Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ef3RMj0l_FFiuuy-0Squz20Nx7E.roa
File: Ef3RMj0l_FFiuuy-0Squz20Nx7E.roa (raw, json)
Hash identifier: dcMfUkI5QmLIt8WwKceJQSieRFYGYcgN9sbw+qYpDdA=
Subject key identifier: 11:FD:D1:32:3D:25:FC:51:62:BA:EC:BE:D1:2A:AE:CF:6D:0D:C7:B1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B7A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ef3RMj0l_FFiuuy-0Squz20Nx7E.roa
Signing time: Thu 12 Jun 2025 17:09:52 +0000
ROA not before: Thu 12 Jun 2025 17:09:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7034 (0x1b7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 17:09:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=11FDD1323D25FC5162BAECBED12AAECF6D0DC7B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:9e:05:92:d4:bb:fd:f7:00:ff:34:94:7f:a7:
1c:19:a0:d2:e7:8b:ad:74:c9:e4:d5:cd:7e:bb:bf:
5a:10:41:c5:53:70:6d:d0:77:72:88:d2:fe:79:ee:
30:3b:13:3d:f4:09:5e:43:2d:aa:ff:d4:77:32:59:
79:f3:9d:a5:bb:5a:8c:98:be:8b:ee:cf:16:61:fc:
f4:03:36:dc:7b:0e:e3:4d:d2:d8:4b:fc:8a:aa:6a:
fb:6f:8d:e4:db:e8:15:b7:c3:80:f6:92:75:80:c1:
00:5e:e5:fa:be:fa:82:5b:39:d8:ec:3a:2f:1c:4f:
a7:ba:78:9e:01:dd:2f:3d:07:27:92:d1:47:85:6b:
25:14:02:ee:68:0d:a5:ed:de:17:ef:5e:f2:62:bf:
5c:8f:b2:0e:c9:d9:17:19:bc:74:9b:57:eb:4c:cb:
48:db:99:c1:40:cb:69:02:5a:02:06:48:ed:77:4c:
08:1b:7a:c7:18:31:65:96:6e:9a:b9:8a:42:52:db:
3e:f5:2d:c9:73:cf:53:88:2e:17:92:9d:7f:27:4d:
ec:40:a5:59:d2:1f:d3:2c:37:0e:e2:58:b1:24:9b:
67:52:d1:34:c9:25:8e:8e:f4:b7:86:9d:86:55:1e:
ed:41:85:e0:83:df:7a:b0:00:48:8b:ef:52:62:a8:
c2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FD:D1:32:3D:25:FC:51:62:BA:EC:BE:D1:2A:AE:CF:6D:0D:C7:B1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ef3RMj0l_FFiuuy-0Squz20Nx7E.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:f4:a4:12:e7:7e:e7:43:df:78:d5:58:1f:91:4b:4b:dc:31:
08:12:8e:bb:1a:e4:0d:41:fa:2a:a6:f6:24:1f:96:4e:85:62:
27:ae:bd:31:4e:ac:a4:f8:82:77:f7:56:04:d4:4b:da:e0:1f:
67:ef:88:93:0d:27:1a:d0:3b:b9:97:21:f9:3f:b0:3f:24:76:
d5:19:d2:0c:90:25:ff:e7:34:57:4c:59:37:8d:36:d7:cc:a7:
7e:af:53:9b:71:5c:db:cc:2d:d7:d4:92:2a:67:df:1b:c9:46:
db:04:17:5c:a0:9f:f4:ec:0a:0f:83:55:76:e1:ce:95:ff:0e:
8d:f7:80:51:a5:cc:1c:4f:6b:2b:e1:b0:41:d1:a1:18:0d:e8:
67:55:a6:cd:f1:07:ba:ac:9d:c0:98:16:8b:0d:c1:0e:92:85:
0a:75:52:fd:3b:eb:b1:ff:57:5d:b6:d0:32:61:ed:b6:14:ac:
36:51:99:dd:ba:ae:28:59:1e:60:2f:aa:a8:3d:07:a0:2d:f1:
26:9b:57:6c:b0:2a:9f:35:9c:49:84:5f:ce:22:6d:40:ed:bc:
1d:ec:1a:72:43:3a:2d:22:ea:38:da:7c:12:2e:11:7e:7f:c7:
96:e3:bb:c8:70:d9:c0:53:d4:54:c7:ce:1b:a5:a4:58:67:44:
25:06:8f:f7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG3owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIx
NzA5NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDExRkREMTMyM0QyNUZD
NTE2MkJBRUNCRUQxMkFBRUNGNkQwREM3QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD2ngWS1Lv99wD/NJR/pxwZoNLni610yeTVzX67v1oQQcVTcG3Q
d3KI0v557jA7Ez30CV5DLar/1HcyWXnznaW7WoyYvovuzxZh/PQDNtx7DuNN0thL
/IqqavtvjeTb6BW3w4D2knWAwQBe5fq++oJbOdjsOi8cT6e6eJ4B3S89ByeS0UeF
ayUUAu5oDaXt3hfvXvJiv1yPsg7J2RcZvHSbV+tMy0jbmcFAy2kCWgIGSO13TAgb
escYMWWWbpq5ikJS2z71Lclzz1OILheSnX8nTexApVnSH9MsNw7iWLEkm2dS0TTJ
JY6O9LeGnYZVHu1BheCD33qwAEiL71JiqMK/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEf3RMj0l/FFiuuy+0Squz20Nx7EwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FZjNSTWowbF9GRml1dXkt
MFNxdXoyME54N0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAF30pBLnfudD33jVWB+RS0vcMQgSjrsa5A1B
+iqm9iQflk6FYieuvTFOrKT4gnf3VgTUS9rgH2fviJMNJxrQO7mXIfk/sD8kdtUZ
0gyQJf/nNFdMWTeNNtfMp36vU5txXNvMLdfUkipn3xvJRtsEF1ygn/TsCg+DVXbh
zpX/Do33gFGlzBxPayvhsEHRoRgN6GdVps3xB7qsncCYFosNwQ6ShQp1Uv0767H/
V1220DJh7bYUrDZRmd26rihZHmAvqqg9B6At8SabV2ywKp81nEmEX84ibUDtvB3s
GnJDOi0i6jjafBIuEX5/x5bju8hw2cBT1FTHzhulpFhnRCUGj/c=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:06:47 2025 by rpki-client