Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fE7lbVaVp1RimW07RXx1pUi1twc.roa
File: fE7lbVaVp1RimW07RXx1pUi1twc.roa (raw, json)
Hash identifier: 3BU1molkvQCYQl4g8ORXIlzUxTHQpVo5weUp875l0lI=
Subject key identifier: 7C:4E:E5:6D:56:95:A7:54:62:99:6D:3B:45:7C:75:A5:48:B5:B7:07
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0686
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fE7lbVaVp1RimW07RXx1pUi1twc.roa
Signing time: Thu 15 May 2025 18:38:08 +0000
ROA not before: Thu 15 May 2025 18:38:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1670 (0x686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 18:38:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7C4EE56D5695A75462996D3B457C75A548B5B707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:3c:af:0e:0c:9f:9c:07:57:88:b5:26:05:d4:
b7:87:53:76:c3:27:37:e2:8c:fe:d5:2e:91:cc:56:
50:85:13:17:b5:e1:b9:19:3e:42:2f:be:dd:60:e1:
f9:5a:f9:36:b5:70:5d:98:d5:23:3e:16:e6:c7:05:
91:d6:72:66:02:84:1e:e4:1f:a5:20:9f:39:16:81:
46:79:76:7a:be:c4:50:15:fd:79:66:aa:b1:5a:ab:
37:32:ce:80:a2:a6:b7:b4:ad:f5:14:6a:93:46:2e:
2f:03:d9:6a:93:27:d8:7b:ae:95:39:52:64:17:7c:
a1:40:18:68:18:98:30:66:56:73:85:c0:09:c8:93:
2b:6c:25:f4:50:19:3a:d0:ab:0f:f9:61:2f:25:43:
fc:26:0f:84:49:e6:b7:6a:cc:09:b0:fa:da:fa:e1:
52:44:f1:f3:26:2c:ed:18:54:02:91:ca:b3:2d:47:
9b:fb:a3:b9:1b:7c:42:77:0f:c2:b9:a5:9d:1c:77:
c3:a6:f4:dd:ad:0b:a9:5f:0b:c8:89:dc:9d:ee:5d:
8b:de:4e:87:fe:79:7e:67:1a:91:16:1b:c1:6a:ae:
b6:da:43:ba:42:4f:c0:8d:bf:a4:1d:92:db:6f:9d:
8f:bd:79:0f:95:4b:2d:f3:5f:a0:33:85:2a:4a:ed:
a6:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:4E:E5:6D:56:95:A7:54:62:99:6D:3B:45:7C:75:A5:48:B5:B7:07
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fE7lbVaVp1RimW07RXx1pUi1twc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:b7:5b:45:fe:83:ab:4e:e5:e9:ad:46:a2:52:7b:9a:8e:6b:
24:86:13:01:6c:e1:22:f8:19:d1:00:8e:4f:e1:29:90:2d:54:
3b:f8:57:33:05:79:87:23:f1:ae:de:39:c2:7d:a7:e4:8b:eb:
e5:35:30:f5:18:09:23:fd:73:df:0a:95:d2:d0:75:35:53:45:
d3:9b:5a:94:1b:be:2c:12:98:bf:c5:3a:ae:db:a2:19:7e:7d:
2a:74:34:4a:67:8e:25:ba:02:00:40:01:fe:c3:c7:68:92:86:
09:c9:38:dd:1c:cf:d9:40:5b:a7:19:4f:40:bb:f0:91:8d:8b:
79:41:75:c1:e8:f6:bb:34:d9:6d:7d:be:c2:58:5a:6a:75:5a:
34:fa:44:6d:2b:0f:24:2b:85:b9:89:7b:49:61:43:78:20:66:
66:4a:ee:3b:f8:10:2d:fb:31:66:b9:58:15:b4:64:67:87:79:
04:71:db:60:2f:b2:af:65:b1:5e:74:6b:5b:f9:47:a1:07:84:
da:8c:bd:94:73:be:ff:ba:20:25:e3:8d:03:9f:52:98:fd:27:
00:39:13:20:a4:bb:0d:bc:9f:43:51:17:4b:34:98:6d:d4:7c:
b1:72:48:59:f9:0e:e8:37:53:88:05:47:14:79:a1:23:25:f8:
ba:9f:4f:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBoYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
ODM4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdDNEVFNTZENTY5NUE3
NTQ2Mjk5NkQzQjQ1N0M3NUE1NDhCNUI3MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxPK8ODJ+cB1eItSYF1LeHU3bDJzfijP7VLpHMVlCFExe14bkZ
PkIvvt1g4fla+Ta1cF2Y1SM+FubHBZHWcmYChB7kH6UgnzkWgUZ5dnq+xFAV/Xlm
qrFaqzcyzoCipre0rfUUapNGLi8D2WqTJ9h7rpU5UmQXfKFAGGgYmDBmVnOFwAnI
kytsJfRQGTrQqw/5YS8lQ/wmD4RJ5rdqzAmw+tr64VJE8fMmLO0YVAKRyrMtR5v7
o7kbfEJ3D8K5pZ0cd8Om9N2tC6lfC8iJ3J3uXYveTof+eX5nGpEWG8FqrrbaQ7pC
T8CNv6QdkttvnY+9eQ+VSy3zX6AzhSpK7aZTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfE7lbVaVp1RimW07RXx1pUi1twcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mRTdsYlZhVnAxUmltVzA3
Ulh4MXBVaTF0d2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAB+3W0X+g6tO5emtRqJSe5qOaySGEwFs4SL4
GdEAjk/hKZAtVDv4VzMFeYcj8a7eOcJ9p+SL6+U1MPUYCSP9c98KldLQdTVTRdOb
WpQbviwSmL/FOq7bohl+fSp0NEpnjiW6AgBAAf7Dx2iShgnJON0cz9lAW6cZT0C7
8JGNi3lBdcHo9rs02W19vsJYWmp1WjT6RG0rDyQrhbmJe0lhQ3ggZmZK7jv4EC37
MWa5WBW0ZGeHeQRx22Avsq9lsV50a1v5R6EHhNqMvZRzvv+6ICXjjQOfUpj9JwA5
EyCkuw28n0NRF0s0mG3UfLFySFn5Dug3U4gFRxR5oSMl+LqfT5I=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:56:34 2025 by rpki-client