Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/uiE5UzjTE0muMom3vWC5yQCqOQ0.roa
File: uiE5UzjTE0muMom3vWC5yQCqOQ0.roa (raw, json)
Hash identifier: DPOHMffNcvbCaxOMykW5uLJAP1LBYYawDk7eWDiK07Q=
Subject key identifier: BA:21:39:53:38:D3:13:49:AE:32:89:B7:BD:60:B9:C9:00:AA:39:0D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0872
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uiE5UzjTE0muMom3vWC5yQCqOQ0.roa
Signing time: Sun 18 May 2025 08:08:36 +0000
ROA not before: Sun 18 May 2025 08:08:36 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2162 (0x872)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 08:08:36 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BA21395338D31349AE3289B7BD60B9C900AA390D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f8:6d:a5:55:fc:c1:a9:5c:7f:79:af:80:04:
78:4f:e4:17:d3:c4:39:e6:92:06:b8:51:db:ff:28:
d9:a7:9b:81:7a:2a:1c:89:02:a6:0f:b5:91:29:40:
72:24:6a:1e:43:b2:93:68:9a:7b:8a:ac:7c:ef:97:
70:fa:ed:19:cc:de:42:da:ca:08:04:53:93:85:85:
bc:33:b0:24:f2:2b:8b:f0:e2:59:48:03:df:fd:f0:
a0:f0:19:12:d8:c7:02:b8:50:2a:0f:fc:ab:ac:a9:
b5:31:b2:7b:0b:d9:fb:26:4c:f9:c5:ff:fd:65:53:
c5:ce:e3:29:75:8d:9a:1a:9e:8b:cc:94:53:80:0e:
10:01:ea:93:87:a5:35:4a:f0:2c:a7:df:8c:2c:65:
45:ed:e1:b0:05:ea:32:4f:f4:75:94:d9:62:21:48:
40:12:aa:0b:6c:c9:9d:82:01:85:8b:a2:f2:f8:e4:
d1:ca:01:16:da:c5:17:15:92:68:b0:be:57:63:78:
a6:84:f4:25:b0:e9:38:b2:e3:1a:8d:75:4b:04:c9:
9d:16:35:e7:82:da:c6:5b:85:fd:37:5a:1c:48:8a:
15:d1:46:e6:fc:6b:90:91:a5:8b:84:f5:8c:92:6d:
e3:8a:42:ac:ef:a9:0b:4e:3f:59:fb:91:d1:6e:2c:
c9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:21:39:53:38:D3:13:49:AE:32:89:B7:BD:60:B9:C9:00:AA:39:0D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/uiE5UzjTE0muMom3vWC5yQCqOQ0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9a:70:98:0b:0e:e9:5a:d3:01:bd:f1:84:38:66:38:3f:bd:c6:
da:c7:ea:f7:68:7a:71:55:e0:3a:2e:f1:22:1e:df:e0:ad:b7:
f9:89:53:00:35:53:0c:c9:0b:81:12:9a:c7:f5:30:34:d0:98:
f9:bf:df:b7:01:62:fb:5e:49:89:cc:56:d1:6a:4a:28:12:00:
4f:24:1e:9c:ea:c5:f7:56:ef:6b:a7:e4:24:86:d3:2e:7f:3c:
a4:21:fc:c8:95:e6:5b:63:f7:9a:38:83:45:07:0d:b8:9a:cd:
56:8e:ca:72:d2:78:70:ce:f4:62:58:b9:45:9b:e3:ba:ec:31:
49:73:b3:61:29:4b:df:36:1c:2b:95:8b:a6:2e:0a:df:b9:b7:
19:c8:9a:0b:be:cd:31:8c:ea:a5:3d:6a:eb:15:e7:31:cf:ce:
12:c2:31:43:68:66:c4:75:75:72:50:76:50:f7:44:d1:e5:f1:
60:97:6e:1d:2e:d8:2d:27:94:42:dd:4a:c4:f4:6e:01:a4:83:
28:14:dc:0c:4a:1e:ff:19:7c:02:e2:85:15:2e:08:18:7b:9d:
2f:bd:1c:b2:7e:a8:2e:d0:b5:51:63:fd:72:ec:17:f7:be:3b:
e7:e8:a3:b9:25:1c:96:ab:9d:19:0e:17:81:42:e8:c1:d5:49:
df:38:66:4c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
ODA4MzZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJBMjEzOTUzMzhEMzEz
NDlBRTMyODlCN0JENjBCOUM5MDBBQTM5MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv+G2lVfzBqVx/ea+ABHhP5BfTxDnmkga4Udv/KNmnm4F6KhyJ
AqYPtZEpQHIkah5DspNomnuKrHzvl3D67RnM3kLayggEU5OFhbwzsCTyK4vw4llI
A9/98KDwGRLYxwK4UCoP/KusqbUxsnsL2fsmTPnF//1lU8XO4yl1jZoanovMlFOA
DhAB6pOHpTVK8Cyn34wsZUXt4bAF6jJP9HWU2WIhSEASqgtsyZ2CAYWLovL45NHK
ARbaxRcVkmiwvldjeKaE9CWw6Tiy4xqNdUsEyZ0WNeeC2sZbhf03WhxIihXRRub8
a5CRpYuE9YySbeOKQqzvqQtOP1n7kdFuLMk/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUuiE5UzjTE0muMom3vWC5yQCqOQ0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91aUU1VXpqVEUwbXVNb20z
dldDNXlRQ3FPUTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJpwmAsO6VrTAb3xhDhmOD+9xtrH6vdoenFV
4Dou8SIe3+Ctt/mJUwA1UwzJC4ESmsf1MDTQmPm/37cBYvteSYnMVtFqSigSAE8k
HpzqxfdW72un5CSG0y5/PKQh/MiV5ltj95o4g0UHDbiazVaOynLSeHDO9GJYuUWb
47rsMUlzs2EpS982HCuVi6YuCt+5txnImgu+zTGM6qU9ausV5zHPzhLCMUNoZsR1
dXJQdlD3RNHl8WCXbh0u2C0nlELdSsT0bgGkgygU3AxKHv8ZfALihRUuCBh7nS+9
HLJ+qC7QtVFj/XLsF/e+O+foo7klHJarnRkOF4FC6MHVSd84Zkw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:46:37 2025 by rpki-client