Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/eHr0VzPpNSRWUtaJ-2nlzjht33g.roa
File: eHr0VzPpNSRWUtaJ-2nlzjht33g.roa (raw, json)
Hash identifier: K450+Wvboo9vYc84a32JdaLIG8Y5HqykuhNG8lnWEz0=
Subject key identifier: 78:7A:F4:57:33:E9:35:24:56:52:D6:89:FB:69:E5:CE:38:6D:DF:78
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0356
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eHr0VzPpNSRWUtaJ-2nlzjht33g.roa
Signing time: Sun 11 May 2025 12:37:55 +0000
ROA not before: Sun 11 May 2025 12:37:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 854 (0x356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 12:37:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=787AF45733E935245652D689FB69E5CE386DDF78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:8f:87:9b:94:9a:be:ae:cc:d7:eb:5d:bb:13:
18:70:94:68:03:67:cb:5b:cb:bb:25:80:73:ce:7b:
77:4c:dd:48:ea:38:bf:b6:1a:bd:1f:cb:c5:7a:94:
cd:cf:14:2a:6c:e7:ab:71:64:14:1e:6b:5d:ee:70:
19:3d:2f:ea:68:7a:09:22:ea:07:6d:6e:9c:8c:9e:
5e:83:04:e7:d5:4a:b0:7f:6c:16:65:b4:5f:5b:52:
3e:7c:51:28:f1:7d:2d:11:e0:0e:67:b4:a8:2b:ae:
3a:ff:e8:57:07:d2:0a:2c:9f:c1:85:22:a0:d4:f3:
a9:b3:cb:b6:7d:69:20:59:9a:37:3e:66:ec:64:a4:
e2:88:4c:50:7e:12:8e:b8:79:f3:ce:74:3b:90:44:
ee:2b:4d:e7:6f:a0:cb:5f:a7:79:56:ee:33:b1:40:
28:4f:7a:b7:94:d4:f1:d3:b7:f8:5c:af:c6:09:3a:
e3:d4:13:1e:da:dc:6f:79:bd:e8:a6:56:29:18:58:
bc:2b:1f:a4:b6:f8:3c:3f:cd:14:eb:38:4d:3b:e5:
18:07:4b:90:5c:49:a7:3c:cb:0b:a2:66:8f:37:96:
d7:33:1a:76:ff:b2:3f:f0:21:ff:c0:d8:75:eb:09:
6e:08:55:76:56:33:83:30:1f:9c:75:96:d5:97:12:
86:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7A:F4:57:33:E9:35:24:56:52:D6:89:FB:69:E5:CE:38:6D:DF:78
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eHr0VzPpNSRWUtaJ-2nlzjht33g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:ed:6a:90:1d:1f:b8:3d:5a:4c:06:fa:3c:fb:82:41:e0:c0:
d6:b3:73:9f:64:ed:0c:b5:5c:45:44:96:02:12:49:45:92:7b:
35:1a:5a:1e:ed:f5:c1:0b:97:96:0a:9c:3f:3a:22:1c:55:38:
a7:f2:b6:8f:87:b5:cf:87:be:dd:d5:a0:c5:66:d9:b3:76:de:
36:b6:c0:97:6d:1a:a1:ec:cb:0d:d4:27:da:5e:9f:bf:21:51:
a5:ad:99:fb:36:6c:ff:7e:cd:85:2b:ef:3c:05:e8:60:65:96:
78:56:87:9f:44:10:d4:48:ca:e1:3a:71:43:fe:2e:1c:5f:c4:
be:07:b0:37:48:80:7a:4e:79:2e:8b:20:fd:ff:49:9d:d3:e7:
ae:f3:4a:3b:31:18:50:07:36:fe:ef:a2:ac:1f:1f:45:05:f6:
fd:6b:86:26:32:5a:91:8e:2c:c4:16:b5:ae:a5:49:c2:dc:a3:
13:8b:86:99:9f:42:3f:14:e6:35:16:99:1d:e9:22:d1:bc:27:
5d:a6:ed:a3:5b:ef:5f:88:e8:40:b8:98:65:3c:0c:2e:38:f0:
20:5f:97:e1:e6:9c:7b:dd:34:8d:ac:04:09:a4:fd:76:fa:72:
1b:5a:98:9f:97:82:07:c5:e5:45:ed:18:2d:4c:fe:e6:75:07:
01:df:08:19
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
MjM3NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc4N0FGNDU3MzNFOTM1
MjQ1NjUyRDY4OUZCNjlFNUNFMzg2RERGNzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSj4eblJq+rszX6127ExhwlGgDZ8tby7slgHPOe3dM3UjqOL+2
Gr0fy8V6lM3PFCps56txZBQea13ucBk9L+poegki6gdtbpyMnl6DBOfVSrB/bBZl
tF9bUj58USjxfS0R4A5ntKgrrjr/6FcH0gosn8GFIqDU86mzy7Z9aSBZmjc+Zuxk
pOKITFB+Eo64efPOdDuQRO4rTedvoMtfp3lW7jOxQChPereU1PHTt/hcr8YJOuPU
Ex7a3G95veimVikYWLwrH6S2+Dw/zRTrOE075RgHS5BcSac8ywuiZo83ltczGnb/
sj/wIf/A2HXrCW4IVXZWM4MwH5x1ltWXEoZjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUeHr0VzPpNSRWUtaJ+2nlzjht33gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lSHIwVnpQcE5TUldVdGFK
LTJubHpqaHQzM2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACjtapAdH7g9WkwG+jz7gkHgwNazc59k7Qy1
XEVElgISSUWSezUaWh7t9cELl5YKnD86IhxVOKfyto+Htc+Hvt3VoMVm2bN23ja2
wJdtGqHsyw3UJ9pen78hUaWtmfs2bP9+zYUr7zwF6GBllnhWh59EENRIyuE6cUP+
LhxfxL4HsDdIgHpOeS6LIP3/SZ3T567zSjsxGFAHNv7voqwfH0UF9v1rhiYyWpGO
LMQWta6lScLcoxOLhpmfQj8U5jUWmR3pItG8J12m7aNb71+I6EC4mGU8DC448CBf
l+HmnHvdNI2sBAmk/Xb6chtamJ+XggfF5UXtGC1M/uZ1BwHfCBk=
-----END CERTIFICATE-----
Generated at Sat May 17 21:34:23 2025 by rpki-client