Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/nrogJVQPDuLGPJWYfk2ruZz0uiY.roa
File: nrogJVQPDuLGPJWYfk2ruZz0uiY.roa (raw, json)
Hash identifier: 3o2durY7r6nVlboEEi6JgNGrRnlEjlJQQd5fwZIU3SU=
Subject key identifier: 9E:BA:20:25:54:0F:0E:E2:C6:3C:95:98:7E:4D:AB:B9:9C:F4:BA:26
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0912
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nrogJVQPDuLGPJWYfk2ruZz0uiY.roa
Signing time: Mon 19 May 2025 04:08:08 +0000
ROA not before: Mon 19 May 2025 04:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2322 (0x912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 04:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9EBA2025540F0EE2C63C95987E4DABB99CF4BA26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:32:9b:5c:d6:4b:a3:64:b8:b0:a4:fa:fc:ac:
d1:d5:a5:e9:3e:06:bf:61:78:9b:96:93:b1:85:92:
af:6c:c0:01:7b:a8:3a:02:2b:85:d6:df:21:32:da:
06:80:cf:64:49:8e:80:ff:60:b1:45:96:1d:42:ea:
07:7d:72:ca:4c:7d:44:34:74:1b:9c:02:27:f5:05:
ea:94:51:1f:2c:d2:61:bc:06:04:18:7f:76:df:02:
5b:7a:14:2d:06:a0:43:c2:48:05:c5:82:1e:e4:56:
b6:9c:bc:8f:89:ef:d4:8c:ad:6c:1e:1d:13:27:3a:
4a:9c:bc:d2:95:91:84:02:46:bf:1c:df:c2:e8:50:
ad:da:00:62:79:0e:fe:7d:76:34:43:f9:26:9b:54:
a8:69:9b:69:e2:2a:3e:6c:14:3c:ea:bc:e8:c4:5d:
c2:04:74:ea:d5:85:f7:d9:db:26:b7:0a:de:e6:e4:
b3:aa:48:48:c4:ef:fc:00:d1:33:d8:8b:82:41:71:
e5:43:c3:ce:8b:79:fe:7c:51:a0:31:8d:99:d0:88:
86:b1:e7:5a:77:ab:4d:6d:90:dd:a8:e2:ec:ff:3f:
82:73:e8:6f:de:6c:19:59:38:ef:3d:c6:09:8a:06:
bb:fb:07:50:d9:0e:b6:13:98:c8:ba:52:3a:db:ed:
2b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:BA:20:25:54:0F:0E:E2:C6:3C:95:98:7E:4D:AB:B9:9C:F4:BA:26
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/nrogJVQPDuLGPJWYfk2ruZz0uiY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:eb:ae:6e:a9:0a:3a:02:93:d1:a1:02:96:7c:35:1b:22:27:
55:d5:61:50:11:31:22:c1:34:fe:db:ee:91:3e:7d:99:bb:1c:
28:ec:68:e1:f1:c0:9f:7f:ba:ba:a4:41:d0:a8:cd:36:a4:e5:
e7:43:d4:70:47:64:ed:9d:e3:90:d0:29:70:8c:69:8f:56:31:
29:c0:e6:86:78:3d:da:d5:3b:c1:d4:ae:68:ba:4b:fe:69:16:
84:cd:c9:25:f2:7c:c6:8c:4e:b5:50:10:dc:a4:31:44:36:70:
07:8d:b8:a3:46:35:70:51:08:af:3b:81:a8:b7:68:41:05:cd:
65:78:09:dc:00:ab:04:e0:4f:60:80:5c:04:c7:77:0a:a9:22:
64:47:41:0f:d1:93:71:03:f1:da:96:8f:b5:cc:a5:9e:f7:9c:
08:98:2e:30:e5:84:51:3e:3f:fa:7b:e4:53:e6:f6:e3:78:19:
b6:4a:8c:4f:f8:c0:f4:4a:57:7f:4b:a5:b0:4a:4a:2e:da:f9:
d2:eb:8e:9e:1f:bd:4d:50:5d:9a:a9:f4:f6:54:4d:91:6e:aa:
3c:dd:15:67:bd:82:d1:04:99:bf:c3:37:a2:07:33:5f:6b:d8:
ad:d4:2a:0a:34:11:32:c7:9f:d4:00:c4:8e:30:c3:18:c7:67:
26:83:13:8d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCRIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTkw
NDA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDlFQkEyMDI1NTQwRjBF
RTJDNjNDOTU5ODdFNERBQkI5OUNGNEJBMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCMptc1kujZLiwpPr8rNHVpek+Br9heJuWk7GFkq9swAF7qDoC
K4XW3yEy2gaAz2RJjoD/YLFFlh1C6gd9cspMfUQ0dBucAif1BeqUUR8s0mG8BgQY
f3bfAlt6FC0GoEPCSAXFgh7kVracvI+J79SMrWweHRMnOkqcvNKVkYQCRr8c38Lo
UK3aAGJ5Dv59djRD+SabVKhpm2niKj5sFDzqvOjEXcIEdOrVhffZ2ya3Ct7m5LOq
SEjE7/wA0TPYi4JBceVDw86Lef58UaAxjZnQiIax51p3q01tkN2o4uz/P4Jz6G/e
bBlZOO89xgmKBrv7B1DZDrYTmMi6Ujrb7SuzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUnrogJVQPDuLGPJWYfk2ruZz0uiYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ucm9nSlZRUER1TEdQSldZ
ZmsycnVaejB1aVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADnrrm6pCjoCk9GhApZ8NRsiJ1XVYVARMSLB
NP7b7pE+fZm7HCjsaOHxwJ9/urqkQdCozTak5edD1HBHZO2d45DQKXCMaY9WMSnA
5oZ4PdrVO8HUrmi6S/5pFoTNySXyfMaMTrVQENykMUQ2cAeNuKNGNXBRCK87gai3
aEEFzWV4CdwAqwTgT2CAXATHdwqpImRHQQ/Rk3ED8dqWj7XMpZ73nAiYLjDlhFE+
P/p75FPm9uN4GbZKjE/4wPRKV39LpbBKSi7a+dLrjp4fvU1QXZqp9PZUTZFuqjzd
FWe9gtEEmb/DN6IHM19r2K3UKgo0ETLHn9QAxI4wwxjHZyaDE40=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:19:43 2025 by rpki-client