Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mpdi4CAfTQoaIHUCBKSuvgKbcWE.roa
File: mpdi4CAfTQoaIHUCBKSuvgKbcWE.roa (raw, json)
Hash identifier: WgHYjWVQI6aEsJ3BSeMBjVP8BIaxcssMWbmXXRIE/vE=
Subject key identifier: 9A:97:62:E0:20:1F:4D:0A:1A:20:75:02:04:A4:AE:BE:02:9B:71:61
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F2E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mpdi4CAfTQoaIHUCBKSuvgKbcWE.roa
Signing time: Tue 27 May 2025 07:38:56 +0000
ROA not before: Tue 27 May 2025 07:38:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3886 (0xf2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 07:38:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9A9762E0201F4D0A1A20750204A4AEBE029B7161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d2:c3:20:54:60:17:02:f0:41:98:0e:1a:a4:
83:57:f7:31:9f:52:5a:12:b6:6c:14:01:ee:f9:1c:
5b:a7:11:8f:9a:75:bd:d6:f2:c5:45:d0:7f:5b:63:
ba:7e:f1:38:e3:2f:37:c7:a4:9d:f6:ba:0e:a0:dd:
1f:27:3b:22:bb:d6:68:9e:4d:45:a0:b3:80:0b:68:
ff:a2:f4:5d:21:f1:96:15:89:6e:16:bb:8a:cf:f9:
49:10:ce:66:c7:74:0c:e0:d0:ce:dc:b6:20:a6:7d:
c3:41:72:bc:85:70:e1:f0:6f:43:8e:c9:bd:34:15:
17:94:28:88:4b:73:57:69:d2:2c:70:bf:83:d9:f2:
e9:1b:e9:52:e6:e3:31:ae:61:cb:f3:89:28:e5:7e:
9a:2f:64:1c:ff:ce:a8:66:e4:c2:75:c1:ff:72:e5:
a6:43:ea:31:1f:fe:8c:7c:d7:67:a1:39:a9:af:8f:
c6:44:c8:ff:a3:8d:b0:36:b1:bd:ba:0c:27:44:8d:
86:ec:29:ef:c1:3d:91:08:9f:b2:ba:49:91:d8:80:
0d:42:c1:ff:ab:bc:11:2f:7e:cd:5b:1e:c6:d6:a8:
df:4e:ea:32:c5:33:ea:78:25:5c:1f:9f:88:18:6a:
08:54:3d:81:ae:e6:8f:8d:8e:31:95:b9:09:8e:bd:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:97:62:E0:20:1F:4D:0A:1A:20:75:02:04:A4:AE:BE:02:9B:71:61
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mpdi4CAfTQoaIHUCBKSuvgKbcWE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:0b:f6:d9:09:5a:09:9c:fc:0a:d7:78:86:b8:ca:0e:da:98:
d5:c5:2b:6b:6a:89:be:ab:b4:a1:c4:e5:47:16:43:04:67:b1:
8c:32:65:c6:e7:25:b6:0b:a7:ba:b1:f8:80:5f:bd:43:81:66:
88:c9:66:1a:bb:c4:e0:44:3a:b4:c5:82:d7:8c:3f:f4:41:75:
e0:5f:12:5c:36:54:d1:d2:79:e1:0f:25:b1:4a:e9:6b:a1:d7:
4c:77:0a:3e:cb:ff:21:83:18:8d:96:89:c4:23:47:2a:36:08:
50:ed:84:32:73:21:71:c0:33:ff:ee:2e:cb:b0:eb:89:c3:89:
1b:93:8b:67:88:fe:42:c8:de:52:f6:ab:ec:bd:01:d1:61:08:
89:5c:16:23:01:9f:89:5e:29:dc:96:8f:cc:cf:92:32:18:9c:
36:ad:dd:08:84:4b:d6:45:34:6b:d5:10:91:57:06:ac:2c:e8:
79:d8:c7:d5:cb:4e:76:e5:50:b6:0e:40:e3:32:3c:20:9a:76:
97:d0:ea:0e:16:83:63:98:79:8b:0e:31:d4:91:fe:3c:08:f8:
bb:53:5c:c7:d3:5c:0c:92:bd:69:e6:db:12:04:30:ae:bb:4d:
8c:7b:0e:a9:aa:b9:ed:d2:fb:e4:10:3e:ca:d2:18:7b:cf:31:
8b:c3:34:50
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDy4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
NzM4NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlBOTc2MkUwMjAxRjRE
MEExQTIwNzUwMjA0QTRBRUJFMDI5QjcxNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE0sMgVGAXAvBBmA4apINX9zGfUloStmwUAe75HFunEY+adb3W
8sVF0H9bY7p+8TjjLzfHpJ32ug6g3R8nOyK71mieTUWgs4ALaP+i9F0h8ZYViW4W
u4rP+UkQzmbHdAzg0M7ctiCmfcNBcryFcOHwb0OOyb00FReUKIhLc1dp0ixwv4PZ
8ukb6VLm4zGuYcvziSjlfpovZBz/zqhm5MJ1wf9y5aZD6jEf/ox812ehOamvj8ZE
yP+jjbA2sb26DCdEjYbsKe/BPZEIn7K6SZHYgA1Cwf+rvBEvfs1bHsbWqN9O6jLF
M+p4JVwfn4gYaghUPYGu5o+NjjGVuQmOvQTHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmpdi4CAfTQoaIHUCBKSuvgKbcWEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tcGRpNENBZlRRb2FJSFVD
QktTdXZnS2JjV0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAIL9tkJWgmc/ArXeIa4yg7amNXFK2tqib6r
tKHE5UcWQwRnsYwyZcbnJbYLp7qx+IBfvUOBZojJZhq7xOBEOrTFgteMP/RBdeBf
Elw2VNHSeeEPJbFK6Wuh10x3Cj7L/yGDGI2WicQjRyo2CFDthDJzIXHAM//uLsuw
64nDiRuTi2eI/kLI3lL2q+y9AdFhCIlcFiMBn4leKdyWj8zPkjIYnDat3QiES9ZF
NGvVEJFXBqws6HnYx9XLTnblULYOQOMyPCCadpfQ6g4Wg2OYeYsOMdSR/jwI+LtT
XMfTXAySvWnm2xIEMK67TYx7Dqmque3S++QQPsrSGHvPMYvDNFA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:07:56 2025 by rpki-client