Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/eQ_j9aK40jNTgieZ7iQeVOmU0Ig.roa
File: eQ_j9aK40jNTgieZ7iQeVOmU0Ig.roa (raw, json)
Hash identifier: R+Q/VLw7z0IRWr4Frr3oLMfO2W/EYhsVbHmLl1mO7mo=
Subject key identifier: 79:0F:E3:F5:A2:B8:D2:33:53:82:27:99:EE:24:1E:54:E9:94:D0:88
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 171A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eQ_j9aK40jNTgieZ7iQeVOmU0Ig.roa
Signing time: Fri 06 Jun 2025 21:09:28 +0000
ROA not before: Fri 06 Jun 2025 21:09:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5914 (0x171a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 21:09:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=790FE3F5A2B8D23353822799EE241E54E994D088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ac:6e:22:bd:17:5a:53:43:57:87:dc:36:00:
a1:d5:83:b7:45:ee:5e:b4:f5:e4:bb:5a:ee:67:2d:
82:3e:64:cf:ee:a3:04:41:80:2d:21:3a:43:e6:02:
f0:31:5d:7d:81:62:a0:93:36:0a:cc:ba:b1:37:9c:
ca:a4:99:af:cf:8c:19:a2:3c:ae:14:04:35:db:be:
0c:90:73:3e:35:cc:d3:b5:b3:89:7e:69:a4:81:06:
0f:15:4b:8c:9f:70:d6:61:be:3b:f5:79:fc:ae:ad:
71:89:55:89:5d:fa:a6:15:e8:e8:dc:2a:18:56:b4:
d9:75:56:65:1e:e5:c9:c0:89:c6:64:e0:47:98:73:
e7:ff:59:74:3a:6a:74:63:f8:72:e0:5b:4d:12:85:
d8:b1:10:d5:cf:7e:73:0f:05:37:18:00:a5:30:12:
e4:e5:a5:1c:84:14:49:e0:33:fb:91:a7:04:a0:18:
8e:09:ce:c7:ed:de:74:e5:16:b4:65:93:ab:0a:f8:
7c:dc:90:35:ff:02:df:fa:c6:07:0d:61:d0:11:18:
4e:a6:80:d6:88:cd:2b:50:96:52:9e:01:74:51:05:
1e:6f:bf:64:da:92:29:65:ba:16:74:c7:37:2c:4c:
3d:87:50:10:17:50:b7:ef:55:f5:0c:49:b2:38:d5:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:0F:E3:F5:A2:B8:D2:33:53:82:27:99:EE:24:1E:54:E9:94:D0:88
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eQ_j9aK40jNTgieZ7iQeVOmU0Ig.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:43:b3:10:9d:75:73:87:f7:05:57:9e:05:b7:69:16:2d:1d:
f7:a0:e3:81:24:ac:87:23:0a:bf:4b:0b:82:4d:91:24:99:02:
ea:58:f2:b4:13:42:c0:11:63:6a:65:da:aa:01:bc:cc:1e:46:
68:59:db:af:2f:86:cd:0d:eb:04:96:ea:fc:7a:3c:7b:98:d6:
b1:a0:12:d7:e7:0a:da:62:0c:4a:ae:aa:61:db:c5:fa:8e:49:
3f:e3:f6:ba:58:8d:4a:da:e9:fe:85:9b:8e:61:3b:b0:c8:c6:
bf:56:c1:01:f7:29:39:63:8f:e8:61:21:53:17:bf:e7:ea:36:
fe:7c:90:73:a7:ac:46:31:ff:a4:19:8d:f6:ce:2b:70:c2:46:
08:5d:1c:e8:be:8b:90:0b:4b:d1:ce:e0:56:86:a8:f1:86:58:
c6:72:f5:e1:94:e0:33:2c:20:af:ee:9a:df:5f:2c:0b:b8:e0:
9c:45:a7:4a:ac:7b:5c:23:ee:1d:f9:57:ab:e0:1a:2f:0b:e6:
43:fb:aa:1f:38:29:da:33:be:50:59:12:a5:16:e4:ef:69:a4:
87:9d:8a:ce:17:be:73:02:25:f7:cd:74:1a:69:f5:df:3e:c6:
d2:13:0d:10:ae:c9:61:20:65:67:1c:7b:f2:8d:87:5d:e2:5c:
56:7b:c6:72
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFxowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYy
MTA5MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc5MEZFM0Y1QTJCOEQy
MzM1MzgyMjc5OUVFMjQxRTU0RTk5NEQwODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsrG4ivRdaU0NXh9w2AKHVg7dF7l609eS7Wu5nLYI+ZM/uowRB
gC0hOkPmAvAxXX2BYqCTNgrMurE3nMqkma/PjBmiPK4UBDXbvgyQcz41zNO1s4l+
aaSBBg8VS4yfcNZhvjv1efyurXGJVYld+qYV6OjcKhhWtNl1VmUe5cnAicZk4EeY
c+f/WXQ6anRj+HLgW00ShdixENXPfnMPBTcYAKUwEuTlpRyEFEngM/uRpwSgGI4J
zsft3nTlFrRlk6sK+HzckDX/At/6xgcNYdARGE6mgNaIzStQllKeAXRRBR5vv2Ta
killuhZ0xzcsTD2HUBAXULfvVfUMSbI41belAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUeQ/j9aK40jNTgieZ7iQeVOmU0IgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lUV9qOWFLNDBqTlRnaWVa
N2lRZVZPbVUwSWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIZDsxCddXOH9wVXngW3aRYtHfeg44EkrIcj
Cr9LC4JNkSSZAupY8rQTQsARY2pl2qoBvMweRmhZ268vhs0N6wSW6vx6PHuY1rGg
EtfnCtpiDEquqmHbxfqOST/j9rpYjUra6f6Fm45hO7DIxr9WwQH3KTljj+hhIVMX
v+fqNv58kHOnrEYx/6QZjfbOK3DCRghdHOi+i5ALS9HO4FaGqPGGWMZy9eGU4DMs
IK/umt9fLAu44JxFp0qse1wj7h35V6vgGi8L5kP7qh84KdozvlBZEqUW5O9ppIed
is4XvnMCJffNdBpp9d8+xtITDRCuyWEgZWcce/KNh13iXFZ7xnI=
-----END CERTIFICATE-----
Generated at Sun Jun 22 12:11:55 2025 by rpki-client