Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7EXetAXX9RPHn1MxtI5DJWGWuJg.roa
File: 7EXetAXX9RPHn1MxtI5DJWGWuJg.roa (raw, json)
Hash identifier: GyT0CJR5B7K1mYpmEBUoMwPYcLcSp76/+EDd0Y8wLJ4=
Subject key identifier: EC:45:DE:B4:05:D7:F5:13:C7:9F:53:31:B4:8E:43:25:61:96:B8:98
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 19FE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7EXetAXX9RPHn1MxtI5DJWGWuJg.roa
Signing time: Tue 10 Jun 2025 17:39:49 +0000
ROA not before: Tue 10 Jun 2025 17:39:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6654 (0x19fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 10 17:39:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EC45DEB405D7F513C79F5331B48E43256196B898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3a:99:67:97:d7:17:2a:7b:c7:eb:7a:4e:c7:
be:a8:6f:d7:f9:0d:18:ca:54:ef:50:54:27:cb:12:
34:4f:f2:5c:d5:09:95:68:76:7a:2b:8c:37:80:75:
4f:48:31:c7:f0:68:e1:a3:83:3b:10:01:27:c7:ea:
01:03:8c:08:30:4b:10:44:c9:12:d2:8c:f9:84:55:
3e:8e:2f:3e:10:4d:99:39:ac:ce:0f:3f:2c:e8:94:
5f:7b:0a:34:2a:e6:b6:6b:db:e1:f1:cd:8c:c9:70:
be:95:40:29:13:bb:08:b4:4b:03:28:7f:a3:5b:34:
c8:94:6b:43:2d:15:bb:28:af:89:70:d4:b7:30:fa:
9c:e7:8b:ca:fd:50:2a:3a:34:81:30:35:d4:c1:49:
a7:79:78:b6:99:3a:25:70:52:5d:25:cc:14:7b:4e:
07:9c:05:23:2b:0a:ed:ac:bc:dc:f8:41:a2:de:c5:
ff:2d:ca:f6:bc:26:da:d3:cd:39:64:91:88:5e:05:
17:d3:09:3f:89:35:dd:6a:58:1f:f4:71:63:e9:21:
e7:59:92:8b:aa:6d:24:c9:be:00:3d:28:a6:94:33:
e7:1d:ac:9a:60:d0:0c:2c:1c:be:28:eb:e5:58:54:
f0:65:88:51:b9:c9:56:c5:23:9f:01:36:35:fa:36:
cd:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:45:DE:B4:05:D7:F5:13:C7:9F:53:31:B4:8E:43:25:61:96:B8:98
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7EXetAXX9RPHn1MxtI5DJWGWuJg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:42:56:a8:01:10:7b:9e:c9:69:36:f2:65:b8:98:a6:29:45:
57:00:b0:a5:5b:d5:5c:7d:82:15:93:64:3e:f2:d1:90:5f:01:
1d:a2:c4:07:bc:7d:2e:b7:46:ec:8c:8c:18:b7:b0:f9:33:59:
1d:a2:3e:67:ff:3b:3c:1b:c0:60:ed:0c:a2:d1:d5:ab:1d:c2:
71:e5:cf:58:76:a1:25:8d:f5:3f:f2:b1:dc:cd:d2:de:69:46:
77:8c:66:98:de:87:d0:d7:a6:1e:f9:44:d1:88:38:94:34:9c:
c4:95:89:36:5c:54:59:7a:10:7b:c1:37:7e:77:78:7d:68:2c:
85:2a:c7:fa:7b:65:77:b3:a6:16:14:32:f5:3d:d9:5a:dc:c7:
1d:44:d4:1e:f1:bc:49:f1:b4:c3:4f:82:a5:9a:85:a4:eb:ee:
e6:f8:4f:a5:03:50:2d:f2:cc:20:00:65:78:4d:84:6c:b3:1f:
b4:c8:ca:2e:a9:80:6e:e1:5c:81:6b:81:e0:76:10:18:f0:5c:
23:01:7f:bf:49:b0:8c:16:9e:a6:0a:78:25:7b:10:27:ac:27:
3a:f9:88:d3:7b:87:e8:b3:fe:c6:28:08:a2:01:47:3c:3d:2c:
2c:12:34:a3:63:39:21:4b:09:81:d7:9e:ee:ea:94:28:9c:00:
64:37:ea:00
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGf4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTAx
NzM5NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVDNDVERUI0MDVEN0Y1
MTNDNzlGNTMzMUI0OEU0MzI1NjE5NkI4OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxOplnl9cXKnvH63pOx76ob9f5DRjKVO9QVCfLEjRP8lzVCZVo
dnorjDeAdU9IMcfwaOGjgzsQASfH6gEDjAgwSxBEyRLSjPmEVT6OLz4QTZk5rM4P
PyzolF97CjQq5rZr2+HxzYzJcL6VQCkTuwi0SwMof6NbNMiUa0MtFbsor4lw1Lcw
+pzni8r9UCo6NIEwNdTBSad5eLaZOiVwUl0lzBR7TgecBSMrCu2svNz4QaLexf8t
yva8JtrTzTlkkYheBRfTCT+JNd1qWB/0cWPpIedZkouqbSTJvgA9KKaUM+cdrJpg
0AwsHL4o6+VYVPBliFG5yVbFI58BNjX6Ns3VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7EXetAXX9RPHn1MxtI5DJWGWuJgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83RVhldEFYWDlSUEhuMU14
dEk1REpXR1d1Smcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACBCVqgBEHueyWk28mW4mKYpRVcAsKVb1Vx9
ghWTZD7y0ZBfAR2ixAe8fS63RuyMjBi3sPkzWR2iPmf/OzwbwGDtDKLR1asdwnHl
z1h2oSWN9T/ysdzN0t5pRneMZpjeh9DXph75RNGIOJQ0nMSViTZcVFl6EHvBN353
eH1oLIUqx/p7ZXezphYUMvU92Vrcxx1E1B7xvEnxtMNPgqWahaTr7ub4T6UDUC3y
zCAAZXhNhGyzH7TIyi6pgG7hXIFrgeB2EBjwXCMBf79JsIwWnqYKeCV7ECesJzr5
iNN7h+iz/sYoCKIBRzw9LCwSNKNjOSFLCYHXnu7qlCicAGQ36gA=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:04:37 2025 by rpki-client