Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/tOcYjRyKx_NvCjbqj4GaxzimBlg.roa
File: tOcYjRyKx_NvCjbqj4GaxzimBlg.roa (raw, json)
Hash identifier: mUpE5m5N2d0LfoA/+P3GjKKS3fvnWdPXAIo2trS/4E8=
Subject key identifier: B4:E7:18:8D:1C:8A:C7:F3:6F:0A:36:EA:8F:81:9A:C7:38:A6:06:58
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0396
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tOcYjRyKx_NvCjbqj4GaxzimBlg.roa
Signing time: Sun 11 May 2025 20:37:54 +0000
ROA not before: Sun 11 May 2025 20:37:54 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 918 (0x396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 20:37:54 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B4E7188D1C8AC7F36F0A36EA8F819AC738A60658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7a:46:fb:07:97:f5:92:fe:6b:bc:e9:65:86:
fd:2e:bf:2a:93:18:ea:39:01:a9:3f:0b:33:fe:10:
b5:44:1f:1c:dc:fe:d9:cd:87:d9:7e:34:55:3f:1b:
8f:90:10:41:4b:39:90:fb:52:5c:90:18:e3:61:a6:
3a:86:a0:97:8a:e7:c3:4f:b3:5e:da:06:37:b7:63:
58:34:66:ce:3d:6b:e0:96:6b:e5:25:a6:8c:58:e9:
af:09:d1:78:c2:12:0c:7f:c0:d1:22:0d:be:ff:8d:
91:9e:b3:4d:33:eb:04:11:b9:ca:b4:c8:43:79:88:
c8:8a:4b:93:d2:e8:71:06:59:8a:05:f0:1c:f7:4c:
f1:58:c0:b8:4a:55:54:e0:0b:6a:5b:ab:78:fa:e5:
70:0f:6f:47:d8:81:ea:b2:54:76:60:e1:2e:5a:05:
43:cd:e7:62:33:d1:b5:0d:89:61:6e:38:19:ea:e5:
84:6a:db:9d:5e:02:f3:6e:4f:85:49:a5:f1:77:00:
d3:a7:67:1d:59:e8:4e:c2:2a:07:1b:4f:3d:23:fc:
1f:86:52:40:98:87:4e:e0:e2:08:c9:9c:f6:66:88:
b6:0f:a4:1a:d5:0c:e9:ae:4e:0f:11:fa:ee:9a:15:
0d:af:77:60:b5:c3:2d:01:0e:5f:ec:e6:ab:34:89:
ae:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E7:18:8D:1C:8A:C7:F3:6F:0A:36:EA:8F:81:9A:C7:38:A6:06:58
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/tOcYjRyKx_NvCjbqj4GaxzimBlg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:be:7b:84:2e:f1:9a:5e:c6:4d:11:9b:0c:99:08:01:87:47:
83:de:1e:ba:c9:86:da:c9:b0:72:06:fa:d5:91:44:17:63:3a:
16:d6:2a:21:61:a2:1b:83:cb:b1:54:e2:0b:36:80:d5:ff:e3:
5a:a2:e2:ee:81:fb:ef:bb:31:53:24:2b:23:84:24:6f:3b:87:
d8:7d:ca:67:81:c5:21:7c:28:54:9c:b4:6c:72:a5:25:de:33:
05:26:32:4d:22:25:99:22:f5:17:d0:21:ed:c7:92:33:9f:14:
e8:76:a5:05:96:46:af:ad:cd:4d:10:e0:31:a0:93:e6:4d:89:
c7:1c:e7:6d:8a:2e:a5:29:3f:ee:f7:90:13:f1:59:cc:a6:78:
48:07:d1:ce:d1:48:26:d8:89:8b:9a:ad:9f:65:5f:70:94:5f:
ef:5e:5e:bb:9b:44:b9:ab:51:e2:88:f8:b2:11:fb:b5:3a:b1:
30:e1:ba:d7:6e:b4:00:39:81:bd:0a:d3:b7:8e:d7:3f:60:fd:
32:69:c5:29:43:4f:d7:3a:0b:b6:8b:b9:db:67:1a:21:9e:4f:
bf:66:89:f6:94:fd:56:08:c7:9a:84:2b:9c:64:29:7f:b5:eb:
fd:b0:e1:68:02:e7:dc:c6:a8:63:da:06:63:98:5d:26:ae:aa:
bd:39:f2:3f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEy
MDM3NTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEI0RTcxODhEMUM4QUM3
RjM2RjBBMzZFQThGODE5QUM3MzhBNjA2NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpekb7B5f1kv5rvOllhv0uvyqTGOo5Aak/CzP+ELVEHxzc/tnN
h9l+NFU/G4+QEEFLOZD7UlyQGONhpjqGoJeK58NPs17aBje3Y1g0Zs49a+CWa+Ul
poxY6a8J0XjCEgx/wNEiDb7/jZGes00z6wQRucq0yEN5iMiKS5PS6HEGWYoF8Bz3
TPFYwLhKVVTgC2pbq3j65XAPb0fYgeqyVHZg4S5aBUPN52Iz0bUNiWFuOBnq5YRq
251eAvNuT4VJpfF3ANOnZx1Z6E7CKgcbTz0j/B+GUkCYh07g4gjJnPZmiLYPpBrV
DOmuTg8R+u6aFQ2vd2C1wy0BDl/s5qs0ia7hAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUtOcYjRyKx/NvCjbqj4GaxzimBlgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni90T2NZalJ5S3hfTnZDamJx
ajRHYXh6aW1CbGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAI2+e4Qu8Zpexk0RmwyZCAGHR4PeHrrJhtrJ
sHIG+tWRRBdjOhbWKiFhohuDy7FU4gs2gNX/41qi4u6B+++7MVMkKyOEJG87h9h9
ymeBxSF8KFSctGxypSXeMwUmMk0iJZki9RfQIe3HkjOfFOh2pQWWRq+tzU0Q4DGg
k+ZNiccc522KLqUpP+73kBPxWcymeEgH0c7RSCbYiYuarZ9lX3CUX+9eXrubRLmr
UeKI+LIR+7U6sTDhutdutAA5gb0K07eO1z9g/TJpxSlDT9c6C7aLudtnGiGeT79m
ifaU/VYIx5qEK5xkKX+16/2w4WgC59zGqGPaBmOYXSauqr058j8=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:18:11 2025 by rpki-client