Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EOu8hW4aurE3fzZTqDNWHc5Cljo.roa
File: EOu8hW4aurE3fzZTqDNWHc5Cljo.roa (raw, json)
Hash identifier: UYEjIYrttT5nTPu7HjuAfqAB3YOaRXjQAMfb+WLpKBw=
Subject key identifier: 10:EB:BC:85:6E:1A:BA:B1:37:7F:36:53:A8:33:56:1D:CE:42:96:3A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1EFE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EOu8hW4aurE3fzZTqDNWHc5Cljo.roa
Signing time: Tue 17 Jun 2025 09:40:04 +0000
ROA not before: Tue 17 Jun 2025 09:40:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7934 (0x1efe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 17 09:40:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=10EBBC856E1ABAB1377F3653A833561DCE42963A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2c:58:1a:2f:f6:ad:d7:fd:8f:18:c8:38:18:
af:c1:03:6d:45:8d:8f:f2:cd:1b:99:aa:63:78:5a:
df:89:00:81:e7:ae:96:74:3a:c0:ea:50:21:78:6f:
a6:d9:94:1d:22:8a:38:d8:17:7a:d5:a8:92:d5:ba:
7f:87:f6:c4:32:bb:2b:2d:e9:52:45:b8:69:9d:51:
67:ac:7a:d4:39:96:d6:4a:6d:7d:ac:64:dc:42:b9:
f2:b0:3b:d8:35:7f:aa:7e:b9:cd:2c:9c:5c:94:9a:
37:42:45:48:96:cd:0a:17:13:b1:2f:20:77:09:31:
3b:01:e2:c1:f6:d4:d6:b9:c4:da:4e:1a:4f:f1:7e:
b8:56:46:89:52:ec:84:cc:50:ce:7d:b1:0b:11:ca:
38:b8:a1:65:ad:f9:c8:6e:2d:7e:5c:c7:0f:58:b2:
46:4c:72:ba:8f:9b:18:df:e0:00:08:93:9a:67:c4:
3c:a2:91:38:c9:66:a5:7c:33:9a:11:e2:ca:cf:02:
b1:a7:cc:0e:50:cf:fe:19:ef:24:e3:6b:3c:5e:f0:
07:58:60:71:fb:7a:48:6c:1c:78:c4:25:a5:a6:b7:
73:5a:e6:b6:b8:ee:42:d6:fe:ed:91:91:4d:e9:60:
19:13:78:81:78:d9:2f:55:ac:f1:d2:e7:0d:0e:83:
07:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EB:BC:85:6E:1A:BA:B1:37:7F:36:53:A8:33:56:1D:CE:42:96:3A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EOu8hW4aurE3fzZTqDNWHc5Cljo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:2f:88:cb:94:df:cd:e2:c9:1d:74:51:61:43:d2:63:ca:b3:
d1:5f:2a:b6:7a:34:ae:15:bd:52:a2:c2:85:c4:62:67:b8:f2:
0c:6e:cf:7f:83:c2:e7:3a:6e:32:70:b0:50:ed:11:63:19:49:
48:63:85:95:27:8c:8a:a6:b9:f0:4d:5c:a5:98:18:bc:19:37:
0a:d7:73:6a:e6:3b:ff:f0:55:67:61:9a:a6:e1:47:c6:12:0a:
8a:1f:4c:86:f2:0a:4f:5a:b4:f2:77:1e:2f:97:b6:b4:22:a7:
ea:02:47:00:b6:20:ca:03:fc:4e:9d:fb:ee:b7:33:4d:bc:c0:
15:65:87:61:68:60:12:0b:67:b6:db:1a:e8:b3:32:2a:91:b7:
66:61:2d:c7:70:a8:22:df:4b:8e:26:24:72:76:bd:5d:5f:0e:
86:27:4d:5a:f1:4c:e1:ef:7d:da:c9:4a:1c:eb:1a:cf:d7:57:
5d:bd:33:6f:71:cc:03:72:39:69:c5:af:67:04:83:06:da:ee:
01:8b:19:7d:75:c9:a0:1c:55:2c:84:2c:e6:a8:75:40:a6:5c:
a2:69:10:06:07:c1:94:86:9a:ae:1b:ce:63:58:d7:f7:a4:93:
6d:e0:7f:72:9a:bf:d2:06:84:b4:01:ac:ad:cb:b8:64:48:8b:
8d:53:07:07
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTcw
OTQwMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEwRUJCQzg1NkUxQUJB
QjEzNzdGMzY1M0E4MzM1NjFEQ0U0Mjk2M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgLFgaL/at1/2PGMg4GK/BA21FjY/yzRuZqmN4Wt+JAIHnrpZ0
OsDqUCF4b6bZlB0iijjYF3rVqJLVun+H9sQyuyst6VJFuGmdUWesetQ5ltZKbX2s
ZNxCufKwO9g1f6p+uc0snFyUmjdCRUiWzQoXE7EvIHcJMTsB4sH21Na5xNpOGk/x
frhWRolS7ITMUM59sQsRyji4oWWt+chuLX5cxw9YskZMcrqPmxjf4AAIk5pnxDyi
kTjJZqV8M5oR4srPArGnzA5Qz/4Z7yTjazxe8AdYYHH7ekhsHHjEJaWmt3Na5ra4
7kLW/u2RkU3pYBkTeIF42S9VrPHS5w0Ogwd3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEOu8hW4aurE3fzZTqDNWHc5CljowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FT3U4aFc0YXVyRTNmelpU
cUROV0hjNUNsam8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK4viMuU383iyR10UWFD0mPKs9FfKrZ6NK4V
vVKiwoXEYme48gxuz3+Dwuc6bjJwsFDtEWMZSUhjhZUnjIqmufBNXKWYGLwZNwrX
c2rmO//wVWdhmqbhR8YSCoofTIbyCk9atPJ3Hi+XtrQip+oCRwC2IMoD/E6d++63
M028wBVlh2FoYBILZ7bbGuizMiqRt2ZhLcdwqCLfS44mJHJ2vV1fDoYnTVrxTOHv
fdrJShzrGs/XV129M29xzANyOWnFr2cEgwba7gGLGX11yaAcVSyELOaodUCmXKJp
EAYHwZSGmq4bzmNY1/ekk23gf3Kav9IGhLQBrK3LuGRIi41TBwc=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:07:11 2025 by rpki-client