Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-yPj5WZUerLTRDJYlzINxOmnew0.roa
File: -yPj5WZUerLTRDJYlzINxOmnew0.roa (raw, json)
Hash identifier: yd5msXqL3zmtUCiGqlNZ2fFYHv1J/ECqdBujg3gu7mg=
Subject key identifier: FB:23:E3:E5:66:54:7A:B2:D3:44:32:58:97:32:0D:C4:E9:A7:7B:0D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 13E6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-yPj5WZUerLTRDJYlzINxOmnew0.roa
Signing time: Mon 02 Jun 2025 14:39:14 +0000
ROA not before: Mon 02 Jun 2025 14:39:14 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5094 (0x13e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 2 14:39:14 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FB23E3E566547AB2D344325897320DC4E9A77B0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:18:e5:e9:0d:42:bd:b5:41:4a:0b:6f:c5:bd:
d2:65:8c:1e:b5:5e:f3:71:49:d3:ca:2e:70:d1:fe:
00:5a:34:76:3f:9d:b8:a8:71:58:da:9c:60:b1:e3:
61:f2:41:61:c6:46:74:ad:3a:5d:25:74:97:58:0e:
29:43:b0:1d:05:84:6c:8b:97:2b:6f:67:8e:c4:79:
bd:80:83:91:eb:6a:d7:04:cc:14:ac:cc:68:73:33:
54:7d:93:b7:d9:24:90:7c:f8:fe:ed:ee:f3:c3:c1:
72:af:8e:90:7b:2c:d8:a1:81:72:ac:2a:26:41:83:
d1:d6:9e:b9:b4:64:27:b0:39:d2:83:01:5f:8d:9c:
7b:be:98:b1:22:d2:90:f4:ba:6d:c6:f2:ce:fa:4d:
6e:af:5a:1b:08:6c:68:85:92:64:2f:88:28:0f:1d:
e6:be:56:01:e6:32:fc:63:c6:e1:68:9c:2d:cc:8a:
35:5f:02:8e:7b:86:84:a0:50:8a:9c:b4:7d:07:50:
45:83:34:33:5d:89:95:6b:88:df:43:b2:ae:9b:2e:
de:da:5a:92:62:18:d0:37:ce:81:cf:4a:4d:ac:4d:
80:28:cb:ed:ca:7e:29:df:64:bf:95:df:20:8d:2c:
51:b1:9c:83:d7:f1:a0:cf:2f:0f:39:28:97:60:82:
dc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:23:E3:E5:66:54:7A:B2:D3:44:32:58:97:32:0D:C4:E9:A7:7B:0D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-yPj5WZUerLTRDJYlzINxOmnew0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:7d:3c:c4:ab:50:f1:5a:aa:68:76:4e:16:a1:99:b4:8a:0a:
f0:97:d0:76:bd:16:fb:20:d6:dd:ab:4c:df:26:e8:a8:10:b8:
8b:eb:a5:82:a1:5d:92:a0:bf:f9:73:28:e1:d3:38:92:4d:21:
77:d7:92:46:7f:20:63:7d:5b:d0:05:c6:ca:04:8e:98:06:e3:
11:59:e1:04:41:9c:7e:85:26:fa:bd:3d:10:71:2f:4e:8e:b5:
ce:3f:03:a1:f9:33:71:cf:71:e6:72:27:c0:3a:9f:f1:76:76:
d8:5e:24:e5:b6:bd:ec:56:b6:b9:4a:5e:f9:c2:26:ff:7b:f8:
a5:a0:91:90:db:12:45:ab:fe:fc:75:b9:bd:21:64:87:7a:05:
0c:7c:ba:ba:97:54:18:d4:b8:99:58:81:e2:a7:e1:59:57:8d:
d7:da:45:c9:26:e1:94:b6:83:1f:41:82:4c:39:b7:14:1b:75:
cc:57:b1:88:41:37:be:5b:f4:b8:ad:f6:62:fd:d8:0e:d5:93:
7b:62:41:05:cc:63:f3:07:fe:d5:9b:fc:d2:8e:95:49:02:00:
c8:8b:20:8c:c1:b7:92:a6:b0:e5:29:d0:e1:61:3d:9e:20:99:
7f:2e:45:96:81:6e:9a:28:1b:af:ce:b3:8f:71:e6:68:8d:80:
a4:b1:98:c2
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE+YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDIx
NDM5MTRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZCMjNFM0U1NjY1NDdB
QjJEMzQ0MzI1ODk3MzIwREM0RTlBNzdCMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbGOXpDUK9tUFKC2/FvdJljB61XvNxSdPKLnDR/gBaNHY/nbio
cVjanGCx42HyQWHGRnStOl0ldJdYDilDsB0FhGyLlytvZ47Eeb2Ag5HratcEzBSs
zGhzM1R9k7fZJJB8+P7t7vPDwXKvjpB7LNihgXKsKiZBg9HWnrm0ZCewOdKDAV+N
nHu+mLEi0pD0um3G8s76TW6vWhsIbGiFkmQviCgPHea+VgHmMvxjxuFonC3MijVf
Ao57hoSgUIqctH0HUEWDNDNdiZVriN9Dsq6bLt7aWpJiGNA3zoHPSk2sTYAoy+3K
finfZL+V3yCNLFGxnIPX8aDPLw85KJdggtwNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+yPj5WZUerLTRDJYlzINxOmnew0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8teVBqNVdaVWVyTFRSREpZ
bHpJTnhPbW5ldzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAKl9PMSrUPFaqmh2ThahmbSKCvCX0Ha9Fvsg
1t2rTN8m6KgQuIvrpYKhXZKgv/lzKOHTOJJNIXfXkkZ/IGN9W9AFxsoEjpgG4xFZ
4QRBnH6FJvq9PRBxL06Otc4/A6H5M3HPceZyJ8A6n/F2dtheJOW2vexWtrlKXvnC
Jv97+KWgkZDbEkWr/vx1ub0hZId6BQx8urqXVBjUuJlYgeKn4VlXjdfaRckm4ZS2
gx9Bgkw5txQbdcxXsYhBN75b9Lit9mL92A7Vk3tiQQXMY/MH/tWb/NKOlUkCAMiL
IIzBt5KmsOUp0OFhPZ4gmX8uRZaBbpooG6/Os49x5miNgKSxmMI=
-----END CERTIFICATE-----
Generated at Sat Jun 21 02:22:03 2025 by rpki-client