Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EU8us2vRyArJAfsYF4JnFGP2IDI.roa
File: EU8us2vRyArJAfsYF4JnFGP2IDI.roa (raw, json)
Hash identifier: cNOoBkZPgpZXmIyYQhjbFXCiLta60NsxEK+cKy84G4g=
Subject key identifier: 11:4F:2E:B3:6B:D1:C8:0A:C9:01:FB:18:17:82:67:14:63:F6:20:32
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 222A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EU8us2vRyArJAfsYF4JnFGP2IDI.roa
Signing time: Sun 22 Jun 2025 02:41:49 +0000
ROA not before: Sun 22 Jun 2025 02:41:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8746 (0x222a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 02:41:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=114F2EB36BD1C80AC901FB181782671463F62032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:39:2d:00:b0:b2:e6:aa:01:06:4d:cd:aa:42:
36:84:1e:91:3e:6b:45:9f:04:52:5c:58:6b:e5:53:
bf:19:a1:ee:91:4d:ed:9c:1b:a4:74:62:ca:89:cd:
05:5b:b4:1a:76:37:c3:4b:a4:9d:84:d4:17:67:0e:
0d:b8:31:55:f5:af:d7:a4:c0:86:3a:95:b8:a8:5a:
49:d8:ed:07:65:f7:28:08:28:42:af:1c:57:c8:4e:
71:86:29:d7:35:94:9e:d9:61:21:2c:4c:90:1b:b1:
8b:3c:ee:95:57:67:d5:26:31:8a:44:99:4b:42:35:
9f:39:11:b2:d9:83:f3:b4:f5:94:af:7e:35:b8:b2:
98:5b:72:07:39:a3:a8:b8:12:6c:5b:0d:af:b8:3b:
b1:42:48:ad:ea:78:b8:5a:e8:c8:02:59:aa:52:67:
91:75:e1:58:26:c7:f3:1d:a7:53:32:74:00:dc:b8:
b2:b0:31:cd:82:31:16:81:2b:dd:0c:26:d2:80:ab:
fe:f7:24:d2:c1:4a:6d:8b:e1:c3:d5:27:2f:f2:8b:
82:ad:2f:60:f9:83:cd:de:6a:20:a1:3d:d3:fe:4a:
32:e3:a7:0a:0e:1e:72:c1:4b:a9:79:81:58:16:ac:
7a:04:64:f1:35:34:c7:3d:12:c0:5b:45:9b:84:0a:
23:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:4F:2E:B3:6B:D1:C8:0A:C9:01:FB:18:17:82:67:14:63:F6:20:32
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EU8us2vRyArJAfsYF4JnFGP2IDI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:6e:04:7d:c6:43:af:3f:6c:05:90:b4:33:54:92:ab:a2:64:
26:1e:92:7e:05:96:00:99:42:e0:e5:a9:e6:6c:3c:a7:c0:87:
62:f1:e3:47:51:0f:81:53:69:23:fc:c3:02:1c:2f:d6:c7:cb:
8d:6a:ca:3c:6a:dd:38:e7:98:d4:29:ee:47:bb:da:15:db:8d:
9c:70:e4:7d:be:2c:0b:96:61:51:2a:1b:0e:26:5d:43:1f:0d:
5d:c2:6f:56:5d:d6:18:4b:46:c2:2f:ba:10:1a:52:00:8e:32:
14:1d:f5:4a:07:19:7f:14:22:9f:50:08:49:4b:31:e5:19:33:
4e:07:9b:33:d3:2b:d5:3e:35:00:fe:bb:a1:67:7a:23:6f:73:
b3:39:6d:f6:0e:4b:05:cb:7d:88:c2:c0:67:12:97:2e:9b:b4:
d4:c9:cb:7d:04:8d:f3:f0:dc:be:61:3a:d8:aa:d5:c8:f6:07:
d6:31:0d:09:57:ca:93:96:66:54:2b:49:8d:10:8f:0a:23:da:
45:49:b6:b9:6e:e4:7c:5e:93:15:ed:28:db:67:34:df:ac:95:
59:8b:b7:02:ac:dd:3f:7e:8f:92:e5:39:e8:cd:fc:d4:c5:e3:
9c:b0:a1:08:83:19:63:32:03:ad:8d:e3:d7:96:8d:7d:f6:8c:
7d:bb:6c:dc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIiowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
MjQxNDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDExNEYyRUIzNkJEMUM4
MEFDOTAxRkIxODE3ODI2NzE0NjNGNjIwMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAOS0AsLLmqgEGTc2qQjaEHpE+a0WfBFJcWGvlU78Zoe6RTe2c
G6R0YsqJzQVbtBp2N8NLpJ2E1BdnDg24MVX1r9ekwIY6lbioWknY7Qdl9ygIKEKv
HFfITnGGKdc1lJ7ZYSEsTJAbsYs87pVXZ9UmMYpEmUtCNZ85EbLZg/O09ZSvfjW4
sphbcgc5o6i4EmxbDa+4O7FCSK3qeLha6MgCWapSZ5F14Vgmx/Mdp1MydADcuLKw
Mc2CMRaBK90MJtKAq/73JNLBSm2L4cPVJy/yi4KtL2D5g83eaiChPdP+SjLjpwoO
HnLBS6l5gVgWrHoEZPE1NMc9EsBbRZuECiMJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEU8us2vRyArJAfsYF4JnFGP2IDIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FVTh1czJ2UnlBckpBZnNZ
RjRKbkZHUDJJREkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHNuBH3GQ68/bAWQtDNUkquiZCYekn4FlgCZ
QuDlqeZsPKfAh2Lx40dRD4FTaSP8wwIcL9bHy41qyjxq3TjnmNQp7ke72hXbjZxw
5H2+LAuWYVEqGw4mXUMfDV3Cb1Zd1hhLRsIvuhAaUgCOMhQd9UoHGX8UIp9QCElL
MeUZM04HmzPTK9U+NQD+u6FneiNvc7M5bfYOSwXLfYjCwGcSly6btNTJy30EjfPw
3L5hOtiq1cj2B9YxDQlXypOWZlQrSY0Qjwoj2kVJtrlu5HxekxXtKNtnNN+slVmL
twKs3T9+j5LlOejN/NTF45ywoQiDGWMyA62N49eWjX32jH27bNw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:17:32 2025 by rpki-client