Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qyZvX6SPbyyJ1UwnFO-VYt5MvBg.roa
File: qyZvX6SPbyyJ1UwnFO-VYt5MvBg.roa (raw, json)
Hash identifier: x6ILX/JylLhE8xAAv2cAMDJBUb13Ldj0NDFvwjoOO4s=
Subject key identifier: AB:26:6F:5F:A4:8F:6F:2C:89:D5:4C:27:14:EF:95:62:DE:4C:BC:18
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 075A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qyZvX6SPbyyJ1UwnFO-VYt5MvBg.roa
Signing time: Fri 16 May 2025 21:08:15 +0000
ROA not before: Fri 16 May 2025 21:08:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1882 (0x75a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 21:08:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AB266F5FA48F6F2C89D54C2714EF9562DE4CBC18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:be:ca:db:3d:62:f1:56:13:62:2b:0a:3f:1d:
2f:55:3b:a7:01:38:f0:e9:06:fc:e0:f4:a6:e1:12:
02:be:47:cb:62:e0:97:3a:84:0c:c1:d9:71:56:58:
d6:32:0e:48:20:d3:f4:e2:67:09:c5:3b:6f:fa:7b:
a4:46:11:5f:da:e5:89:2e:d0:1a:db:e0:6e:31:16:
59:b9:39:8f:5c:03:ad:51:10:dd:bf:f2:77:00:93:
68:8d:72:07:f8:37:7a:4e:ec:55:14:19:bb:c3:14:
d0:ac:6f:b3:ae:c5:54:d2:d0:bd:ee:c7:ff:fa:3f:
d2:f5:65:a9:0d:9e:b0:f3:84:72:6e:3b:b7:9a:ce:
9b:ad:76:a2:16:94:68:be:c1:be:7f:eb:a7:94:c7:
cc:0d:32:79:f0:8e:58:dc:6a:96:2c:e2:55:a0:4a:
af:ba:f3:ae:d4:8b:7d:30:4d:fc:74:f2:1a:06:bc:
94:5c:2b:34:96:14:bf:01:9f:1b:ab:93:3d:80:1e:
87:2c:d1:23:d0:36:ef:d2:00:b1:a7:e4:29:1d:98:
71:e4:80:11:b4:14:05:99:23:6f:b6:45:f3:2e:8c:
72:68:31:71:0a:43:4a:52:d4:6f:9f:8c:ed:de:64:
54:b4:1d:f1:b6:6f:d7:5c:0e:9a:e6:87:86:cd:61:
b6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:26:6F:5F:A4:8F:6F:2C:89:D5:4C:27:14:EF:95:62:DE:4C:BC:18
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qyZvX6SPbyyJ1UwnFO-VYt5MvBg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
21:e4:1f:cc:c3:37:2a:db:4d:67:96:20:76:c3:26:84:56:f0:
47:c0:bb:f7:71:9f:80:2d:da:b7:04:3a:e5:df:e2:82:21:4f:
6d:a5:7b:34:09:57:76:c7:5e:3e:18:2a:90:c5:28:86:4b:29:
e3:80:9c:e5:45:1d:e5:e8:14:c4:11:8a:e9:a2:86:c1:87:8c:
28:c5:0e:f8:26:99:4e:42:c0:ae:2e:46:51:3c:a2:fd:61:07:
08:01:f7:5c:aa:43:ee:45:de:a2:48:c8:5a:39:fb:44:96:4d:
3b:7d:7b:c7:b8:6b:7c:88:8b:7a:4a:50:1b:39:8b:37:51:11:
a9:a0:66:ed:a4:93:c3:51:74:27:16:ec:28:90:e6:17:b4:5e:
f1:b0:49:06:29:3f:25:f0:fb:51:20:eb:6c:a0:55:2f:63:a6:
db:f3:95:aa:1c:b4:2f:30:8d:d2:74:da:70:3f:1d:ba:26:da:
79:32:2c:da:89:17:f0:8f:05:8c:83:af:5a:7b:38:29:b2:93:
a1:bf:b9:8d:ff:91:ed:ff:83:35:98:0b:db:88:d7:c0:96:72:
a7:c0:a2:1e:14:78:2e:e3:d7:13:e7:5c:16:91:66:87:38:2b:
89:4b:76:cc:9c:64:c0:79:74:eb:5c:8b:8d:49:88:d7:e8:ef:
f1:23:91:96
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB1owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYy
MTA4MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFCMjY2RjVGQTQ4RjZG
MkM4OUQ1NEMyNzE0RUY5NTYyREU0Q0JDMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVvsrbPWLxVhNiKwo/HS9VO6cBOPDpBvzg9KbhEgK+R8ti4Jc6
hAzB2XFWWNYyDkgg0/TiZwnFO2/6e6RGEV/a5Yku0Brb4G4xFlm5OY9cA61REN2/
8ncAk2iNcgf4N3pO7FUUGbvDFNCsb7OuxVTS0L3ux//6P9L1ZakNnrDzhHJuO7ea
zputdqIWlGi+wb5/66eUx8wNMnnwjljcapYs4lWgSq+6867Ui30wTfx08hoGvJRc
KzSWFL8Bnxurkz2AHocs0SPQNu/SALGn5CkdmHHkgBG0FAWZI2+2RfMujHJoMXEK
Q0pS1G+fjO3eZFS0HfG2b9dcDprmh4bNYbb/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqyZvX6SPbyyJ1UwnFO+VYt5MvBgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xeVp2WDZTUGJ5eUoxVXdu
Rk8tVll0NU12Qmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACHkH8zDNyrbTWeWIHbDJoRW8EfAu/dxn4At
2rcEOuXf4oIhT22lezQJV3bHXj4YKpDFKIZLKeOAnOVFHeXoFMQRiumihsGHjCjF
DvgmmU5CwK4uRlE8ov1hBwgB91yqQ+5F3qJIyFo5+0SWTTt9e8e4a3yIi3pKUBs5
izdREamgZu2kk8NRdCcW7CiQ5he0XvGwSQYpPyXw+1Eg62ygVS9jptvzlaoctC8w
jdJ02nA/Hbom2nkyLNqJF/CPBYyDr1p7OCmyk6G/uY3/ke3/gzWYC9uI18CWcqfA
oh4UeC7j1xPnXBaRZoc4K4lLdsycZMB5dOtci41JiNfo7/EjkZY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:06:52 2025 by rpki-client