Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/qEMlJPBlu6ZA7pNEAtx8h-fZCxI.roa
File: qEMlJPBlu6ZA7pNEAtx8h-fZCxI.roa (raw, json)
Hash identifier: HxCxDrW8btkH9kf5B3uVjhgIAk6dZuxMJ5F7FHwAcbI=
Subject key identifier: A8:43:25:24:F0:65:BB:A6:40:EE:93:44:02:DC:7C:87:E7:D9:0B:12
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14BE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qEMlJPBlu6ZA7pNEAtx8h-fZCxI.roa
Signing time: Tue 03 Jun 2025 17:39:19 +0000
ROA not before: Tue 03 Jun 2025 17:39:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5310 (0x14be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 17:39:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=A8432524F065BBA640EE934402DC7C87E7D90B12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:26:0f:19:e8:77:bb:a0:94:46:89:fd:5c:e3:
50:2e:b1:31:ab:94:e8:e5:68:1f:18:cf:39:f0:26:
79:12:7a:cc:f0:1c:64:1b:01:58:06:aa:63:6e:fc:
33:fd:89:6c:dd:78:a6:d4:ef:0c:b3:53:49:22:a9:
a6:c7:c3:9a:9a:b4:e7:fa:1b:fc:23:40:60:94:09:
d4:95:93:54:e5:0b:ed:a9:7d:06:b8:8c:ad:e9:19:
21:e1:17:ae:8a:bd:ce:8b:1b:bd:43:e9:50:96:ec:
e4:c0:f2:46:fe:31:44:88:a5:19:f4:4b:5b:02:0c:
37:5d:75:5c:0f:57:91:49:90:05:20:2c:7f:34:3e:
f8:c9:2f:01:31:07:db:0f:09:56:cc:cd:6f:15:32:
e0:54:14:6f:19:42:4f:e6:f8:52:d5:02:fb:2a:94:
9a:8b:b6:35:ff:24:9e:d7:2d:68:03:b9:af:05:09:
3b:b7:b2:9b:71:a9:3e:ae:74:f9:f4:53:10:eb:46:
82:d2:1f:36:14:0b:42:e9:7a:f0:9b:64:78:35:5f:
db:6d:ab:23:4c:2e:c1:6c:b7:74:df:6e:50:c6:bc:
c1:ea:72:6d:63:9d:da:a0:61:83:b6:f0:93:3a:5a:
a4:62:b9:2b:9b:15:e6:2b:a2:06:43:52:dc:ae:cf:
6f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:43:25:24:F0:65:BB:A6:40:EE:93:44:02:DC:7C:87:E7:D9:0B:12
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/qEMlJPBlu6ZA7pNEAtx8h-fZCxI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:e1:28:0d:b3:c7:97:eb:b6:c9:fb:db:e1:e0:e4:14:b2:2c:
67:76:ab:ef:ae:4a:70:22:b1:d0:3a:1f:2e:70:f5:13:81:9d:
f6:27:f6:ce:72:a5:7a:1a:f6:ec:4d:a9:c1:ac:b3:4e:dc:c3:
32:1a:a4:87:18:bb:a4:52:f4:4b:42:c0:94:c7:4a:9b:61:51:
c9:2e:a8:45:31:23:47:0d:d0:d0:06:b0:ea:3c:23:14:4b:a9:
4a:ff:52:1b:36:de:f0:36:b5:21:7c:df:17:e3:41:60:d5:cd:
48:d6:6f:dd:8f:50:6e:cd:e9:45:12:65:da:c0:67:a5:b8:f5:
cc:77:59:5a:7a:09:63:3b:3d:6b:c6:34:b2:11:a3:28:b1:f2:
4c:77:15:d0:46:18:e2:95:2f:71:31:0b:71:34:a9:74:2a:af:
85:71:a1:13:fe:5d:68:43:6c:fa:4c:9f:ec:3e:7d:27:8c:a1:
c6:5d:a1:23:69:a6:19:78:7e:28:51:3f:0f:1a:16:7b:b5:e5:
3a:bc:44:4b:52:bf:ab:51:9d:95:3f:cc:24:17:ad:b7:f7:8b:
44:a1:8c:c1:54:bf:d0:54:09:93:3c:3d:e3:12:60:0d:7f:50:
e1:28:4b:97:a1:5a:ce:0d:a2:73:74:58:cd:20:a4:2c:50:e6:
a6:36:c3:9e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMx
NzM5MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEE4NDMyNTI0RjA2NUJC
QTY0MEVFOTM0NDAyREM3Qzg3RTdEOTBCMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtJg8Z6He7oJRGif1c41AusTGrlOjlaB8YzznwJnkSeszwHGQb
AVgGqmNu/DP9iWzdeKbU7wyzU0kiqabHw5qatOf6G/wjQGCUCdSVk1TlC+2pfQa4
jK3pGSHhF66Kvc6LG71D6VCW7OTA8kb+MUSIpRn0S1sCDDdddVwPV5FJkAUgLH80
PvjJLwExB9sPCVbMzW8VMuBUFG8ZQk/m+FLVAvsqlJqLtjX/JJ7XLWgDua8FCTu3
sptxqT6udPn0UxDrRoLSHzYUC0LpevCbZHg1X9ttqyNMLsFst3TfblDGvMHqcm1j
ndqgYYO28JM6WqRiuSubFeYrogZDUtyuz2+TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUqEMlJPBlu6ZA7pNEAtx8h+fZCxIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9xRU1sSlBCbHU2WkE3cE5F
QXR4OGgtZlpDeEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAH/hKA2zx5frtsn72+Hg5BSyLGd2q++uSnAi
sdA6Hy5w9ROBnfYn9s5ypXoa9uxNqcGss07cwzIapIcYu6RS9EtCwJTHSpthUcku
qEUxI0cN0NAGsOo8IxRLqUr/Uhs23vA2tSF83xfjQWDVzUjWb92PUG7N6UUSZdrA
Z6W49cx3WVp6CWM7PWvGNLIRoyix8kx3FdBGGOKVL3ExC3E0qXQqr4VxoRP+XWhD
bPpMn+w+fSeMocZdoSNpphl4fihRPw8aFnu15Tq8REtSv6tRnZU/zCQXrbf3i0Sh
jMFUv9BUCZM8PeMSYA1/UOEoS5ehWs4NonN0WM0gpCxQ5qY2w54=
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:03:33 2025 by rpki-client