Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/eAlf8EulOyFjkR9SEoa1j0l8L-U.roa
File: eAlf8EulOyFjkR9SEoa1j0l8L-U.roa (raw, json)
Hash identifier: 8N0nfpwdVt2b0vw7g4KLzSc1Fc/BqDjEXnycnN+/syM=
Subject key identifier: 78:09:5F:F0:4B:A5:3B:21:63:91:1F:52:12:86:B5:8F:49:7C:2F:E5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1652
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eAlf8EulOyFjkR9SEoa1j0l8L-U.roa
Signing time: Thu 05 Jun 2025 20:09:28 +0000
ROA not before: Thu 05 Jun 2025 20:09:28 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5714 (0x1652)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 5 20:09:28 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=78095FF04BA53B2163911F521286B58F497C2FE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ce:1c:93:a3:8b:09:07:b9:75:1a:c2:48:ba:
11:19:af:78:d9:cc:67:0e:a9:a5:ae:2c:84:89:b4:
b9:be:f3:9a:98:e3:c4:8f:74:7f:ae:2e:d6:d7:30:
47:28:4a:1c:ec:8b:d5:54:3f:d8:e3:e4:5b:3c:0e:
26:eb:25:8b:5b:f9:78:4b:37:ee:8e:08:06:da:ba:
3c:81:3d:2d:89:bd:52:68:57:1a:69:a4:f9:8c:e6:
d7:42:6b:61:a8:0b:9e:90:ae:d9:d0:f7:63:fc:5a:
ae:3d:18:86:bf:3b:92:3d:0a:1d:c5:97:89:f6:31:
c0:f6:1c:ba:4f:f0:c2:43:e2:e4:c5:b9:34:d1:72:
4d:dd:9b:bf:82:24:e7:7e:68:bf:9f:b3:38:0e:25:
b6:12:b4:98:30:ae:7b:89:e8:6f:b8:a8:97:76:12:
5a:e0:8c:0d:07:12:de:62:6c:b3:ea:60:e2:38:5b:
1f:63:28:f9:30:70:b2:16:a7:5a:24:15:31:d1:ad:
61:2e:25:09:67:2f:ba:e6:f6:eb:ac:ad:66:08:99:
d8:10:00:db:37:0e:30:64:60:19:71:07:13:b0:21:
d1:17:f0:07:92:39:11:15:fb:5b:06:ba:cb:71:16:
17:85:d0:b2:98:18:5f:01:84:79:05:33:ba:6a:4a:
9c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:09:5F:F0:4B:A5:3B:21:63:91:1F:52:12:86:B5:8F:49:7C:2F:E5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/eAlf8EulOyFjkR9SEoa1j0l8L-U.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
57:13:aa:4a:e7:a4:65:21:b2:f2:5f:cd:85:64:d9:e6:ea:cc:
c3:db:fc:c9:73:b3:7e:80:d3:d8:9e:7d:59:9b:e3:c9:7f:ca:
ef:80:b8:8f:e1:bf:f2:64:87:88:e7:9c:82:e1:e6:60:31:0b:
3a:d8:1e:3c:6a:a6:a9:bd:5d:ac:2f:f2:0a:a0:68:d4:38:3d:
e8:d8:15:82:c0:b0:df:a6:29:78:8f:e2:e3:44:97:3e:e7:e9:
11:ee:85:3d:2e:c4:8f:c6:e0:4f:8e:62:98:fd:c8:ae:ec:0a:
fb:71:c1:1c:68:72:d3:c7:ad:11:9b:e4:24:6b:a7:1b:a0:c6:
9a:7b:3b:da:73:a6:81:bf:98:63:cc:79:fe:83:46:81:57:2e:
70:e2:83:3a:05:89:ed:84:80:20:71:c0:bc:99:95:5e:71:56:
b4:9b:47:4d:93:f8:8e:58:42:61:99:06:2e:fe:cc:f8:dd:f4:
83:ea:6d:9f:f7:f6:f2:c2:41:26:85:b3:f1:cd:88:63:f0:e0:
58:31:87:a7:6a:ad:cd:a2:8a:72:6d:a9:de:0f:fe:3e:60:d6:
43:cb:c4:7e:ec:a0:43:76:b2:bc:26:38:45:27:0e:c2:67:5f:
29:4c:6f:60:b1:d7:11:34:f0:86:c7:85:f8:e9:07:30:8c:69:
99:97:1e:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDUy
MDA5MjhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDc4MDk1RkYwNEJBNTNC
MjE2MzkxMUY1MjEyODZCNThGNDk3QzJGRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOzhyTo4sJB7l1GsJIuhEZr3jZzGcOqaWuLISJtLm+85qY48SP
dH+uLtbXMEcoShzsi9VUP9jj5Fs8DibrJYtb+XhLN+6OCAbaujyBPS2JvVJoVxpp
pPmM5tdCa2GoC56QrtnQ92P8Wq49GIa/O5I9Ch3Fl4n2McD2HLpP8MJD4uTFuTTR
ck3dm7+CJOd+aL+fszgOJbYStJgwrnuJ6G+4qJd2ElrgjA0HEt5ibLPqYOI4Wx9j
KPkwcLIWp1okFTHRrWEuJQlnL7rm9uusrWYImdgQANs3DjBkYBlxBxOwIdEX8AeS
OREV+1sGustxFheF0LKYGF8BhHkFM7pqSpx3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUeAlf8EulOyFjkR9SEoa1j0l8L+UwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9lQWxmOEV1bE95RmprUjlT
RW9hMWowbDhMLVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFcTqkrnpGUhsvJfzYVk2ebqzMPb/Mlzs36A
09iefVmb48l/yu+AuI/hv/Jkh4jnnILh5mAxCzrYHjxqpqm9Xawv8gqgaNQ4PejY
FYLAsN+mKXiP4uNElz7n6RHuhT0uxI/G4E+OYpj9yK7sCvtxwRxoctPHrRGb5CRr
pxugxpp7O9pzpoG/mGPMef6DRoFXLnDigzoFie2EgCBxwLyZlV5xVrSbR02T+I5Y
QmGZBi7+zPjd9IPqbZ/39vLCQSaFs/HNiGPw4Fgxh6dqrc2iinJtqd4P/j5g1kPL
xH7soEN2srwmOEUnDsJnXylMb2Cx1xE08IbHhfjpBzCMaZmXHkg=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:52:12 2025 by rpki-client