Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Yj2oFKWk3wDg96AVLBURBGMpiqY.roa
File: Yj2oFKWk3wDg96AVLBURBGMpiqY.roa (raw, json)
Hash identifier: lWv32ZNXo9beC/Gr33GKuHZgIfsob7Jfh7jGC8ffzKQ=
Subject key identifier: 62:3D:A8:14:A5:A4:DF:00:E0:F7:A0:15:2C:15:11:04:63:29:8A:A6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1BA6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Yj2oFKWk3wDg96AVLBURBGMpiqY.roa
Signing time: Thu 12 Jun 2025 22:39:57 +0000
ROA not before: Thu 12 Jun 2025 22:39:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7078 (0x1ba6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 22:39:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=623DA814A5A4DF00E0F7A0152C15110463298AA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:53:a1:0c:af:23:b8:98:b8:18:8f:59:9b:aa:
10:9a:2f:1a:ac:f9:19:f5:e9:a2:13:f5:f4:9d:da:
69:e0:04:54:d6:dd:41:f0:70:c5:7a:97:39:bf:ed:
f3:db:d8:b8:46:56:3e:4e:6e:9e:9c:20:a3:3e:5c:
6f:04:a4:23:b6:49:48:33:d7:5b:35:65:30:d3:93:
21:00:d0:87:a1:39:e2:52:56:af:64:f2:d3:cd:b2:
04:e8:45:6d:e9:e1:92:34:28:d4:ad:76:f2:e9:4c:
53:68:ce:2a:31:ab:af:13:fe:03:d6:ff:79:97:c2:
00:e4:79:2d:31:12:a5:3f:e7:d0:de:bb:d0:84:a5:
50:77:a1:af:4e:6a:b0:e4:d5:26:df:f3:27:8b:8b:
4a:4e:73:95:75:d4:47:7d:aa:ba:41:c0:5d:2b:40:
01:06:91:c5:cc:45:7a:e9:85:72:28:b9:1b:a8:23:
8e:1c:4b:cb:0f:8b:a2:98:ab:78:1b:64:c1:93:0e:
b4:84:89:0d:85:f4:4f:c4:d2:4e:35:e0:18:91:cd:
62:38:32:db:69:ff:14:2f:c2:c0:df:20:eb:9d:66:
d2:1e:01:3d:b0:77:be:04:f4:dc:6f:78:58:a0:6b:
8f:aa:69:ad:84:0f:55:9e:4a:30:fd:52:eb:df:1e:
b8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:3D:A8:14:A5:A4:DF:00:E0:F7:A0:15:2C:15:11:04:63:29:8A:A6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Yj2oFKWk3wDg96AVLBURBGMpiqY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:9d:29:7d:7f:fc:be:e6:a7:a6:53:0a:ac:ad:6b:38:5e:3e:
e8:c0:8f:09:92:df:f7:8b:f1:fa:8e:da:3f:7a:a8:41:97:a2:
66:16:69:c0:8c:b1:4e:76:43:19:12:02:c7:25:78:f2:20:15:
52:51:d0:73:f0:6c:d9:6a:85:55:19:f3:19:5c:00:73:86:b3:
8c:d7:93:ad:d8:47:16:50:df:0a:1e:40:3e:f4:ce:1e:38:c1:
c8:09:0b:2e:fa:7a:3f:c0:71:b7:d7:d2:b6:37:c4:40:32:a6:
7a:24:3f:3c:51:9c:03:79:b7:eb:69:74:ba:c5:08:87:d0:6f:
91:4f:93:f1:5d:71:f1:bc:33:27:57:a0:3e:a4:32:3f:3a:65:
c3:9b:e5:e4:fa:11:6c:97:68:21:ef:2f:b2:27:0a:b8:eb:c5:
8c:b6:94:1d:ba:62:c9:ce:98:0f:1d:36:58:1f:d5:50:b9:9a:
16:8b:ab:3a:03:20:cb:5c:ed:5b:01:b3:49:70:b6:9e:f0:99:
f8:8b:fb:e0:d5:e6:1a:ed:21:f9:ac:c0:49:d3:ca:d1:c9:78:
e4:11:e4:ed:85:ce:09:a8:45:10:4e:af:04:84:4c:3d:8a:14:
5a:4b:8e:83:3c:49:f7:7b:e6:7e:00:73:8e:20:bc:fb:b8:eb:
3d:79:0b:b7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG6YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIy
MjM5NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYyM0RBODE0QTVBNERG
MDBFMEY3QTAxNTJDMTUxMTA0NjMyOThBQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4U6EMryO4mLgYj1mbqhCaLxqs+Rn16aIT9fSd2mngBFTW3UHw
cMV6lzm/7fPb2LhGVj5Obp6cIKM+XG8EpCO2SUgz11s1ZTDTkyEA0IehOeJSVq9k
8tPNsgToRW3p4ZI0KNStdvLpTFNozioxq68T/gPW/3mXwgDkeS0xEqU/59Deu9CE
pVB3oa9OarDk1Sbf8yeLi0pOc5V11Ed9qrpBwF0rQAEGkcXMRXrphXIouRuoI44c
S8sPi6KYq3gbZMGTDrSEiQ2F9E/E0k414BiRzWI4Mttp/xQvwsDfIOudZtIeAT2w
d74E9NxveFiga4+qaa2ED1WeSjD9UuvfHritAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYj2oFKWk3wDg96AVLBURBGMpiqYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZajJvRktXazN3RGc5NkFW
TEJVUkJHTXBpcVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFCdKX1//L7mp6ZTCqytazhePujAjwmS3/eL
8fqO2j96qEGXomYWacCMsU52QxkSAsclePIgFVJR0HPwbNlqhVUZ8xlcAHOGs4zX
k63YRxZQ3woeQD70zh44wcgJCy76ej/AcbfX0rY3xEAypnokPzxRnAN5t+tpdLrF
CIfQb5FPk/FdcfG8MydXoD6kMj86ZcOb5eT6EWyXaCHvL7InCrjrxYy2lB26YsnO
mA8dNlgf1VC5mhaLqzoDIMtc7VsBs0lwtp7wmfiL++DV5hrtIfmswEnTytHJeOQR
5O2FzgmoRRBOrwSETD2KFFpLjoM8Sfd75n4Ac44gvPu46z15C7c=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:56:43 2025 by rpki-client