Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/NYNMHkmYzjgvyd5u-pEoVzkwfnk.roa
File: NYNMHkmYzjgvyd5u-pEoVzkwfnk.roa (raw, json)
Hash identifier: 4B7UYNyR0sxwNROl7MDp5te6UeGeQ7m0eySDAqkhYE8=
Subject key identifier: 35:83:4C:1E:49:98:CE:38:2F:C9:DE:6E:FA:91:28:57:39:30:7E:79
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 16B2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NYNMHkmYzjgvyd5u-pEoVzkwfnk.roa
Signing time: Fri 06 Jun 2025 08:09:26 +0000
ROA not before: Fri 06 Jun 2025 08:09:26 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5810 (0x16b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 08:09:26 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=35834C1E4998CE382FC9DE6EFA91285739307E79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:59:24:69:e3:62:ee:89:34:53:b3:52:3f:67:
21:7a:f8:31:84:de:80:45:c4:a7:52:f7:b6:d4:c3:
30:35:57:81:87:ae:bd:01:36:84:97:de:52:5e:a8:
21:a6:ab:a7:17:74:e0:99:b1:fa:cf:5e:ef:f4:70:
fb:71:3c:b8:e1:f2:62:63:f9:3e:81:9b:86:fe:9b:
f7:f9:01:63:a6:ee:89:3d:35:55:5b:a4:1d:a1:89:
9a:23:aa:59:ef:4a:89:df:07:12:1d:25:aa:3d:76:
f2:7d:3e:d3:37:8c:70:31:16:69:ef:8e:d3:0c:0d:
c6:62:ee:04:97:27:36:1a:38:5c:b5:23:47:59:75:
0d:a8:aa:a3:97:e6:12:26:5a:95:3e:82:96:0e:03:
11:03:99:90:6e:ba:28:e7:f9:c7:e6:bf:be:01:9b:
44:71:d3:14:b3:c8:f2:84:16:fc:2c:a8:64:2a:9f:
a3:83:e6:08:e7:99:26:a0:e5:3b:6f:99:39:0a:ca:
f8:83:46:ca:60:12:41:f3:a9:a6:d6:a6:7c:69:5a:
72:68:04:a0:f2:b4:3f:7d:c4:21:1f:b1:47:51:73:
87:50:a2:70:97:1d:3b:4a:27:15:ae:32:bb:ec:5a:
ba:f2:a2:e5:94:2a:c4:ae:dd:54:5e:64:9e:aa:06:
aa:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:83:4C:1E:49:98:CE:38:2F:C9:DE:6E:FA:91:28:57:39:30:7E:79
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/NYNMHkmYzjgvyd5u-pEoVzkwfnk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:b5:d5:30:20:0c:dc:71:91:68:a6:83:8e:8b:0f:22:fc:da:
f1:bf:38:be:d9:c1:99:92:6c:42:f6:79:b7:28:df:36:9a:07:
91:b0:a2:b4:c6:48:cd:e8:7d:75:2f:90:72:69:b4:9b:57:03:
2b:a3:60:47:a6:f6:8e:29:eb:5d:a6:ef:b6:47:f0:9b:54:df:
c8:de:bb:17:a1:74:a1:55:be:37:9a:28:68:ff:fa:66:44:45:
85:5b:78:82:48:a8:4c:b6:bb:6c:28:93:00:d5:97:8f:4a:0b:
db:14:4a:a3:7b:fb:ba:3c:87:22:a5:b9:fa:ca:f0:7e:6d:6b:
64:31:41:ba:59:96:df:91:c1:ab:6d:12:69:63:d0:94:6d:9c:
40:08:07:71:bb:53:fe:7c:06:b8:22:76:94:b4:10:71:a7:ac:
bb:f4:d2:0c:b5:e6:dc:e0:ad:af:f8:b8:d5:0a:01:78:31:82:
5f:e7:20:91:76:55:6b:4a:65:79:ca:22:ba:41:f9:51:76:52:
4d:20:d3:a9:e2:00:b5:de:31:ca:08:33:17:22:7f:ca:df:05:
c1:50:66:7c:0e:3d:50:75:89:99:e4:de:42:ba:7a:b2:18:69:
7c:7b:77:9c:23:38:ef:fe:62:35:a6:d8:83:09:ab:54:ea:85:
ac:4f:61:aa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFrIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
ODA5MjZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDM1ODM0QzFFNDk5OENF
MzgyRkM5REU2RUZBOTEyODU3MzkzMDdFNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEWSRp42LuiTRTs1I/ZyF6+DGE3oBFxKdS97bUwzA1V4GHrr0B
NoSX3lJeqCGmq6cXdOCZsfrPXu/0cPtxPLjh8mJj+T6Bm4b+m/f5AWOm7ok9NVVb
pB2hiZojqlnvSonfBxIdJao9dvJ9PtM3jHAxFmnvjtMMDcZi7gSXJzYaOFy1I0dZ
dQ2oqqOX5hImWpU+gpYOAxEDmZBuuijn+cfmv74Bm0Rx0xSzyPKEFvwsqGQqn6OD
5gjnmSag5TtvmTkKyviDRspgEkHzqabWpnxpWnJoBKDytD99xCEfsUdRc4dQonCX
HTtKJxWuMrvsWrryouWUKsSu3VReZJ6qBqrDAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNYNMHkmYzjgvyd5u+pEoVzkwfnkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9OWU5NSGttWXpqZ3Z5ZDV1
LXBFb1Z6a3dmbmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFu11TAgDNxxkWimg46LDyL82vG/OL7ZwZmS
bEL2ebco3zaaB5GworTGSM3ofXUvkHJptJtXAyujYEem9o4p612m77ZH8JtU38je
uxehdKFVvjeaKGj/+mZERYVbeIJIqEy2u2wokwDVl49KC9sUSqN7+7o8hyKlufrK
8H5ta2QxQbpZlt+RwattEmlj0JRtnEAIB3G7U/58BrgidpS0EHGnrLv00gy15tzg
ra/4uNUKAXgxgl/nIJF2VWtKZXnKIrpB+VF2Uk0g06niALXeMcoIMxcif8rfBcFQ
ZnwOPVB1iZnk3kK6erIYaXx7d5wjOO/+YjWm2IMJq1TqhaxPYao=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:58:44 2025 by rpki-client