Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7KdcZ-GseHG1_tuQBneNc46Ke-g.roa
File: 7KdcZ-GseHG1_tuQBneNc46Ke-g.roa (raw, json)
Hash identifier: UVEMNoWzHvk9r6tndcXQ3P0UsPTOY+rZK60/y4slanU=
Subject key identifier: EC:A7:5C:67:E1:AC:78:71:B5:FE:DB:90:06:77:8D:73:8E:8A:7B:E8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 054E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7KdcZ-GseHG1_tuQBneNc46Ke-g.roa
Signing time: Wed 14 May 2025 03:38:02 +0000
ROA not before: Wed 14 May 2025 03:38:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1358 (0x54e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 03:38:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=ECA75C67E1AC7871B5FEDB9006778D738E8A7BE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fc:6b:2d:f8:80:1f:46:1a:a9:ea:4c:8b:71:
3a:e4:ec:ed:ca:05:ea:fc:25:5d:7d:ee:e7:5f:0b:
81:15:03:60:4e:e2:be:5d:77:dc:ae:3c:d2:76:f2:
5f:1d:7d:ba:3a:64:42:1c:83:14:2c:28:fc:38:62:
77:70:9b:ab:2e:b5:10:5a:6b:87:c3:a7:c5:db:72:
df:34:98:cb:8d:2c:1d:0b:eb:f2:58:c7:1f:5b:bb:
e2:d2:6a:e7:7b:80:66:67:88:bc:3b:7a:b1:bb:19:
28:c7:73:3f:99:6e:93:fc:eb:32:b3:b9:f8:b5:34:
74:1e:9d:2e:da:f0:bb:e8:fa:2d:31:d2:1c:f2:94:
f1:bf:16:28:df:bd:6b:11:18:f1:60:19:9e:5d:c5:
28:ff:f2:f5:0d:b6:e7:5b:a4:b3:83:e4:99:e2:0d:
f6:50:ba:d6:c2:79:1f:93:cb:47:29:86:07:81:7d:
7a:99:7d:2b:1b:31:0a:09:5a:10:d5:12:46:c2:c2:
c2:a9:5a:78:b3:32:5f:a7:c9:08:f1:32:41:88:46:
a8:1e:c7:a1:25:8a:60:7f:0c:e0:4a:75:f9:b3:01:
15:67:6d:d3:55:5d:93:7d:8d:90:7d:8d:12:7e:d1:
38:36:04:be:48:61:8f:8d:d8:42:49:25:76:c5:2b:
0d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A7:5C:67:E1:AC:78:71:B5:FE:DB:90:06:77:8D:73:8E:8A:7B:E8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7KdcZ-GseHG1_tuQBneNc46Ke-g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:19:66:20:c9:a2:0c:fe:32:66:d7:dc:fb:1a:8f:ea:0e:6e:
c6:a7:3d:85:2c:b8:0e:62:58:f6:96:83:b0:b8:36:39:39:cf:
2e:f6:12:d1:d1:10:4c:f5:39:0b:fe:f9:24:87:07:c6:7c:f9:
39:ed:22:26:68:bc:e0:02:20:d6:13:b4:3a:0f:12:b7:c5:80:
ce:0f:85:1e:8f:be:a4:2d:ae:23:9e:28:a4:bb:d4:93:79:74:
80:13:e2:73:4c:f9:ba:9e:79:5c:7c:a9:a8:35:21:75:8b:ae:
cd:bd:e7:9b:df:71:a1:39:5f:96:31:e8:75:9b:29:19:ad:95:
5e:9a:7f:05:a5:08:22:1d:59:1f:db:d1:8f:b5:ec:47:d0:25:
fe:14:2b:f2:ac:57:0d:20:42:24:fd:78:6c:86:32:2a:55:9d:
e8:0d:9e:0b:58:c3:cd:4c:c4:fd:b4:0e:c7:9c:dd:c8:93:60:
74:29:74:59:15:07:11:42:17:ce:1a:4b:8a:8f:ac:7a:8c:ee:
42:6f:48:ed:17:fc:56:1a:16:bd:91:b0:90:31:68:2f:aa:46:
a5:ee:d7:61:79:0e:ba:4e:6b:0b:19:4f:31:6d:b1:9f:e1:c0:
7d:b6:27:0a:b2:1b:b3:4e:a9:f4:5a:b1:a7:9a:dd:b5:db:c1:
16:31:91:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MzM4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVDQTc1QzY3RTFBQzc4
NzFCNUZFREI5MDA2Nzc4RDczOEU4QTdCRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2/Gst+IAfRhqp6kyLcTrk7O3KBer8JV197udfC4EVA2BO4r5d
d9yuPNJ28l8dfbo6ZEIcgxQsKPw4Yndwm6sutRBaa4fDp8Xbct80mMuNLB0L6/JY
xx9bu+LSaud7gGZniLw7erG7GSjHcz+ZbpP86zKzufi1NHQenS7a8Lvo+i0x0hzy
lPG/FijfvWsRGPFgGZ5dxSj/8vUNtudbpLOD5JniDfZQutbCeR+Ty0cphgeBfXqZ
fSsbMQoJWhDVEkbCwsKpWnizMl+nyQjxMkGIRqgex6ElimB/DOBKdfmzARVnbdNV
XZN9jZB9jRJ+0Tg2BL5IYY+N2EJJJXbFKw2JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7KdcZ+GseHG1/tuQBneNc46Ke+gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83S2RjWi1Hc2VIRzFfdHVR
Qm5lTmM0NktlLWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAkZZiDJogz+MmbX3Psaj+oObsanPYUsuA5i
WPaWg7C4Njk5zy72EtHREEz1OQv++SSHB8Z8+TntIiZovOACINYTtDoPErfFgM4P
hR6PvqQtriOeKKS71JN5dIAT4nNM+bqeeVx8qag1IXWLrs2955vfcaE5X5Yx6HWb
KRmtlV6afwWlCCIdWR/b0Y+17EfQJf4UK/KsVw0gQiT9eGyGMipVnegNngtYw81M
xP20Dsec3ciTYHQpdFkVBxFCF84aS4qPrHqM7kJvSO0X/FYaFr2RsJAxaC+qRqXu
12F5DrpOawsZTzFtsZ/hwH22JwqyG7NOqfRasaea3bXbwRYxkfo=
-----END CERTIFICATE-----
Generated at Sun May 18 01:49:22 2025 by rpki-client