Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/i_eoEqJeETqzOzDRqeziRAAi8fk.roa
File: i_eoEqJeETqzOzDRqeziRAAi8fk.roa (raw, json)
Hash identifier: ks5XjhjAHyo8TKLzD0FbYuIJJE49289zi71k83bObOc=
Subject key identifier: 8B:F7:A8:12:A2:5E:11:3A:B3:3B:30:D1:A9:EC:E2:44:00:22:F1:F9
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D7A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i_eoEqJeETqzOzDRqeziRAAi8fk.roa
Signing time: Sun 25 May 2025 01:08:33 +0000
ROA not before: Sun 25 May 2025 01:08:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3450 (0xd7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 01:08:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8BF7A812A25E113AB33B30D1A9ECE2440022F1F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:7b:ca:65:bf:c7:e1:84:09:5d:82:d7:c6:
c3:7b:72:4d:a0:9f:0e:56:0d:21:5a:bf:62:69:e8:
33:50:94:48:0f:70:5b:2d:b8:73:00:82:1c:c2:b0:
65:46:58:de:7f:b9:39:93:14:6c:96:54:a1:9d:e4:
ad:59:e7:ec:e8:32:3e:74:d2:6d:2a:ab:37:70:32:
4d:39:8d:0a:4e:42:12:66:4e:9a:31:4e:35:b8:81:
82:04:d9:30:c5:a4:c5:37:1b:7c:b7:33:3c:74:11:
f3:65:3c:92:fc:c6:97:1f:f7:eb:94:3a:a3:57:ba:
e9:24:61:ed:2b:00:4c:00:a3:b5:e1:21:62:6e:79:
67:75:71:8b:b5:de:6f:c2:26:bf:be:b9:39:e3:da:
02:f4:f2:c4:81:81:f7:d6:6e:54:e2:df:c8:02:8e:
fd:c4:ad:cd:5d:7c:e8:98:67:b1:41:3e:81:5c:b3:
df:9b:7a:6c:2c:f0:3d:c6:de:3d:28:b9:fc:b0:b8:
a6:40:1d:d2:13:32:fc:de:4c:8e:ee:80:54:5c:40:
a4:06:dc:25:5f:63:e8:8d:16:64:ed:fd:81:26:2d:
9a:5f:b9:54:6a:a6:67:e2:a4:2c:c8:bf:af:f9:7a:
af:04:bd:22:37:93:96:62:24:b4:af:7a:20:88:c4:
7f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:F7:A8:12:A2:5E:11:3A:B3:3B:30:D1:A9:EC:E2:44:00:22:F1:F9
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/i_eoEqJeETqzOzDRqeziRAAi8fk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:0c:2f:be:bb:89:6c:17:6c:77:83:aa:c0:3e:b5:cd:a9:ca:
ac:49:87:bd:3d:12:33:cf:98:41:26:1d:71:35:71:36:e4:ac:
3c:d7:96:db:c7:47:5b:19:9a:f6:91:dc:34:01:d9:71:1c:b5:
a4:2c:d6:f0:39:e4:1b:24:4d:d3:13:29:68:24:86:01:77:7c:
0a:88:f6:d1:b3:b7:bc:70:90:cf:fb:f4:a3:04:57:ad:88:c9:
7a:b3:33:13:b8:70:62:bb:bb:8d:9e:09:2b:37:2b:f1:0f:43:
fa:93:4d:f8:7d:49:d6:fe:f6:64:3e:bc:42:4a:67:1e:83:ea:
55:fd:84:12:87:dd:8b:00:57:32:f0:d6:e5:05:7e:86:74:83:
05:10:c9:fb:5f:d4:98:bc:f2:d0:4b:af:49:dc:0f:45:64:ff:
43:68:2c:4b:17:36:c3:74:f6:4c:bc:74:74:5b:41:fc:18:cd:
cd:83:b5:f5:68:dd:9d:24:c9:9c:bd:4d:45:99:42:66:ef:b0:
17:52:87:76:29:5f:a7:6c:89:7d:fa:28:15:12:de:47:38:33:
1d:c4:f1:2d:81:f5:25:2d:fd:8a:5b:6b:78:dd:0f:d9:ce:de:
1c:48:ed:32:96:59:d5:a3:a3:8e:d7:48:6b:4f:91:3f:db:a1:
bf:86:5d:7a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDXowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
MTA4MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhCRjdBODEyQTI1RTEx
M0FCMzNCMzBEMUE5RUNFMjQ0MDAyMkYxRjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrrHvKZb/H4YQJXYLXxsN7ck2gnw5WDSFav2Jp6DNQlEgPcFst
uHMAghzCsGVGWN5/uTmTFGyWVKGd5K1Z5+zoMj500m0qqzdwMk05jQpOQhJmTpox
TjW4gYIE2TDFpMU3G3y3Mzx0EfNlPJL8xpcf9+uUOqNXuukkYe0rAEwAo7XhIWJu
eWd1cYu13m/CJr++uTnj2gL08sSBgffWblTi38gCjv3Erc1dfOiYZ7FBPoFcs9+b
emws8D3G3j0oufywuKZAHdITMvzeTI7ugFRcQKQG3CVfY+iNFmTt/YEmLZpfuVRq
pmfipCzIv6/5eq8EvSI3k5ZiJLSveiCIxH/DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUi/eoEqJeETqzOzDRqeziRAAi8fkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9pX2VvRXFKZUVUcXpPekRS
cWV6aVJBQWk4Zmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFAML767iWwXbHeDqsA+tc2pyqxJh709EjPP
mEEmHXE1cTbkrDzXltvHR1sZmvaR3DQB2XEctaQs1vA55BskTdMTKWgkhgF3fAqI
9tGzt7xwkM/79KMEV62IyXqzMxO4cGK7u42eCSs3K/EPQ/qTTfh9Sdb+9mQ+vEJK
Zx6D6lX9hBKH3YsAVzLw1uUFfoZ0gwUQyftf1Ji88tBLr0ncD0Vk/0NoLEsXNsN0
9ky8dHRbQfwYzc2DtfVo3Z0kyZy9TUWZQmbvsBdSh3YpX6dsiX36KBUS3kc4Mx3E
8S2B9SUt/Ypba3jdD9nO3hxI7TKWWdWjo47XSGtPkT/bob+GXXo=
-----END CERTIFICATE-----
Generated at Sun Jun 22 01:09:42 2025 by rpki-client