Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fEJO1lRkLjuhUNWHe7nxW7JnWg4.roa
File: fEJO1lRkLjuhUNWHe7nxW7JnWg4.roa (raw, json)
Hash identifier: 0yaeiKs9VibXljvKL9UbYf/Z7URDNBQ6b6vJzxXRzFQ=
Subject key identifier: 7C:42:4E:D6:54:64:2E:3B:A1:50:D5:87:7B:B9:F1:5B:B2:67:5A:0E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 043A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fEJO1lRkLjuhUNWHe7nxW7JnWg4.roa
Signing time: Mon 12 May 2025 17:07:57 +0000
ROA not before: Mon 12 May 2025 17:07:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1082 (0x43a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 17:07:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7C424ED654642E3BA150D5877BB9F15BB2675A0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ea:f0:ce:1c:7a:08:86:5c:0e:11:44:71:a8:
dc:9b:32:30:ba:c3:bb:57:56:d8:50:ae:4c:11:27:
8b:c5:01:2c:c6:4c:8c:36:b6:d2:89:3c:bd:db:fc:
3d:23:ba:10:d8:8b:a5:8b:9f:24:30:72:ee:61:da:
bb:76:d5:51:4c:60:1d:df:b3:22:10:84:04:55:a1:
12:5f:5d:a5:d4:37:74:61:35:c1:f9:44:32:aa:e3:
9f:8f:48:24:ee:80:09:4e:3b:f6:96:3f:72:82:91:
fe:71:e4:11:2f:02:8b:bb:63:07:68:a2:81:53:03:
7e:16:ff:72:03:6f:99:d6:b9:8d:e2:45:2f:b7:8b:
22:6a:70:d8:33:a1:99:1d:ff:4f:ff:0e:62:dd:56:
98:65:ff:97:45:15:b4:68:98:8f:08:3e:db:f6:71:
1e:a3:72:3e:e8:44:e8:6d:2b:d5:c5:f5:bc:21:4c:
40:0a:2e:9b:13:89:63:f3:f0:2e:fa:14:d4:c9:30:
f0:e2:df:a1:1b:7e:28:20:93:b4:fb:1f:b9:0c:f2:
97:9e:a6:9c:b2:17:4e:f1:d9:db:59:6f:89:f9:7d:
cc:81:4c:7a:53:bc:4c:ea:1e:35:81:e1:64:07:c7:
45:ff:29:4c:96:f8:be:13:d1:99:e5:2e:31:d3:d0:
31:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:42:4E:D6:54:64:2E:3B:A1:50:D5:87:7B:B9:F1:5B:B2:67:5A:0E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fEJO1lRkLjuhUNWHe7nxW7JnWg4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:e7:7c:03:6f:69:0d:2d:1c:7f:f3:66:6c:b4:3e:89:41:09:
c1:1e:9f:1b:0c:03:b8:5d:63:33:48:94:d7:6c:63:f3:08:d4:
c4:b2:8c:2c:a8:e4:99:3b:d3:a5:5d:38:51:f5:92:6e:03:c6:
aa:82:e6:ca:eb:61:76:21:c1:24:22:0f:19:0a:2d:0e:bf:30:
26:07:10:ed:e7:da:ff:3d:28:a6:27:eb:71:ae:05:be:a6:7c:
d6:8c:67:01:66:7d:ed:32:de:6f:cb:f1:26:7e:08:9f:8f:06:
10:23:81:63:36:18:36:b0:92:92:12:7d:88:bc:d6:cf:94:2c:
9a:96:ab:32:58:6c:b0:a6:7b:9d:6a:69:bf:ee:07:90:1e:65:
1c:d1:a5:b5:99:c0:1a:31:29:95:8d:70:c4:52:3a:b1:7e:9c:
ea:ae:c4:ec:2f:2f:60:06:a7:d2:bb:f2:7d:3a:54:a3:75:9c:
31:de:79:43:19:f5:be:54:f6:07:f2:1c:c1:cc:5b:cc:c2:f6:
d2:57:7e:ba:5c:15:77:52:12:08:82:d3:3c:fd:dc:48:b6:34:
bf:e9:1e:56:3d:4e:ca:4e:ae:cf:94:d0:f5:d5:66:bf:3a:7b:
13:4b:17:b8:e8:7b:00:94:07:ec:fc:96:8d:85:de:78:b8:7a:
bd:45:a1:41
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBDowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
NzA3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdDNDI0RUQ2NTQ2NDJF
M0JBMTUwRDU4NzdCQjlGMTVCQjI2NzVBMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC76vDOHHoIhlwOEURxqNybMjC6w7tXVthQrkwRJ4vFASzGTIw2
ttKJPL3b/D0juhDYi6WLnyQwcu5h2rt21VFMYB3fsyIQhARVoRJfXaXUN3RhNcH5
RDKq45+PSCTugAlOO/aWP3KCkf5x5BEvAou7YwdoooFTA34W/3IDb5nWuY3iRS+3
iyJqcNgzoZkd/0//DmLdVphl/5dFFbRomI8IPtv2cR6jcj7oROhtK9XF9bwhTEAK
LpsTiWPz8C76FNTJMPDi36Ebfiggk7T7H7kM8peeppyyF07x2dtZb4n5fcyBTHpT
vEzqHjWB4WQHx0X/KUyW+L4T0ZnlLjHT0DHlAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfEJO1lRkLjuhUNWHe7nxW7JnWg4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mRUpPMWxSa0xqdWhVTldI
ZTdueFc3Sm5XZzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKHnfANvaQ0tHH/zZmy0PolBCcEenxsMA7hd
YzNIlNdsY/MI1MSyjCyo5Jk706VdOFH1km4DxqqC5srrYXYhwSQiDxkKLQ6/MCYH
EO3n2v89KKYn63GuBb6mfNaMZwFmfe0y3m/L8SZ+CJ+PBhAjgWM2GDawkpISfYi8
1s+ULJqWqzJYbLCme51qab/uB5AeZRzRpbWZwBoxKZWNcMRSOrF+nOquxOwvL2AG
p9K78n06VKN1nDHeeUMZ9b5U9gfyHMHMW8zC9tJXfrpcFXdSEgiC0zz93Ei2NL/p
HlY9TspOrs+U0PXVZr86exNLF7joewCUB+z8lo2F3ni4er1FoUE=
-----END CERTIFICATE-----
Generated at Sun May 18 04:50:50 2025 by rpki-client