Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ebnzs_h9EKlaLY9octctJKmrsH8.roa
File: ebnzs_h9EKlaLY9octctJKmrsH8.roa (raw, json)
Hash identifier: dnvaS9t/C4Scf0LUbqLyrC67yg25hFp6r9i/rjdMN/M=
Subject key identifier: 79:B9:F3:B3:F8:7D:10:A9:5A:2D:8F:68:72:D7:2D:24:A9:AB:B0:7F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 042A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ebnzs_h9EKlaLY9octctJKmrsH8.roa
Signing time: Mon 12 May 2025 15:08:41 +0000
ROA not before: Mon 12 May 2025 15:08:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1066 (0x42a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 15:08:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=79B9F3B3F87D10A95A2D8F6872D72D24A9ABB07F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d9:d3:74:b7:47:bd:ee:d2:04:20:02:26:2e:
f2:4a:5b:88:e7:b3:b0:10:9d:32:4c:13:3d:2a:da:
5f:a8:24:08:63:f1:c5:40:d8:6c:08:d4:cc:a3:6d:
00:f0:89:f3:9c:53:28:84:c4:a6:42:f5:d9:c7:02:
41:da:5c:08:a4:04:44:88:0d:ef:4a:cb:66:17:59:
37:a8:7d:08:8f:cc:bd:17:fc:e4:45:be:cf:a7:42:
17:08:51:95:9e:06:bb:af:cc:5e:34:3a:9d:99:2e:
00:26:16:d4:4c:1e:ac:06:55:c4:a0:e5:a9:4d:50:
46:99:87:37:2d:d9:af:c9:32:bb:1f:23:3c:d0:b7:
23:70:7c:d7:c0:65:f0:d7:22:bb:81:38:66:63:e1:
a0:82:f3:4a:32:14:a7:63:9f:ed:26:55:7d:76:c0:
3f:d2:52:0c:4b:12:88:8e:b3:b7:d5:cf:c4:2d:b4:
96:43:e4:d5:83:68:c2:ef:04:14:df:c2:80:de:1b:
1e:2a:aa:f5:77:98:0f:2f:da:2d:eb:48:2f:ed:15:
0a:3b:7d:ab:91:37:63:88:9c:a0:9c:98:7f:5c:6d:
b5:e6:59:cb:54:46:20:29:51:b4:32:6a:ac:cf:14:
90:01:29:82:b1:65:61:fc:df:0b:9e:49:03:e8:50:
e4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B9:F3:B3:F8:7D:10:A9:5A:2D:8F:68:72:D7:2D:24:A9:AB:B0:7F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ebnzs_h9EKlaLY9octctJKmrsH8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
32:ae:a2:80:d1:fc:29:30:56:dc:1f:6b:a1:ca:b5:4d:4b:6c:
cd:05:17:51:c2:84:32:93:bc:eb:ee:6e:4c:9e:f3:ca:db:9a:
6c:37:79:02:e7:36:fb:ec:f5:f2:3e:34:a4:ab:ae:72:86:65:
83:e1:9c:a3:5e:25:ae:78:60:4d:89:4e:af:49:dc:31:b7:f6:
52:24:2b:88:91:bf:9c:d6:36:1d:2c:bc:2f:bf:a3:1e:20:b3:
55:26:67:af:10:37:8e:e8:c8:76:b3:d8:5f:28:01:16:f7:40:
29:25:7f:64:bb:7d:33:a8:e7:ef:a5:66:dc:4e:e3:24:7c:7f:
33:57:84:02:8a:be:73:19:12:b9:7f:30:dc:bb:e0:ea:34:03:
b5:a4:1a:3f:a2:6d:32:0b:68:a8:54:a0:d0:a7:a3:ce:f7:0f:
75:9c:1a:b4:3d:23:af:74:dd:2e:b1:38:16:1f:29:0b:31:95:
e9:e0:fb:cc:36:cb:83:11:bb:2b:18:c2:c0:0f:bd:94:31:46:
a8:d0:63:0a:c3:59:b9:7c:17:4c:7c:55:4e:24:2c:37:80:f6:
e5:e6:64:87:4a:ba:70:d1:af:e6:f1:71:af:25:3b:37:be:47:
1f:aa:ce:37:d5:1e:65:42:d6:b5:77:40:d0:0c:2f:22:1f:27:
e8:ef:3d:1a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBCowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
NTA4NDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc5QjlGM0IzRjg3RDEw
QTk1QTJEOEY2ODcyRDcyRDI0QTlBQkIwN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF2dN0t0e97tIEIAImLvJKW4jns7AQnTJMEz0q2l+oJAhj8cVA
2GwI1MyjbQDwifOcUyiExKZC9dnHAkHaXAikBESIDe9Ky2YXWTeofQiPzL0X/ORF
vs+nQhcIUZWeBruvzF40Op2ZLgAmFtRMHqwGVcSg5alNUEaZhzct2a/JMrsfIzzQ
tyNwfNfAZfDXIruBOGZj4aCC80oyFKdjn+0mVX12wD/SUgxLEoiOs7fVz8QttJZD
5NWDaMLvBBTfwoDeGx4qqvV3mA8v2i3rSC/tFQo7fauRN2OInKCcmH9cbbXmWctU
RiApUbQyaqzPFJABKYKxZWH83wueSQPoUOQtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUebnzs/h9EKlaLY9octctJKmrsH8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lYm56c19oOUVLbGFMWTlv
Y3RjdEpLbXJzSDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADKuooDR/CkwVtwfa6HKtU1LbM0FF1HChDKT
vOvubkye88rbmmw3eQLnNvvs9fI+NKSrrnKGZYPhnKNeJa54YE2JTq9J3DG39lIk
K4iRv5zWNh0svC+/ox4gs1UmZ68QN47oyHaz2F8oARb3QCklf2S7fTOo5++lZtxO
4yR8fzNXhAKKvnMZErl/MNy74Oo0A7WkGj+ibTILaKhUoNCno873D3WcGrQ9I690
3S6xOBYfKQsxleng+8w2y4MRuysYwsAPvZQxRqjQYwrDWbl8F0x8VU4kLDeA9uXm
ZIdKunDRr+bxca8lOze+Rx+qzjfVHmVC1rV3QNAMLyIfJ+jvPRo=
-----END CERTIFICATE-----
Generated at Sun May 18 16:51:28 2025 by rpki-client