Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/zkJMSjz49_EJFOUT0FGPxGDv75E.roa
File: zkJMSjz49_EJFOUT0FGPxGDv75E.roa (raw, json)
Hash identifier: 2gOC+dcDKS53a2NNIXcaEZlSrgW9C7z434/i5bDpCEU=
Subject key identifier: CE:42:4C:4A:3C:F8:F7:F1:09:14:E5:13:D0:51:8F:C4:60:EF:EF:91
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 040A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zkJMSjz49_EJFOUT0FGPxGDv75E.roa
Signing time: Mon 12 May 2025 11:07:56 +0000
ROA not before: Mon 12 May 2025 11:07:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1034 (0x40a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 11:07:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CE424C4A3CF8F7F10914E513D0518FC460EFEF91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:49:54:79:f7:74:06:67:7a:a9:1a:8a:8f:
e6:c0:40:6f:ea:0d:64:7d:71:af:45:ac:ad:a1:f2:
2d:d3:5c:39:ad:a8:b4:d7:15:24:bd:69:f3:27:63:
e8:84:40:80:cc:52:90:f7:35:d0:74:29:ad:f8:03:
91:2a:9c:1f:bf:c6:0d:05:14:04:bf:23:a1:14:91:
4e:be:ce:eb:ed:52:97:88:7d:3e:98:db:fe:01:9d:
7e:3c:2a:87:cb:b7:84:13:85:16:f4:a0:4b:03:82:
da:dd:4a:54:60:a8:f0:2c:94:55:0a:51:ff:5a:ee:
61:32:59:57:98:3f:d3:db:69:d0:9c:50:33:dc:56:
21:2d:fb:f9:53:e3:7b:75:b3:74:f4:82:9c:1c:ad:
82:9d:62:f9:b6:3d:d7:60:ca:24:11:f4:0e:17:82:
77:ce:04:de:0d:95:b6:1a:8e:b9:b4:ce:d6:e6:4a:
aa:72:23:a1:5f:e4:11:e6:66:61:5e:f8:62:3d:1d:
82:98:21:ee:c3:e1:ed:75:bb:65:6b:4c:54:7f:6d:
dd:a0:74:a1:b5:7c:63:ce:b6:d0:d1:66:89:04:e8:
3b:df:d6:c7:a0:53:07:25:35:99:96:81:fd:e5:bc:
c3:60:1a:84:3d:b4:f1:11:b1:6e:be:a3:f0:31:01:
60:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:42:4C:4A:3C:F8:F7:F1:09:14:E5:13:D0:51:8F:C4:60:EF:EF:91
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/zkJMSjz49_EJFOUT0FGPxGDv75E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:ef:ec:07:c0:0a:7e:32:e3:d6:43:8f:7b:97:ed:25:0f:13:
a5:07:ad:6e:6c:6d:f8:09:4e:aa:0d:38:98:49:c7:22:d1:79:
f2:8b:56:ae:28:4e:54:3e:c3:7b:7c:0e:64:ff:22:b9:fc:62:
c6:2b:74:5d:6f:58:6d:c8:b2:75:6e:28:e3:06:d7:aa:e4:20:
53:ca:38:1a:25:55:ba:0c:e0:49:7c:5d:50:de:8a:02:2a:18:
3c:27:39:66:0e:2e:d6:26:e0:d9:78:fc:82:ad:ab:74:de:ff:
20:a6:52:51:d2:95:b0:d5:be:5c:81:b1:08:03:a3:cb:0f:49:
d0:d2:8b:86:76:63:6f:62:c3:84:0b:3a:d6:28:77:b3:a3:89:
8f:7d:8b:75:a4:2c:f4:f8:6a:93:91:8e:ea:10:36:36:63:e2:
b6:87:e8:6e:ec:f4:1f:03:06:4e:2d:dc:9f:3d:ae:23:72:50:
07:37:78:bd:12:cd:6e:f9:2c:0f:dd:8f:f1:18:50:84:91:22:
f1:b1:43:e6:97:eb:5c:b3:3e:58:34:76:81:f4:90:c2:a1:c3:
35:b9:2b:78:28:e9:81:aa:92:b3:54:8e:ff:ec:8a:e8:84:e9:
9b:51:a7:24:d0:1f:a8:d1:84:7b:5f:5c:d7:5d:f7:72:89:4a:
c4:91:27:2e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBAowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
MTA3NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENFNDI0QzRBM0NGOEY3
RjEwOTE0RTUxM0QwNTE4RkM0NjBFRkVGOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCd6UlUefd0Bmd6qRqKj+bAQG/qDWR9ca9FrK2h8i3TXDmtqLTX
FSS9afMnY+iEQIDMUpD3NdB0Ka34A5EqnB+/xg0FFAS/I6EUkU6+zuvtUpeIfT6Y
2/4BnX48KofLt4QThRb0oEsDgtrdSlRgqPAslFUKUf9a7mEyWVeYP9PbadCcUDPc
ViEt+/lT43t1s3T0gpwcrYKdYvm2PddgyiQR9A4XgnfOBN4NlbYajrm0ztbmSqpy
I6Ff5BHmZmFe+GI9HYKYIe7D4e11u2VrTFR/bd2gdKG1fGPOttDRZokE6Dvf1seg
UwclNZmWgf3lvMNgGoQ9tPERsW6+o/AxAWCnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzkJMSjz49/EJFOUT0FGPxGDv75EwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni96a0pNU2p6NDlfRUpGT1VU
MEZHUHhHRHY3NUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE/v7AfACn4y49ZDj3uX7SUPE6UHrW5sbfgJ
TqoNOJhJxyLRefKLVq4oTlQ+w3t8DmT/Irn8YsYrdF1vWG3IsnVuKOMG16rkIFPK
OBolVboM4El8XVDeigIqGDwnOWYOLtYm4Nl4/IKtq3Te/yCmUlHSlbDVvlyBsQgD
o8sPSdDSi4Z2Y29iw4QLOtYod7OjiY99i3WkLPT4apORjuoQNjZj4raH6G7s9B8D
Bk4t3J89riNyUAc3eL0SzW75LA/dj/EYUISRIvGxQ+aX61yzPlg0doH0kMKhwzW5
K3go6YGqkrNUjv/siuiE6ZtRpyTQH6jRhHtfXNdd93KJSsSRJy4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:58:39 2025 by rpki-client