Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7qxW2xogUwJMsuDnLRek4hTf5iE.roa
File: 7qxW2xogUwJMsuDnLRek4hTf5iE.roa (raw, json)
Hash identifier: IVO138Cugtg3pWFy1s7DQYL4iclkUOqa4bmhmLxh+i4=
Subject key identifier: EE:AC:56:DB:1A:20:53:02:4C:B2:E0:E7:2D:17:A4:E2:14:DF:E6:21
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 089E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7qxW2xogUwJMsuDnLRek4hTf5iE.roa
Signing time: Sun 18 May 2025 13:38:10 +0000
ROA not before: Sun 18 May 2025 13:38:10 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2206 (0x89e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 13:38:10 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EEAC56DB1A2053024CB2E0E72D17A4E214DFE621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:00:b3:84:e4:59:ec:6d:04:2a:c2:b1:33:
64:8c:68:e0:8b:4f:10:d7:50:c3:d7:f6:c9:7c:39:
31:7a:5e:1c:70:8d:07:d8:7b:49:dc:6d:b6:b5:93:
b7:d8:d9:fe:b9:b4:70:fa:c8:c0:ca:e1:09:d0:32:
31:1e:f0:a4:1d:2f:e6:6e:9e:1e:f6:11:15:f4:7d:
76:84:c4:ff:5d:54:f3:30:4a:1c:e7:11:44:ea:b4:
66:2c:49:c3:6b:bd:1e:58:59:d6:5a:51:22:74:28:
c7:12:9b:10:ee:f0:ce:f2:e6:f4:a9:89:5a:6b:d6:
62:aa:8f:eb:ab:fe:31:e9:aa:b4:51:2a:9a:54:66:
ff:4d:2a:ea:a4:29:37:e3:f5:d3:cb:89:f8:67:64:
2b:73:15:dd:c4:95:5d:e6:69:91:44:18:e7:d6:0e:
1c:53:7b:f5:10:87:06:32:7c:22:ce:fd:06:00:d4:
c3:4d:83:0b:bf:f9:a0:b7:cb:eb:a1:68:20:33:49:
eb:33:7e:75:cd:d5:f3:bd:d7:c4:aa:3a:26:b4:d8:
70:7f:01:25:a9:a9:57:76:f2:29:59:dd:27:a1:e5:
6d:92:3d:a4:3c:f6:f0:52:af:21:7d:e7:2b:47:b1:
da:19:bf:12:0a:fe:5f:66:2f:d3:9f:75:c8:12:d5:
e8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AC:56:DB:1A:20:53:02:4C:B2:E0:E7:2D:17:A4:E2:14:DF:E6:21
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7qxW2xogUwJMsuDnLRek4hTf5iE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7b:eb:36:a1:18:28:a5:12:3a:02:3d:06:a6:03:23:ff:42:cc:
f7:fb:46:f9:b2:1d:70:03:38:3d:13:12:ab:8c:e5:fe:3a:4e:
b2:af:8d:7d:ca:5e:59:c2:d4:de:3f:72:e9:0a:6c:57:e4:08:
a4:e4:6e:b3:a7:ce:7d:ad:d6:98:9e:68:8d:77:17:36:00:25:
ba:d3:e7:5b:bc:d1:fa:e9:76:4e:09:a7:e8:d1:91:ac:20:46:
35:48:0a:1b:7d:0c:ab:f2:49:4d:67:94:bc:b9:3e:86:bb:a4:
c4:42:f8:7c:f0:0d:6b:bd:91:d4:eb:e1:cb:f8:75:dc:08:f0:
4e:aa:90:fc:62:af:a8:80:05:5f:a7:ec:2b:2e:fa:7e:08:db:
ff:cc:ea:d5:d5:da:22:4c:4f:9b:3f:1c:28:2c:08:6b:02:34:
19:0f:9f:df:25:b5:81:16:d0:98:ed:4a:4f:12:da:56:5d:fc:
86:9b:02:f7:ad:35:e7:4c:fd:68:19:34:39:6f:b0:5f:1e:d9:
62:51:9c:cf:ed:d8:ef:9f:59:02:35:bc:b0:18:19:7d:08:13:
13:5c:80:8c:59:1b:37:04:95:58:87:2b:60:0a:6c:5d:f5:99:
6d:b9:5f:c3:85:89:7b:c3:e6:94:cc:98:e0:ea:65:8b:2d:5a:
c9:24:99:08
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCJ4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgx
MzM4MTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVFQUM1NkRCMUEyMDUz
MDI0Q0IyRTBFNzJEMTdBNEUyMTRERkU2MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvygCzhORZ7G0EKsKxM2SMaOCLTxDXUMPX9sl8OTF6XhxwjQfY
e0ncbba1k7fY2f65tHD6yMDK4QnQMjEe8KQdL+Zunh72ERX0fXaExP9dVPMwShzn
EUTqtGYsScNrvR5YWdZaUSJ0KMcSmxDu8M7y5vSpiVpr1mKqj+ur/jHpqrRRKppU
Zv9NKuqkKTfj9dPLifhnZCtzFd3ElV3maZFEGOfWDhxTe/UQhwYyfCLO/QYA1MNN
gwu/+aC3y+uhaCAzSeszfnXN1fO918SqOia02HB/ASWpqVd28ilZ3Seh5W2SPaQ8
9vBSryF95ytHsdoZvxIK/l9mL9OfdcgS1eh3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7qxW2xogUwJMsuDnLRek4hTf5iEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83cXhXMnhvZ1V3Sk1zdURu
TFJlazRoVGY1aUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHvrNqEYKKUSOgI9BqYDI/9CzPf7RvmyHXAD
OD0TEquM5f46TrKvjX3KXlnC1N4/cukKbFfkCKTkbrOnzn2t1pieaI13FzYAJbrT
51u80frpdk4Jp+jRkawgRjVICht9DKvySU1nlLy5Poa7pMRC+HzwDWu9kdTr4cv4
ddwI8E6qkPxir6iABV+n7Csu+n4I2//M6tXV2iJMT5s/HCgsCGsCNBkPn98ltYEW
0JjtSk8S2lZd/IabAvetNedM/WgZNDlvsF8e2WJRnM/t2O+fWQI1vLAYGX0IExNc
gIxZGzcElViHK2AKbF31mW25X8OFiXvD5pTMmODqZYstWskkmQg=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:54:21 2025 by rpki-client