Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/z--BXgMqeFW7LmiTS5JgOqU-9pE.roa
File: z--BXgMqeFW7LmiTS5JgOqU-9pE.roa (raw, json)
Hash identifier: kGUhkYp5TLZkphEK5/YCA03orYpTaHKXxTpJC2RFa04=
Subject key identifier: CF:EF:81:5E:03:2A:78:55:BB:2E:68:93:4B:92:60:3A:A5:3E:F6:91
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 09EA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/z--BXgMqeFW7LmiTS5JgOqU-9pE.roa
Signing time: Tue 20 May 2025 07:08:14 +0000
ROA not before: Tue 20 May 2025 07:08:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2538 (0x9ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 07:08:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CFEF815E032A7855BB2E68934B92603AA53EF691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e3:59:49:f7:f7:ca:68:d9:c5:8b:64:96:be:
07:57:a6:1b:a2:76:d1:ab:19:69:1b:8e:9f:fb:5f:
07:37:74:85:a9:2f:f1:97:d7:02:29:48:da:7b:30:
9d:a9:02:b1:31:e6:5c:74:b8:81:9d:ee:54:ec:cf:
ad:f4:d2:52:f8:e6:03:f1:5f:d8:43:52:02:d1:74:
81:64:10:66:99:5b:b5:93:75:2a:a7:5a:a3:66:5f:
41:09:b8:a2:f0:5a:fb:e0:c7:c8:8b:a1:2e:2d:15:
29:1b:64:76:3d:ab:d7:fc:ee:3b:0a:da:5f:96:d8:
bb:69:0e:72:1c:9f:43:af:4d:b8:78:10:1d:df:64:
2a:94:d0:13:8b:e5:0b:c3:d7:fe:77:17:2a:f8:a8:
8a:fd:da:5b:6c:a5:eb:2e:8f:fe:6c:cb:d0:00:92:
a7:c6:79:25:c3:e5:ea:88:e5:da:31:2e:63:c2:17:
67:cb:ba:91:a6:13:a2:f8:a4:f2:01:29:3f:55:40:
29:d0:f8:82:55:1b:7b:a1:ee:0e:b2:4e:7e:8a:71:
79:c8:21:44:48:95:01:e3:49:98:6a:f2:da:c2:cb:
dc:23:70:3a:ba:df:ee:eb:0f:80:70:6c:bb:39:2d:
8d:2d:ff:77:46:a1:3a:ed:b4:b7:ef:6a:ca:e8:1d:
a5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:EF:81:5E:03:2A:78:55:BB:2E:68:93:4B:92:60:3A:A5:3E:F6:91
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/z--BXgMqeFW7LmiTS5JgOqU-9pE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:21:67:62:57:0a:8d:92:4c:ea:b3:09:77:b7:21:2c:ef:c8:
78:23:97:b3:09:de:fc:c0:23:a4:78:7d:79:d3:f2:28:8d:be:
e0:fe:cd:41:ae:e9:a5:4b:06:52:47:3b:b0:49:e9:3f:9d:d7:
49:36:e3:62:06:8e:b7:1d:27:79:c5:e6:6f:e2:64:10:58:34:
c0:f6:cd:fc:06:2d:c1:f5:ac:51:7e:87:95:6f:75:e4:19:08:
57:0d:e6:94:6d:4f:3c:7b:f8:fe:3e:6b:08:5e:4a:fd:9d:a8:
0f:a6:9c:f9:ef:a8:7e:d5:6e:d8:02:59:83:5c:ab:0b:06:4c:
51:53:0a:5f:2b:5a:3a:66:d3:f0:00:db:f4:44:8e:d4:f3:ee:
6d:b4:5a:6c:ac:35:eb:17:15:fb:a4:a9:bc:fd:6b:dd:ef:7b:
f2:86:07:56:02:ea:65:2a:27:6a:e1:14:2e:99:67:00:da:18:
42:f4:65:3a:09:91:91:01:97:a3:25:d5:78:34:78:24:56:f4:
55:ab:b6:b6:02:3c:09:dd:3f:fd:49:ad:10:fa:a4:26:1f:66:
7c:ba:8e:db:1e:12:f9:bd:ab:dd:93:55:bc:80:f2:e4:d7:1a:
d5:4d:88:65:a3:0c:a4:9c:6b:8c:b2:0f:13:8e:c4:6c:1a:ce:
e6:76:98:88
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCeowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAw
NzA4MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENGRUY4MTVFMDMyQTc4
NTVCQjJFNjg5MzRCOTI2MDNBQTUzRUY2OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs41lJ9/fKaNnFi2SWvgdXphuidtGrGWkbjp/7Xwc3dIWpL/GX
1wIpSNp7MJ2pArEx5lx0uIGd7lTsz6300lL45gPxX9hDUgLRdIFkEGaZW7WTdSqn
WqNmX0EJuKLwWvvgx8iLoS4tFSkbZHY9q9f87jsK2l+W2LtpDnIcn0OvTbh4EB3f
ZCqU0BOL5QvD1/53Fyr4qIr92ltspesuj/5sy9AAkqfGeSXD5eqI5doxLmPCF2fL
upGmE6L4pPIBKT9VQCnQ+IJVG3uh7g6yTn6KcXnIIURIlQHjSZhq8trCy9wjcDq6
3+7rD4BwbLs5LY0t/3dGoTrttLfvasroHaV7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUz++BXgMqeFW7LmiTS5JgOqU+9pEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96LS1CWGdNcWVGVzdMbWlU
UzVKZ09xVS05cEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEohZ2JXCo2STOqzCXe3ISzvyHgjl7MJ3vzA
I6R4fXnT8iiNvuD+zUGu6aVLBlJHO7BJ6T+d10k242IGjrcdJ3nF5m/iZBBYNMD2
zfwGLcH1rFF+h5VvdeQZCFcN5pRtTzx7+P4+awheSv2dqA+mnPnvqH7VbtgCWYNc
qwsGTFFTCl8rWjpm0/AA2/REjtTz7m20WmysNesXFfukqbz9a93ve/KGB1YC6mUq
J2rhFC6ZZwDaGEL0ZToJkZEBl6Ml1Xg0eCRW9FWrtrYCPAndP/1JrRD6pCYfZny6
jtseEvm9q92TVbyA8uTXGtVNiGWjDKSca4yyDxOOxGwazuZ2mIg=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:32:31 2025 by rpki-client