Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/EqpaSiH9KduRzL9uzmlzjo2qDes.roa
File: EqpaSiH9KduRzL9uzmlzjo2qDes.roa (raw, json)
Hash identifier: g+33Hg45Uela7VpnicdsJEMUH/pFmI0H63H/dp3L5fY=
Subject key identifier: 12:AA:5A:4A:21:FD:29:DB:91:CC:BF:6E:CE:69:73:8E:8D:AA:0D:EB
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2002
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EqpaSiH9KduRzL9uzmlzjo2qDes.roa
Signing time: Wed 18 Jun 2025 19:44:41 +0000
ROA not before: Wed 18 Jun 2025 19:44:41 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8194 (0x2002)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 19:44:41 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=12AA5A4A21FD29DB91CCBF6ECE69738E8DAA0DEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2f:0e:65:84:b1:61:62:68:dc:f6:5c:b9:d3:
f4:ae:d4:2f:6d:63:f9:73:f8:dc:32:14:df:60:cd:
a1:59:06:1a:cc:c2:ce:f0:52:6f:09:9b:e8:d1:76:
e5:02:d9:9d:11:e7:2b:9e:4a:b1:cf:be:33:5a:23:
be:28:e6:0e:22:ec:45:2a:2d:18:67:44:2c:f7:30:
4f:49:a6:28:45:77:d4:72:0d:48:8c:3f:15:fa:11:
df:fd:a5:3c:75:20:4a:b1:ae:37:35:75:08:be:6c:
cf:b2:45:68:a9:ab:92:9e:0f:3f:4a:b8:0f:aa:6c:
ce:2e:06:9c:e6:8a:13:76:76:1f:2a:a5:ad:e9:d2:
1e:ef:14:a7:77:bf:c7:28:7f:77:28:1f:6a:e2:7e:
e0:d4:de:0a:6f:ef:a8:79:e2:e6:ab:93:c8:4d:d6:
c8:d3:6e:58:ea:70:c1:0d:71:fd:ba:02:fb:46:68:
63:b5:be:76:5f:36:1d:ec:27:43:05:77:63:22:11:
02:16:86:d0:49:f5:73:40:3f:19:99:29:24:cc:bb:
05:74:7b:21:b9:48:a1:06:91:de:d9:61:54:20:7a:
15:3d:8d:87:74:93:eb:dd:6b:b9:91:69:e4:84:81:
ba:5b:c0:57:13:71:f5:27:02:22:c0:6e:e7:5d:df:
20:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:AA:5A:4A:21:FD:29:DB:91:CC:BF:6E:CE:69:73:8E:8D:AA:0D:EB
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/EqpaSiH9KduRzL9uzmlzjo2qDes.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:86:34:4f:00:8b:b5:21:7f:0c:31:dd:58:23:c2:62:51:39:
b0:f4:20:72:73:00:88:fa:41:87:25:80:c3:56:7e:11:7b:cb:
e0:d8:77:1b:b1:da:14:02:6a:d2:1a:c3:89:57:0a:82:4c:7a:
c5:90:55:32:c1:63:e5:bc:3c:fb:9a:7f:0d:44:04:45:0e:52:
6d:fa:1c:cd:a0:49:e5:b6:1e:28:55:79:89:26:09:92:2d:fd:
4c:24:25:df:0d:58:86:63:a6:24:48:b5:b6:36:4c:fc:e1:d7:
88:90:24:e8:a1:0f:08:98:95:bd:60:24:65:77:76:6e:cc:ee:
59:5c:5e:a9:ad:ae:87:ea:06:6a:42:17:9c:4f:c0:2a:3c:d6:
a0:4a:0a:c9:fc:15:57:ef:cc:ca:db:81:cb:7a:28:0d:4a:b3:
aa:40:43:f3:9b:7f:77:bd:15:8d:ad:d5:42:03:d9:92:df:f6:
45:3f:cb:93:13:8a:60:cb:46:cf:a4:ab:65:cb:99:bc:0d:49:
11:e0:6d:8d:db:d8:4d:49:85:5a:2b:7c:d9:91:59:bf:84:32:
88:07:43:87:56:ba:81:83:d1:2f:36:0f:8d:20:e3:f0:34:16:
d9:f5:7e:b6:4c:ff:ce:98:26:ac:4d:68:65:ee:d9:dd:4e:bd:
8e:c5:4e:98
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgx
OTQ0NDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEyQUE1QTRBMjFGRDI5
REI5MUNDQkY2RUNFNjk3MzhFOERBQTBERUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTLw5lhLFhYmjc9ly50/Su1C9tY/lz+NwyFN9gzaFZBhrMws7w
Um8Jm+jRduUC2Z0R5yueSrHPvjNaI74o5g4i7EUqLRhnRCz3ME9JpihFd9RyDUiM
PxX6Ed/9pTx1IEqxrjc1dQi+bM+yRWipq5KeDz9KuA+qbM4uBpzmihN2dh8qpa3p
0h7vFKd3v8cof3coH2rifuDU3gpv76h54uark8hN1sjTbljqcMENcf26AvtGaGO1
vnZfNh3sJ0MFd2MiEQIWhtBJ9XNAPxmZKSTMuwV0eyG5SKEGkd7ZYVQgehU9jYd0
k+vda7mRaeSEgbpbwFcTcfUnAiLAbudd3yBtAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUEqpaSiH9KduRzL9uzmlzjo2qDeswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FcXBhU2lIOUtkdVJ6TDl1
em1sempvMnFEZXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACCGNE8Ai7Uhfwwx3VgjwmJRObD0IHJzAIj6
QYclgMNWfhF7y+DYdxux2hQCatIaw4lXCoJMesWQVTLBY+W8PPuafw1EBEUOUm36
HM2gSeW2HihVeYkmCZIt/UwkJd8NWIZjpiRItbY2TPzh14iQJOihDwiYlb1gJGV3
dm7M7llcXqmtrofqBmpCF5xPwCo81qBKCsn8FVfvzMrbgct6KA1Ks6pAQ/Obf3e9
FY2t1UID2ZLf9kU/y5MTimDLRs+kq2XLmbwNSRHgbY3b2E1JhVorfNmRWb+EMogH
Q4dWuoGD0S82D40g4/A0Ftn1frZM/86YJqxNaGXu2d1OvY7FTpg=
-----END CERTIFICATE-----
Generated at Mon Jul 21 13:28:02 2025 by rpki-client