Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/x_EpLBWtEC3BxF7Ef94XnfhlhbM.roa
File: x_EpLBWtEC3BxF7Ef94XnfhlhbM.roa (raw, json)
Hash identifier: Cf5zqk+QdJklDaerp5+5oICVGSPYjlyLYoL1XCOAsYQ=
Subject key identifier: C7:F1:29:2C:15:AD:10:2D:C1:C4:5E:C4:7F:DE:17:9D:F8:65:85:B3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: DA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x_EpLBWtEC3BxF7Ef94XnfhlhbM.roa
Signing time: Thu 08 May 2025 05:08:06 +0000
ROA not before: Thu 08 May 2025 05:08:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 218 (0xda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 05:08:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C7F1292C15AD102DC1C45EC47FDE179DF86585B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:76:f1:1b:81:17:60:50:33:45:15:17:1f:bb:
be:e1:93:27:a7:c2:ee:46:3a:0d:09:18:17:fc:8c:
96:f2:b1:22:e9:55:9e:48:d4:e3:a3:5c:8d:22:f5:
27:7f:7a:bb:3b:af:a3:a8:6e:ce:49:7d:6d:a5:26:
52:93:bc:1d:da:ee:09:08:53:64:08:db:71:d4:0f:
ef:6b:94:54:52:2c:32:e5:78:8b:83:4c:30:2e:1f:
6d:3e:1f:1a:45:33:44:32:20:ac:41:6c:3a:f4:78:
72:ef:f6:2c:dc:8c:ff:f5:0d:f2:c0:4c:c0:d5:37:
45:46:16:56:b0:78:f2:65:05:15:24:0c:8c:07:be:
db:8a:99:9c:2a:cb:92:c7:df:47:a1:80:96:57:11:
40:53:db:7c:31:48:de:23:5a:c8:12:9f:71:44:51:
aa:8f:69:f6:67:0d:13:d9:82:de:53:b4:e6:c8:4f:
a8:12:d5:c2:86:11:42:2a:48:a6:f9:e1:ae:c7:17:
31:bc:b3:4f:8d:a3:2f:a9:bc:9d:c1:e6:de:5d:bf:
2a:a7:92:a2:c9:2f:70:7c:0a:fb:a1:44:09:f7:d7:
a6:76:76:ba:a7:20:b4:0e:47:ae:a7:7d:f7:0f:55:
c6:ea:f1:42:77:55:b6:5d:22:15:68:f4:a7:6e:43:
40:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F1:29:2C:15:AD:10:2D:C1:C4:5E:C4:7F:DE:17:9D:F8:65:85:B3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/x_EpLBWtEC3BxF7Ef94XnfhlhbM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:61:bb:b2:e5:b8:7a:13:32:fa:85:37:a2:18:3c:8d:68:46:
dd:fb:9e:77:3d:56:c6:ef:46:bf:b1:87:bd:cc:03:dc:26:75:
ca:f5:30:a2:c6:f8:a6:71:c4:2c:ba:75:f3:0b:35:8d:17:66:
84:e4:89:e1:d8:27:14:e9:77:62:e2:da:7a:7c:d3:da:be:3b:
15:e1:bd:5d:74:2f:c9:a1:1c:82:2f:12:dc:2e:a4:0e:97:6c:
c8:4a:4c:db:cc:fa:67:2e:96:bf:6f:a3:97:22:ee:47:9b:7f:
1c:57:90:60:36:4e:3f:86:64:f9:66:56:d2:05:e4:8c:c2:73:
d6:d4:02:36:53:1a:e2:f4:4b:2d:82:d2:51:25:75:c6:46:30:
0b:17:84:07:35:a1:05:a3:6d:c4:b9:4b:53:2f:82:7f:24:91:
9d:7d:f4:a6:8c:6a:a4:29:fb:f3:9f:60:c4:f6:19:df:66:a4:
32:08:96:f4:a3:46:42:9b:a4:ea:8a:4d:b9:25:00:bd:bf:f4:
be:df:6c:bb:66:df:83:c2:31:42:31:55:de:03:74:00:61:47:
a3:52:77:99:af:94:4d:36:ab:9a:47:13:86:d6:70:c6:25:be:
dd:c5:c0:39:a9:6a:c8:82:22:37:a7:8e:7c:a8:5f:82:f2:a3:
1e:ae:3f:82
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICANowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
NTA4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM3RjEyOTJDMTVBRDEw
MkRDMUM0NUVDNDdGREUxNzlERjg2NTg1QjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDedvEbgRdgUDNFFRcfu77hkyenwu5GOg0JGBf8jJbysSLpVZ5I
1OOjXI0i9Sd/ers7r6Oobs5JfW2lJlKTvB3a7gkIU2QI23HUD+9rlFRSLDLleIuD
TDAuH20+HxpFM0QyIKxBbDr0eHLv9izcjP/1DfLATMDVN0VGFlawePJlBRUkDIwH
vtuKmZwqy5LH30ehgJZXEUBT23wxSN4jWsgSn3FEUaqPafZnDRPZgt5TtObIT6gS
1cKGEUIqSKb54a7HFzG8s0+Noy+pvJ3B5t5dvyqnkqLJL3B8CvuhRAn316Z2drqn
ILQOR66nffcPVcbq8UJ3VbZdIhVo9KduQ0D3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUx/EpLBWtEC3BxF7Ef94XnfhlhbMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94X0VwTEJXdEVDM0J4RjdF
Zjk0WG5maGxoYk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAVhu7LluHoTMvqFN6IYPI1oRt37nnc9Vsbv
Rr+xh73MA9wmdcr1MKLG+KZxxCy6dfMLNY0XZoTkieHYJxTpd2Li2np809q+OxXh
vV10L8mhHIIvEtwupA6XbMhKTNvM+mculr9vo5ci7kebfxxXkGA2Tj+GZPlmVtIF
5IzCc9bUAjZTGuL0Sy2C0lEldcZGMAsXhAc1oQWjbcS5S1Mvgn8kkZ199KaMaqQp
+/OfYMT2Gd9mpDIIlvSjRkKbpOqKTbklAL2/9L7fbLtm34PCMUIxVd4DdABhR6NS
d5mvlE02q5pHE4bWcMYlvt3FwDmpasiCIjenjnyoX4Lyox6uP4I=
-----END CERTIFICATE-----
Generated at Sun Jun 22 22:36:57 2025 by rpki-client