Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qErBJeOGsmtN27JPaS_3Jv6WdY8.roa
File: qErBJeOGsmtN27JPaS_3Jv6WdY8.roa (raw, json)
Hash identifier: cHVC9Ru3/vL4wSwZAZxre2Im0dd9HGI5FI988SSCdnU=
Subject key identifier: A8:4A:C1:25:E3:86:B2:6B:4D:DB:B2:4F:69:2F:F7:26:FE:96:75:8F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C16
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qErBJeOGsmtN27JPaS_3Jv6WdY8.roa
Signing time: Fri 23 May 2025 04:38:26 +0000
ROA not before: Fri 23 May 2025 04:38:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3094 (0xc16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 04:38:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A84AC125E386B26B4DDBB24F692FF726FE96758F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:99:e9:8e:8b:25:05:be:05:81:e8:fc:0d:24:
c4:52:39:ee:51:c1:82:c0:ed:85:64:d4:9b:66:3d:
c0:8d:66:f7:5d:b0:87:5a:9d:53:54:11:4e:81:62:
ff:4a:11:ac:64:4c:4e:50:6e:37:cc:f5:b2:f0:4a:
5c:67:07:ee:6d:bc:c5:72:6c:25:85:66:9f:ed:50:
7c:d9:0b:b7:39:aa:09:11:56:5c:c5:09:b8:9d:09:
c6:f9:dc:8f:d2:d5:c5:47:78:be:74:50:34:d1:d8:
0e:28:2d:47:cd:73:25:bf:f8:73:38:1a:8b:10:75:
ab:e3:2e:bb:b8:65:5c:b3:d7:7c:a8:bc:33:f2:32:
52:2b:0f:1d:5b:36:15:39:8e:53:6a:78:99:2e:76:
6e:f6:59:07:dd:af:d3:ff:62:5a:99:93:48:fe:ca:
84:af:2b:ea:39:87:0a:93:f0:6d:ec:d1:bf:50:1e:
d5:57:f7:fe:d1:06:64:d8:19:36:de:37:e9:a9:08:
ab:d2:bb:3f:1a:89:8e:25:bd:a2:bf:b5:01:a3:75:
97:07:dd:be:e6:80:53:b5:b9:e5:be:0b:8f:8f:1a:
04:0c:fa:bb:1c:79:0f:8a:71:c3:c6:54:c3:96:c9:
a0:5b:a2:ba:82:e4:b2:da:6a:2f:38:e1:9a:d7:69:
78:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4A:C1:25:E3:86:B2:6B:4D:DB:B2:4F:69:2F:F7:26:FE:96:75:8F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qErBJeOGsmtN27JPaS_3Jv6WdY8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
03:0d:6e:26:3c:1a:93:08:64:c8:f6:12:60:41:12:5d:35:89:
38:a5:51:42:75:56:25:a5:ed:5f:b0:f4:4a:36:44:51:46:db:
17:e4:14:ac:27:8d:7b:b2:60:ee:d2:db:93:08:dc:e2:03:58:
9e:df:1d:be:60:cc:75:a3:0a:e4:dd:2f:d5:4d:48:88:ee:6f:
67:31:a6:42:cf:28:a6:ee:c5:a8:f3:b0:ea:67:eb:6b:ea:cb:
9d:95:f4:1f:1b:c5:4e:02:4d:3b:05:bb:5f:1b:58:d1:e8:0f:
bb:ad:1f:3f:02:fe:41:ee:72:89:d7:81:57:2f:7c:fd:33:13:
d7:c3:04:a9:8c:8d:01:c3:3b:ac:c2:e6:17:e8:2f:84:9c:99:
ec:f6:6c:6e:56:91:ea:5e:b4:de:ce:93:86:ae:c0:dc:52:1d:
78:1f:10:cd:57:0d:25:2b:b0:85:51:04:75:5d:0b:84:c6:76:
00:2d:de:16:bc:33:0a:72:91:05:c3:58:58:90:71:e1:cc:e4:
26:75:1e:9e:02:b6:bc:2c:3b:83:b7:9d:99:42:2d:ab:e4:99:
77:58:ba:8f:da:3d:f0:23:7f:e5:7d:86:57:18:92:e1:9d:91:
60:90:60:e3:fd:d0:02:96:8c:62:f8:7d:b9:d9:1d:76:5e:f1:
9a:f8:b1:6c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMw
NDM4MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE4NEFDMTI1RTM4NkIy
NkI0RERCQjI0RjY5MkZGNzI2RkU5Njc1OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcmemOiyUFvgWB6PwNJMRSOe5RwYLA7YVk1JtmPcCNZvddsIda
nVNUEU6BYv9KEaxkTE5QbjfM9bLwSlxnB+5tvMVybCWFZp/tUHzZC7c5qgkRVlzF
CbidCcb53I/S1cVHeL50UDTR2A4oLUfNcyW/+HM4GosQdavjLru4ZVyz13yovDPy
MlIrDx1bNhU5jlNqeJkudm72WQfdr9P/YlqZk0j+yoSvK+o5hwqT8G3s0b9QHtVX
9/7RBmTYGTbeN+mpCKvSuz8aiY4lvaK/tQGjdZcH3b7mgFO1ueW+C4+PGgQM+rsc
eQ+KccPGVMOWyaBborqC5LLaai844ZrXaXhnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqErBJeOGsmtN27JPaS/3Jv6WdY8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xRXJCSmVPR3NtdE4yN0pQ
YVNfM0p2NldkWTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAMNbiY8GpMIZMj2EmBBEl01iTilUUJ1ViWl
7V+w9Eo2RFFG2xfkFKwnjXuyYO7S25MI3OIDWJ7fHb5gzHWjCuTdL9VNSIjub2cx
pkLPKKbuxajzsOpn62vqy52V9B8bxU4CTTsFu18bWNHoD7utHz8C/kHuconXgVcv
fP0zE9fDBKmMjQHDO6zC5hfoL4Scmez2bG5WkepetN7Ok4auwNxSHXgfEM1XDSUr
sIVRBHVdC4TGdgAt3ha8MwpykQXDWFiQceHM5CZ1Hp4CtrwsO4O3nZlCLavkmXdY
uo/aPfAjf+V9hlcYkuGdkWCQYOP90AKWjGL4fbnZHXZe8Zr4sWw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:01:49 2025 by rpki-client