Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/o4jqC8G8cj1Bs_L3egjADaeTMO0.roa
File: o4jqC8G8cj1Bs_L3egjADaeTMO0.roa (raw, json)
Hash identifier: 8LHoi6XTQF6YnoYHONwlKWq7I7blnQRirYdnEG8WXaA=
Subject key identifier: A3:88:EA:0B:C1:BC:72:3D:41:B3:F2:F7:7A:08:C0:0D:A7:93:30:ED
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0BBE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/o4jqC8G8cj1Bs_L3egjADaeTMO0.roa
Signing time: Thu 22 May 2025 17:38:24 +0000
ROA not before: Thu 22 May 2025 17:38:24 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3006 (0xbbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 22 17:38:24 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A388EA0BC1BC723D41B3F2F77A08C00DA79330ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1b:a3:8a:f8:a4:96:b9:4a:c1:50:c9:58:1f:
5a:85:d0:9b:b0:88:cb:6b:50:51:12:17:cb:f9:11:
77:05:28:17:90:17:51:8d:3b:ea:9d:74:98:2e:45:
e8:98:ae:0d:4f:6c:b5:46:4a:4f:c1:0c:f4:6c:d6:
42:92:17:e4:1f:87:c7:f7:67:85:cf:7f:86:28:c1:
c6:38:2a:46:15:3f:3b:31:85:5d:da:db:07:8c:89:
85:81:c4:da:ab:54:2d:ea:73:10:60:15:24:ab:07:
79:ff:8a:0d:f9:2b:b1:66:99:0b:8c:76:6e:d0:6a:
73:80:86:0b:74:6d:a1:ca:4b:77:f2:dc:90:dc:d6:
19:33:0c:fb:5c:29:71:58:9e:df:30:92:03:05:06:
34:81:ee:ea:ac:20:35:d3:e8:f3:88:29:01:26:fb:
54:c4:d0:be:a3:10:29:93:d2:94:03:b8:34:a2:f0:
af:08:26:5f:0f:1a:57:dc:32:26:83:b9:47:d2:9d:
2a:73:6a:de:4d:24:cb:6e:be:d8:03:c8:72:92:6d:
18:b7:c0:14:4f:80:55:58:c4:1c:d9:48:cb:ff:61:
26:7b:5d:d0:4e:d4:d7:b7:d8:4a:4a:41:ed:df:36:
29:14:86:7c:2e:69:62:cc:ae:a9:1e:ee:ee:46:52:
35:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:88:EA:0B:C1:BC:72:3D:41:B3:F2:F7:7A:08:C0:0D:A7:93:30:ED
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/o4jqC8G8cj1Bs_L3egjADaeTMO0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:1f:f2:f5:f1:0f:39:e0:5a:3e:83:46:21:18:9d:c3:d2:32:
a1:58:36:bc:80:90:b7:6f:0e:c5:6d:7b:e6:13:7b:12:9c:a8:
bb:e7:46:ac:fc:5b:4f:31:67:3c:22:4f:88:e7:57:a7:43:c9:
05:d0:a2:e5:3c:fa:34:a9:97:fe:53:f7:11:67:e1:42:12:72:
7f:40:04:7c:2e:f4:90:f8:a1:ba:f9:cc:fd:2c:bf:c4:5a:43:
9f:3d:8d:6c:c9:60:48:b5:63:06:45:57:d5:61:79:35:e5:76:
66:b5:74:5a:b9:41:c6:43:83:7f:23:b3:55:b7:f2:f7:53:f4:
e8:bd:b5:6b:9e:43:2a:6f:3f:b0:ab:86:58:9f:10:2c:26:68:
dc:b3:46:08:bb:bb:7c:11:87:fc:3d:9f:27:20:31:d2:74:c5:
01:2e:a8:9a:f1:97:a6:e8:bf:aa:e8:05:76:9c:99:87:84:2f:
af:73:8f:39:9c:51:dc:19:2b:46:fe:2b:6a:f9:83:aa:e8:c5:
a9:cb:01:a2:26:8f:4c:dd:a4:c1:7f:6f:f2:86:50:17:f2:49:
ff:bd:2a:3a:bc:11:37:b2:22:4a:8b:7a:72:04:38:6b:f7:c4:
ec:1f:33:2a:73:49:a2:fa:62:f1:59:0e:73:2b:99:de:d2:a1:
9e:b3:24:65
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjIx
NzM4MjRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEEzODhFQTBCQzFCQzcy
M0Q0MUIzRjJGNzdBMDhDMDBEQTc5MzMwRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuG6OK+KSWuUrBUMlYH1qF0JuwiMtrUFESF8v5EXcFKBeQF1GN
O+qddJguReiYrg1PbLVGSk/BDPRs1kKSF+Qfh8f3Z4XPf4YowcY4KkYVPzsxhV3a
2weMiYWBxNqrVC3qcxBgFSSrB3n/ig35K7FmmQuMdm7QanOAhgt0baHKS3fy3JDc
1hkzDPtcKXFYnt8wkgMFBjSB7uqsIDXT6POIKQEm+1TE0L6jECmT0pQDuDSi8K8I
Jl8PGlfcMiaDuUfSnSpzat5NJMtuvtgDyHKSbRi3wBRPgFVYxBzZSMv/YSZ7XdBO
1Ne32EpKQe3fNikUhnwuaWLMrqke7u5GUjXzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUo4jqC8G8cj1Bs/L3egjADaeTMO0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vNGpxQzhHOGNqMUJzX0wz
ZWdqQURhZVRNTzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEIf8vXxDzngWj6DRiEYncPSMqFYNryAkLdv
DsVte+YTexKcqLvnRqz8W08xZzwiT4jnV6dDyQXQouU8+jSpl/5T9xFn4UIScn9A
BHwu9JD4obr5zP0sv8RaQ589jWzJYEi1YwZFV9VheTXldma1dFq5QcZDg38js1W3
8vdT9Oi9tWueQypvP7CrhlifECwmaNyzRgi7u3wRh/w9nycgMdJ0xQEuqJrxl6bo
v6roBXacmYeEL69zjzmcUdwZK0b+K2r5g6roxanLAaImj0zdpMF/b/KGUBfySf+9
Kjq8ETeyIkqLenIEOGv3xOwfMypzSaL6YvFZDnMrmd7SoZ6zJGU=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:07:44 2025 by rpki-client