Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/p_0ihq9IXKtBQk9nodMHqdO17To.roa
File: p_0ihq9IXKtBQk9nodMHqdO17To.roa (raw, json)
Hash identifier: rnbCLLgHNvDz0PH74hS+oi52OvxzlNVsGS5ZgjS7eq8=
Subject key identifier: A7:FD:22:86:AF:48:5C:AB:41:42:4F:67:A1:D3:07:A9:D3:B5:ED:3A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E4E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/p_0ihq9IXKtBQk9nodMHqdO17To.roa
Signing time: Mon 26 May 2025 03:38:39 +0000
ROA not before: Mon 26 May 2025 03:38:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3662 (0xe4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 03:38:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A7FD2286AF485CAB41424F67A1D307A9D3B5ED3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:50:d3:20:b8:74:fb:28:43:f5:af:01:15:c9:
94:67:5e:0f:0b:b1:4b:9e:c7:7d:77:de:62:df:33:
fa:c8:1c:5b:11:9c:42:9d:3b:f0:2b:45:8d:19:2d:
de:27:c2:a7:c5:aa:f2:5f:b1:e0:80:a9:e9:b2:b4:
d9:9a:f6:df:f3:6f:06:b5:03:42:88:b8:d3:96:32:
96:95:f5:4b:39:c4:a1:87:e9:ea:2b:6a:b2:e1:e9:
52:2f:5e:67:0f:80:3b:d4:37:be:e7:b8:c5:0a:f5:
7c:b9:cc:c6:09:e9:48:e0:88:be:0a:07:48:3b:74:
18:55:a9:fb:b6:52:a3:43:2a:17:03:93:11:99:3d:
3f:35:14:40:a6:85:2c:17:1c:f6:62:8b:46:57:97:
99:4a:24:60:d6:87:b0:08:59:15:39:42:d5:06:10:
77:98:65:c7:24:b2:8e:d7:3b:2c:0e:f1:49:fb:2e:
15:03:c2:d2:31:1f:0d:c3:f3:52:5f:8c:d1:fe:9e:
d5:ef:91:2f:dd:80:34:9a:85:fe:be:dd:83:3e:40:
3a:73:41:7c:7c:e8:94:d9:56:8d:cf:a3:a2:4a:db:
9b:56:51:79:12:07:e2:23:4d:da:eb:34:7f:6d:69:
db:23:d8:2d:99:3b:b6:7b:fd:ff:7a:be:5c:3d:27:
63:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:FD:22:86:AF:48:5C:AB:41:42:4F:67:A1:D3:07:A9:D3:B5:ED:3A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/p_0ihq9IXKtBQk9nodMHqdO17To.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:86:b3:93:ee:72:9d:46:4c:52:15:e8:df:80:a2:83:70:ba:
0d:b9:32:7a:86:63:32:a0:d1:f7:0a:65:5a:ab:a9:42:0b:8e:
9d:05:80:37:75:e5:77:c7:7d:f3:af:28:18:42:93:1f:5e:fd:
bb:59:ad:5f:a6:0f:02:70:0b:3b:26:64:f5:37:ab:a1:2a:a0:
f2:df:00:11:e5:7f:1e:44:08:28:e6:83:a1:90:af:01:c0:6a:
25:dd:c9:2c:3f:73:ab:0c:bb:3b:a8:5c:53:69:3a:80:a8:6b:
f8:e7:55:8f:54:6c:19:d0:14:f0:f5:0e:ce:08:4f:7e:a3:98:
8e:0c:45:22:ce:66:95:fa:2c:83:b4:6a:7a:85:55:4b:12:51:
27:dd:92:2c:a4:64:60:0e:9b:37:e6:a4:4c:99:79:08:57:40:
fc:f2:ed:5c:27:cb:4e:ac:bd:e7:e3:8f:0d:66:b2:f7:2d:14:
36:b7:81:7b:c3:ce:66:12:db:67:10:b9:ca:88:1e:af:6b:20:
43:df:af:d1:04:89:de:16:b7:a3:26:f1:86:89:0b:09:a1:05:
09:1b:3f:46:bd:24:98:47:06:25:58:4d:40:7b:28:84:94:c7:
59:3e:99:7b:00:e5:5e:f5:f0:d2:d8:3c:08:ff:51:8f:66:7a:
10:8b:52:60
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDk4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
MzM4MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE3RkQyMjg2QUY0ODVD
QUI0MTQyNEY2N0ExRDMwN0E5RDNCNUVEM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqUNMguHT7KEP1rwEVyZRnXg8LsUuex3133mLfM/rIHFsRnEKd
O/ArRY0ZLd4nwqfFqvJfseCAqemytNma9t/zbwa1A0KIuNOWMpaV9Us5xKGH6eor
arLh6VIvXmcPgDvUN77nuMUK9Xy5zMYJ6UjgiL4KB0g7dBhVqfu2UqNDKhcDkxGZ
PT81FECmhSwXHPZii0ZXl5lKJGDWh7AIWRU5QtUGEHeYZcckso7XOywO8Un7LhUD
wtIxHw3D81JfjNH+ntXvkS/dgDSahf6+3YM+QDpzQXx86JTZVo3Po6JK25tWUXkS
B+IjTdrrNH9tadsj2C2ZO7Z7/f96vlw9J2NnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUp/0ihq9IXKtBQk9nodMHqdO17TowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9wXzBpaHE5SVhLdEJRazlu
b2RNSHFkTzE3VG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJqGs5Pucp1GTFIV6N+AooNwug25MnqGYzKg
0fcKZVqrqUILjp0FgDd15XfHffOvKBhCkx9e/btZrV+mDwJwCzsmZPU3q6EqoPLf
ABHlfx5ECCjmg6GQrwHAaiXdySw/c6sMuzuoXFNpOoCoa/jnVY9UbBnQFPD1Ds4I
T36jmI4MRSLOZpX6LIO0anqFVUsSUSfdkiykZGAOmzfmpEyZeQhXQPzy7Vwny06s
vefjjw1msvctFDa3gXvDzmYS22cQucqIHq9rIEPfr9EEid4Wt6Mm8YaJCwmhBQkb
P0a9JJhHBiVYTUB7KISUx1k+mXsA5V718NLYPAj/UY9mehCLUmA=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:00:39 2025 by rpki-client