Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EumbhldZ94J1VztueljXawEA7yo.roa
File: EumbhldZ94J1VztueljXawEA7yo.roa (raw, json)
Hash identifier: rhmqteQ/Gs9734xjF2voywzBKcDTR30ctwMCkJ/EN2g=
Subject key identifier: 12:E9:9B:86:57:59:F7:82:75:57:3B:6E:7A:58:D7:6B:01:00:EF:2A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1942
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EumbhldZ94J1VztueljXawEA7yo.roa
Signing time: Mon 09 Jun 2025 18:09:47 +0000
ROA not before: Mon 09 Jun 2025 18:09:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6466 (0x1942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 18:09:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=12E99B865759F78275573B6E7A58D76B0100EF2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:dc:fe:c9:6f:44:6a:74:e2:cc:1b:88:eb:31:
da:84:9e:3f:2e:70:51:3d:8b:48:f8:41:fe:97:8e:
36:8f:ab:ab:ff:ca:ca:94:46:0e:bb:2e:dc:7a:1b:
0e:ff:52:22:52:f7:15:c0:a1:80:68:5e:55:b8:d0:
d6:71:8f:a1:ab:14:88:90:2a:13:93:de:c0:0c:a0:
03:e0:2d:d5:74:cc:d5:67:73:ca:29:59:61:e3:ab:
a9:2d:39:74:b7:b3:3b:91:19:c4:c1:52:12:6e:3d:
4f:01:3e:f5:69:21:dd:b8:96:e0:cc:41:a4:8c:ed:
e5:31:04:32:1d:d0:00:4a:17:6f:c3:36:18:32:ce:
5a:4c:6d:fa:2a:0c:7f:e7:22:cd:55:11:8e:01:f4:
05:26:71:4f:16:05:cb:e2:2f:29:29:ee:c8:08:bb:
55:d4:ec:c0:8f:c5:a9:ed:47:d5:20:ce:b3:d7:5d:
85:c0:fa:89:cd:21:71:66:ef:83:aa:f6:2a:65:07:
91:d0:58:e2:19:21:a9:81:ff:46:23:0a:4d:52:47:
70:28:57:b0:40:5f:55:e2:2e:c0:a6:c8:89:e5:4b:
53:96:1e:1a:ab:41:24:11:a1:df:31:91:bb:bb:68:
76:a6:a0:b4:7e:35:93:ad:1f:e3:5d:ca:a2:69:8e:
9d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:E9:9B:86:57:59:F7:82:75:57:3B:6E:7A:58:D7:6B:01:00:EF:2A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EumbhldZ94J1VztueljXawEA7yo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:20:7e:92:4d:71:e2:ec:c1:6d:fb:fb:d1:1b:02:67:5c:5b:
25:06:21:80:53:33:d7:d7:a8:62:11:7b:f1:ce:dd:04:78:dd:
2f:3a:cd:83:54:5e:2d:77:7a:9e:65:3d:59:f6:6f:59:41:3b:
ec:55:ad:5c:1f:21:d7:7e:39:68:d0:c9:f9:43:96:6c:a4:0b:
31:cc:e0:eb:d6:ab:7d:fa:23:ca:5f:95:ef:05:68:80:b7:44:
fb:ca:31:19:38:87:8a:94:6c:1d:51:d3:c7:e3:a9:30:92:e3:
76:3d:03:47:41:04:9e:93:91:77:22:09:80:0b:3d:85:66:e0:
2c:d8:10:c8:9d:30:a4:a0:86:15:34:27:ec:dd:d5:e0:d1:37:
4e:41:74:c1:f9:c9:ca:9d:4f:98:87:8f:24:d7:d9:19:f7:c8:
59:6c:69:00:03:0d:77:4f:a1:e9:30:d7:35:bb:b9:1c:19:c4:
99:d2:74:2a:d6:17:19:4f:63:17:36:47:f4:df:ff:de:c4:99:
db:b0:ea:aa:73:21:11:54:b8:74:27:23:44:9f:31:7b:85:03:
df:87:21:d7:60:e4:53:13:4a:c8:ce:79:b5:e1:3a:b9:5c:0a:
0e:19:31:12:45:1d:dd:fb:45:53:70:05:dc:62:78:7d:86:4f:
e6:af:29:b4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGUIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkx
ODA5NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEyRTk5Qjg2NTc1OUY3
ODI3NTU3M0I2RTdBNThENzZCMDEwMEVGMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv3P7Jb0RqdOLMG4jrMdqEnj8ucFE9i0j4Qf6XjjaPq6v/ysqU
Rg67Ltx6Gw7/UiJS9xXAoYBoXlW40NZxj6GrFIiQKhOT3sAMoAPgLdV0zNVnc8op
WWHjq6ktOXS3szuRGcTBUhJuPU8BPvVpId24luDMQaSM7eUxBDId0ABKF2/DNhgy
zlpMbfoqDH/nIs1VEY4B9AUmcU8WBcviLykp7sgIu1XU7MCPxantR9UgzrPXXYXA
+onNIXFm74Oq9iplB5HQWOIZIamB/0YjCk1SR3AoV7BAX1XiLsCmyInlS1OWHhqr
QSQRod8xkbu7aHamoLR+NZOtH+NdyqJpjp2vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEumbhldZ94J1VztueljXawEA7yowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FdW1iaGxkWjk0SjFWenR1
ZWxqWGF3RUE3eW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAA8gfpJNceLswW37+9EbAmdcWyUGIYBTM9fX
qGIRe/HO3QR43S86zYNUXi13ep5lPVn2b1lBO+xVrVwfIdd+OWjQyflDlmykCzHM
4OvWq336I8pfle8FaIC3RPvKMRk4h4qUbB1R08fjqTCS43Y9A0dBBJ6TkXciCYAL
PYVm4CzYEMidMKSghhU0J+zd1eDRN05BdMH5ycqdT5iHjyTX2Rn3yFlsaQADDXdP
oekw1zW7uRwZxJnSdCrWFxlPYxc2R/Tf/97Emduw6qpzIRFUuHQnI0SfMXuFA9+H
Iddg5FMTSsjOebXhOrlcCg4ZMRJFHd37RVNwBdxieH2GT+avKbQ=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:08:35 2025 by rpki-client