70:c0:90:37:2e:ab:02:e7:d8:fa:13:bc:b1:fe:9c:51:1e:5d:
c1:c5:e1:78
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBR4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MTM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk3RDgyMENEODRGRDJF
Mzg5N0M0RjI3MDhEMThDOEJEMkUxMUFBMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFnSSwAeP50oH6qrExX6knOMdqFwKRW8zjS3VTJsuYanoSGlJW
TEc3qoMsGF1lAr6tFUtF76ggh+jfqLcAqK7ZPKsiecsnF2oCVLdKNhPQ7Kv66vja
3geGfrejR1JnWue5qwcW46DzHKjZvR0zcYEotJSbzqeLxrw0Pbkwteq182diPNmV
gPmHmPCsq0N4sR98OwiACIVfkNu9RBb86ILfcQJPa0fSW3IzzQ22c1i6Gnvf9hnw
Mx5bVXwkRmotpJgJsunvBJ694//qtUor+XnNiynaU4YT4FtxXT2ZmE4wM8ISnXP9
6bSCSnQeHmBVMNux7Z2ny+6FRlhMSF72qRp/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUl9ggzYT9LjiXxPJwjRjIvS4RqiQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sOWdnellUOUxqaVh4UEp3
alJqSXZTNFJxaVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACoKd0G8ExR8HYGS/S4Q476mRjh95uXci+rz
l/tYYRz5RGsXVcTmNmfbqQfiiifMRDcZ9G824OWWtZLZzb3KD8oj0RS5sZohvoFy
W7rCEfnHY5pczRT1HRs6lwxRflPCljPw69ANJDFrWWThqBq8o0vRLGO0y3ueOIBR
iip2m49sGTxY4j9nbsEJaLoL7tF8NCg6a7rf5KK+2i/tN8Ln591VeHrTyvQxi6Gs
xG+OGZ7oCVFbk5z8EzreSzoft/l5hLu587Reth+rV5CpKhWAQTBJKuVvWJn6LaM0
IUjYPryKOcwSVib4ILu3NnDAkDcuqwLn2PoTvLH+nFEeXcHF4Xg=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:30:00 2025 by rpki-client