Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/7fb87dExJr0pYsuL7JqwqLdc3M0.roa
File: 7fb87dExJr0pYsuL7JqwqLdc3M0.roa (raw, json)
Hash identifier: 6s2qAKgZedbeIHfDPhAstKNls42Q48X9lWtkCy9lqgU=
Subject key identifier: ED:F6:FC:ED:D1:31:26:BD:29:62:CB:8B:EC:9A:B0:A8:B7:5C:DC:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 127A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7fb87dExJr0pYsuL7JqwqLdc3M0.roa
Signing time: Sat 31 May 2025 17:09:06 +0000
ROA not before: Sat 31 May 2025 17:09:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4730 (0x127a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 31 17:09:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=EDF6FCEDD13126BD2962CB8BEC9AB0A8B75CDCCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:93:7d:9d:c4:af:b3:2f:f6:b7:61:7a:58:43:
aa:a3:63:06:1c:eb:1e:97:5f:a4:45:3d:da:42:eb:
06:53:51:84:0f:ba:a7:9b:9f:20:6e:79:f0:47:15:
fb:00:bf:98:e3:64:41:e7:40:4b:35:e8:1b:be:1c:
90:23:be:cf:cc:2a:53:84:a8:80:48:d7:d4:f1:b8:
7d:94:62:87:d8:84:7c:4e:3d:58:88:0b:9f:93:d2:
a8:c0:2f:c2:17:33:77:a4:d0:fb:bf:1b:31:d6:99:
35:5c:f4:2a:5d:73:9f:61:91:a4:31:3a:8c:71:83:
7a:fc:54:d1:ee:e8:b6:48:16:72:c4:f3:ad:02:ab:
48:e9:f0:a7:c0:3d:d3:da:ef:58:4f:d3:11:36:f2:
b0:c9:97:e6:82:39:36:b0:66:54:29:fb:96:36:d6:
49:9a:75:64:90:07:a3:34:da:e5:f1:90:ce:c8:68:
cb:27:43:d9:25:13:08:0f:35:73:2a:e7:1f:44:a4:
8d:5d:ec:64:e0:ca:00:7d:67:f4:c3:44:e5:b8:5b:
a0:f9:a1:14:88:e6:a0:ec:ec:48:5e:ef:e1:18:77:
6a:9e:3e:00:5f:95:5e:7b:e9:14:f3:89:e8:d3:b5:
74:f0:5a:c8:27:9a:e7:a5:c2:14:69:6f:3f:2d:7d:
ef:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F6:FC:ED:D1:31:26:BD:29:62:CB:8B:EC:9A:B0:A8:B7:5C:DC:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/7fb87dExJr0pYsuL7JqwqLdc3M0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:75:a5:8c:37:49:4e:6e:e8:15:b1:59:98:c3:9e:9d:23:03:
30:e3:ed:fb:d3:75:eb:c7:51:61:4c:d9:57:7c:f4:f4:65:49:
86:cf:7f:2c:11:9f:60:92:ab:40:fd:26:78:2b:f0:12:d1:40:
cf:3d:77:f3:f5:f3:08:e8:aa:d8:d2:81:ee:6e:94:4b:5c:e5:
16:f7:96:f9:d4:ac:96:a7:c5:65:8e:27:f4:c7:ce:df:09:f6:
25:a8:63:cb:04:d4:07:45:ea:bc:40:35:61:36:a5:55:0b:fb:
03:a2:35:6a:c3:fc:11:43:82:70:97:26:07:b6:3d:73:29:81:
b2:f1:30:04:7d:8a:9f:0c:2e:7d:04:52:fc:b5:c8:0b:05:df:
28:4d:d9:8c:42:6f:11:83:35:ac:14:0b:de:2f:85:59:87:e2:
a0:c1:d7:39:5a:de:1d:33:2f:a7:00:3c:22:5a:6b:29:e4:e0:
01:7b:d2:8d:e8:16:12:a4:29:7b:f9:df:b3:ac:3a:bb:02:c6:
6d:c7:06:f7:ef:5d:4e:b2:cc:ff:ef:1f:40:5f:f4:7e:5d:ac:
0c:4b:54:67:3c:a1:e7:08:a8:a9:97:cb:39:25:87:c5:04:66:
1c:3c:4c:5c:33:b6:fb:51:08:d5:b1:ec:04:23:cb:12:57:b3:
7a:9d:55:a9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICEnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MzEx
NzA5MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEVERjZGQ0VERDEzMTI2
QkQyOTYyQ0I4QkVDOUFCMEE4Qjc1Q0RDQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/k32dxK+zL/a3YXpYQ6qjYwYc6x6XX6RFPdpC6wZTUYQPuqeb
nyBuefBHFfsAv5jjZEHnQEs16Bu+HJAjvs/MKlOEqIBI19TxuH2UYofYhHxOPViI
C5+T0qjAL8IXM3ek0Pu/GzHWmTVc9Cpdc59hkaQxOoxxg3r8VNHu6LZIFnLE860C
q0jp8KfAPdPa71hP0xE28rDJl+aCOTawZlQp+5Y21kmadWSQB6M02uXxkM7IaMsn
Q9klEwgPNXMq5x9EpI1d7GTgygB9Z/TDROW4W6D5oRSI5qDs7Ehe7+EYd2qePgBf
lV576RTziejTtXTwWsgnmuelwhRpbz8tfe81AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU7fb87dExJr0pYsuL7JqwqLdc3M0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni83ZmI4N2RFeEpyMHBZc3VM
N0pxd3FMZGMzTTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK11pYw3SU5u6BWxWZjDnp0jAzDj7fvTdevH
UWFM2Vd89PRlSYbPfywRn2CSq0D9Jngr8BLRQM89d/P18wjoqtjSge5ulEtc5Rb3
lvnUrJanxWWOJ/THzt8J9iWoY8sE1AdF6rxANWE2pVUL+wOiNWrD/BFDgnCXJge2
PXMpgbLxMAR9ip8MLn0EUvy1yAsF3yhN2YxCbxGDNawUC94vhVmH4qDB1zla3h0z
L6cAPCJaaynk4AF70o3oFhKkKXv537OsOrsCxm3HBvfvXU6yzP/vH0Bf9H5drAxL
VGc8oecIqKmXyzklh8UEZhw8TFwztvtRCNWx7AQjyxJXs3qdVak=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:57:23 2025 by rpki-client