Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/oYkPBmyao_it182OSNQv4HjOW18.roa
File: oYkPBmyao_it182OSNQv4HjOW18.roa (raw, json)
Hash identifier: Z21ZXvGuFVV9CGCg4sWYF/UdkYv+OlXmo4R/Uen9vuI=
Subject key identifier: A1:89:0F:06:6C:9A:A3:F8:AD:D7:CD:8E:48:D4:2F:E0:78:CE:5B:5F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 09B2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oYkPBmyao_it182OSNQv4HjOW18.roa
Signing time: Tue 20 May 2025 00:08:13 +0000
ROA not before: Tue 20 May 2025 00:08:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2482 (0x9b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 00:08:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A1890F066C9AA3F8ADD7CD8E48D42FE078CE5B5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f7:81:bf:c0:70:ba:6f:89:fe:07:67:30:95:
37:0e:03:84:d1:3c:4d:b3:e5:de:c9:80:73:57:86:
3b:ef:a2:1a:77:08:58:ea:12:d9:da:03:96:d5:e6:
63:7e:8f:6e:4b:11:1c:3c:aa:cc:6a:45:98:02:6e:
a9:46:51:fb:34:e3:71:ad:65:d4:b8:ce:b8:88:8b:
77:cd:67:d1:32:6a:9b:b1:6b:a8:29:85:31:f0:36:
50:d3:8e:11:92:1a:a5:19:47:35:53:36:7a:f4:54:
cb:79:ff:cf:5b:0a:d0:c4:4f:ac:db:54:73:7d:dd:
8d:61:70:6e:39:2a:b2:7d:59:10:dc:cd:10:e4:75:
1b:09:fc:f7:5f:2d:65:b3:d9:b8:f2:60:3d:b9:87:
0d:d5:7d:65:09:66:da:6e:19:da:7d:70:f8:bf:99:
fb:9d:30:12:f2:49:a1:a5:88:6d:c2:8e:0d:a0:93:
77:ef:96:95:fb:9e:6a:1d:ee:48:e6:f0:3a:43:c6:
5f:72:3b:9f:2f:11:53:27:19:2a:7c:b5:58:58:85:
01:dc:0d:80:ea:6c:d4:59:53:0e:1e:bb:72:c6:45:
d1:0f:34:f0:c8:50:11:4d:2b:3e:b1:9a:26:19:9e:
3e:84:f4:0c:ce:23:74:e0:47:aa:44:60:b5:6f:62:
d7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:89:0F:06:6C:9A:A3:F8:AD:D7:CD:8E:48:D4:2F:E0:78:CE:5B:5F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/oYkPBmyao_it182OSNQv4HjOW18.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:1b:61:c6:68:14:a9:85:48:3b:89:ce:fc:4c:72:28:50:b4:
ab:0a:fd:0a:52:4b:ea:d1:ef:b1:ae:9f:9f:c2:d9:9f:18:df:
30:85:84:50:c0:63:7b:58:f3:5b:60:10:5c:d1:8a:7d:de:64:
4d:48:a8:02:1d:69:da:c1:bb:85:28:28:90:ba:02:ad:a7:06:
c8:09:d0:9d:3a:e8:8a:e8:02:fd:a3:3a:29:a5:ff:db:a6:ab:
29:2b:53:45:a8:71:c6:84:19:22:0f:b8:16:06:24:d0:11:e7:
2f:57:9e:c8:b8:1a:63:47:6b:fc:31:82:e6:e7:f0:54:2b:ec:
5a:65:98:18:a8:b7:aa:51:f2:eb:a1:cc:66:e1:5c:c9:e1:80:
3d:dc:e2:c9:69:d9:31:b4:6b:b9:4e:92:d6:a4:ef:40:95:fa:
c1:cf:e9:3f:38:0d:de:43:64:4e:b7:82:a6:49:f6:86:e3:13:
33:5f:38:ed:a6:00:b9:75:97:cb:90:09:e6:14:90:5a:c5:da:
75:d3:e9:c4:fa:fe:91:9e:82:35:04:cc:7c:7a:38:22:cf:5d:
9e:89:97:af:f4:c3:07:e3:31:90:38:f8:f7:ea:c3:c7:ef:64:
07:ca:fc:b4:f1:3f:db:7a:21:d3:9f:09:36:2a:57:1a:5d:d8:
f7:3b:51:bc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAw
MDA4MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEExODkwRjA2NkM5QUEz
RjhBREQ3Q0Q4RTQ4RDQyRkUwNzhDRTVCNUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA94G/wHC6b4n+B2cwlTcOA4TRPE2z5d7JgHNXhjvvohp3CFjq
EtnaA5bV5mN+j25LERw8qsxqRZgCbqlGUfs043GtZdS4zriIi3fNZ9Eyapuxa6gp
hTHwNlDTjhGSGqUZRzVTNnr0VMt5/89bCtDET6zbVHN93Y1hcG45KrJ9WRDczRDk
dRsJ/PdfLWWz2bjyYD25hw3VfWUJZtpuGdp9cPi/mfudMBLySaGliG3Cjg2gk3fv
lpX7nmod7kjm8DpDxl9yO58vEVMnGSp8tVhYhQHcDYDqbNRZUw4eu3LGRdEPNPDI
UBFNKz6xmiYZnj6E9AzOI3TgR6pEYLVvYtcZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoYkPBmyao/it182OSNQv4HjOW18wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9vWWtQQm15YW9faXQxODJP
U05RdjRIak9XMTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIwbYcZoFKmFSDuJzvxMcihQtKsK/QpSS+rR
77Gun5/C2Z8Y3zCFhFDAY3tY81tgEFzRin3eZE1IqAIdadrBu4UoKJC6Aq2nBsgJ
0J066IroAv2jOiml/9umqykrU0WoccaEGSIPuBYGJNAR5y9Xnsi4GmNHa/wxgubn
8FQr7FplmBiot6pR8uuhzGbhXMnhgD3c4slp2TG0a7lOktak70CV+sHP6T84Dd5D
ZE63gqZJ9objEzNfOO2mALl1l8uQCeYUkFrF2nXT6cT6/pGegjUEzHx6OCLPXZ6J
l6/0wwfjMZA4+Pfqw8fvZAfK/LTxP9t6IdOfCTYqVxpd2Pc7Ubw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:04:02 2025 by rpki-client