Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7_Re4xohmEuW-MNFlla1aPO4gHg.roa
File: 7_Re4xohmEuW-MNFlla1aPO4gHg.roa (raw, json)
Hash identifier: 0rxzzmdqXrP9VaHFeBXpuuwrMmHVLSajNwDb/JNA470=
Subject key identifier: EF:F4:5E:E3:1A:21:98:4B:96:F8:C3:45:96:56:B5:68:F3:B8:80:78
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0156
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7_Re4xohmEuW-MNFlla1aPO4gHg.roa
Signing time: Thu 08 May 2025 20:37:43 +0000
ROA not before: Thu 08 May 2025 20:37:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342 (0x156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 20:37:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EFF45EE31A21984B96F8C3459656B568F3B88078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f1:26:a4:54:63:21:3a:42:56:37:41:52:49:
db:e6:d3:4b:bf:f1:8a:d2:5b:f0:a4:f8:a0:80:44:
d9:c2:eb:c9:9d:e4:66:ef:21:f1:82:54:a8:7b:b4:
83:de:b1:1f:59:1b:da:23:27:cc:ed:87:50:8c:c2:
a6:57:b4:5e:05:8d:6a:df:b8:c1:2c:f4:3e:54:5a:
a8:cc:a1:66:a8:bc:02:18:14:69:96:75:b1:0b:eb:
ef:aa:2e:de:b6:91:6f:f9:ad:fb:f0:77:6f:2b:4f:
7b:c3:1b:11:11:e8:75:68:f2:34:6f:9d:e6:e5:b7:
6c:51:2e:5f:20:15:06:19:80:c2:35:d3:e5:aa:80:
ec:9c:55:fd:95:54:22:75:19:a6:10:9e:aa:b0:c9:
43:7f:25:11:be:81:af:33:16:f3:36:0f:20:04:06:
03:fb:59:28:f6:f2:a7:99:ac:0d:1c:de:b3:dc:a7:
c0:31:ea:e8:5c:5c:ed:af:12:4c:0b:9c:80:3b:da:
06:c1:e6:ff:b8:c5:82:9f:16:3c:91:4e:47:0e:bf:
bd:95:ee:28:02:10:31:14:c8:a6:18:74:fe:f5:33:
c0:9b:69:52:e6:08:8f:18:ab:cf:aa:02:f0:55:39:
97:40:0b:f3:69:e4:d5:1a:d6:3f:ce:b2:29:65:d8:
85:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:F4:5E:E3:1A:21:98:4B:96:F8:C3:45:96:56:B5:68:F3:B8:80:78
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7_Re4xohmEuW-MNFlla1aPO4gHg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:fa:8a:21:f2:32:09:57:82:78:28:08:9c:1e:89:45:af:fd:
30:2c:4d:29:00:bc:5d:6a:9e:8f:20:a3:0b:3d:e3:70:ea:48:
e2:5e:2c:82:57:4b:8e:ac:b7:c3:b0:ef:c2:65:ec:9f:0d:ea:
1a:a1:18:22:06:53:67:b7:87:ff:d0:9f:86:52:d5:1e:bd:3d:
ff:ec:76:fb:2e:29:55:1a:bb:18:88:28:b3:bb:9f:a7:68:c5:
87:e7:68:ab:5f:7a:f6:fc:70:0e:75:65:6e:80:87:8c:dc:1c:
57:0f:78:34:85:a8:92:d0:f5:72:bf:d2:42:c6:96:9a:20:dd:
8f:b2:2d:53:dc:2d:ab:35:b3:a3:a6:3e:c8:84:ac:77:95:ef:
02:b8:40:82:90:03:94:54:f8:ce:0c:66:70:79:76:d0:a0:51:
e4:9a:a4:bb:29:ee:8f:d1:43:39:43:1f:bf:23:82:a7:c0:07:
1c:49:a9:ca:9b:39:23:12:ef:4b:3d:69:bd:e9:de:36:f2:b5:
a8:38:9d:b6:13:b0:19:3b:77:28:a4:33:8c:e2:2e:57:e6:e7:
b7:95:17:5d:a7:ec:38:04:2b:c9:56:b1:8a:f5:3f:67:4a:65:
91:c0:c2:03:dd:a7:4d:92:eb:49:95:23:56:53:e0:01:f1:c1:
7e:df:52:c1
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgy
MDM3NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVGRjQ1RUUzMUEyMTk4
NEI5NkY4QzM0NTk2NTZCNTY4RjNCODgwNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC98SakVGMhOkJWN0FSSdvm00u/8YrSW/Ck+KCARNnC68md5Gbv
IfGCVKh7tIPesR9ZG9ojJ8zth1CMwqZXtF4FjWrfuMEs9D5UWqjMoWaovAIYFGmW
dbEL6++qLt62kW/5rfvwd28rT3vDGxER6HVo8jRvneblt2xRLl8gFQYZgMI10+Wq
gOycVf2VVCJ1GaYQnqqwyUN/JRG+ga8zFvM2DyAEBgP7WSj28qeZrA0c3rPcp8Ax
6uhcXO2vEkwLnIA72gbB5v+4xYKfFjyRTkcOv72V7igCEDEUyKYYdP71M8CbaVLm
CI8Yq8+qAvBVOZdAC/Np5NUa1j/Osill2IVNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7/Re4xohmEuW+MNFlla1aPO4gHgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83X1JlNHhvaG1FdVctTU5G
bGxhMWFQTzRnSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE76iiHyMglXgngoCJweiUWv/TAsTSkAvF1q
no8gows943DqSOJeLIJXS46st8Ow78Jl7J8N6hqhGCIGU2e3h//Qn4ZS1R69Pf/s
dvsuKVUauxiIKLO7n6doxYfnaKtfevb8cA51ZW6Ah4zcHFcPeDSFqJLQ9XK/0kLG
lpog3Y+yLVPcLas1s6OmPsiErHeV7wK4QIKQA5RU+M4MZnB5dtCgUeSapLsp7o/R
QzlDH78jgqfABxxJqcqbOSMS70s9ab3p3jbytag4nbYTsBk7dyikM4ziLlfm57eV
F12n7DgEK8lWsYr1P2dKZZHAwgPdp02S60mVI1ZT4AHxwX7fUsE=
-----END CERTIFICATE-----
Generated at Sat May 17 23:46:43 2025 by rpki-client