Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YpUpeqmqyNKOrbIhXiohaW5l1_Y.roa
File: YpUpeqmqyNKOrbIhXiohaW5l1_Y.roa (raw, json)
Hash identifier: XtZP0ZQcLgWfpHzlpEohnTx03GjpzAKeysOPkl0Nwfw=
Subject key identifier: 62:95:29:7A:A9:AA:C8:D2:8E:AD:B2:21:5E:2A:21:69:6E:65:D7:F6
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: BE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YpUpeqmqyNKOrbIhXiohaW5l1_Y.roa
Signing time: Thu 08 May 2025 02:23:58 +0000
ROA not before: Thu 08 May 2025 02:23:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190 (0xbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 02:23:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6295297AA9AAC8D28EADB2215E2A21696E65D7F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:69:07:21:53:3e:18:b0:d4:08:5c:38:4a:
68:ea:d8:7d:da:99:68:3a:af:ca:32:19:ac:1f:d0:
21:ba:09:cf:5e:29:43:0c:4f:7b:39:c4:0c:cb:d4:
4d:55:4e:aa:29:fd:8f:96:ee:69:f9:a5:a8:9f:49:
c6:eb:31:f5:35:63:1f:12:85:72:04:ce:2d:2e:d6:
fc:dc:a6:d7:02:a8:e8:8f:e4:a8:a8:87:39:e9:4c:
dc:e3:34:e1:8d:56:77:f3:d9:8a:94:d3:6a:8c:3e:
9f:9b:26:1a:01:0e:6e:58:12:b4:e9:0b:d4:37:92:
f9:ed:71:7a:4f:11:0f:4f:dc:d1:9f:a4:4d:2b:f1:
65:0f:0c:03:87:c1:03:06:8e:6a:ad:b4:7a:2d:4a:
da:b6:3b:1e:8b:38:f0:c5:31:00:41:26:a6:21:c9:
47:4c:95:99:f6:54:2c:a1:6b:36:b1:e9:7e:2c:e5:
9c:3b:3e:99:33:7e:82:b9:fc:c0:fb:18:70:d2:59:
65:1e:31:17:34:cd:9b:09:ef:42:65:4c:a8:cf:15:
f1:67:cf:9c:d6:b9:70:a4:ef:8c:7f:ac:7e:35:3e:
90:0d:c9:3f:51:d6:39:c3:a1:13:48:ea:96:da:76:
6f:d7:69:0c:ac:81:3a:5c:7d:ef:2a:48:a3:0e:c0:
81:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:95:29:7A:A9:AA:C8:D2:8E:AD:B2:21:5E:2A:21:69:6E:65:D7:F6
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YpUpeqmqyNKOrbIhXiohaW5l1_Y.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:72:c0:e0:0f:fe:cf:6b:71:a0:3b:dd:1c:f9:c9:58:92:fa:
fe:9c:ad:bf:45:61:16:96:80:75:08:b9:13:20:1d:38:52:a2:
10:3d:09:ba:bb:cb:b0:a5:bb:b2:fc:7b:0a:bc:4c:df:3b:67:
2e:04:1b:ca:71:c7:1c:e1:5e:e6:02:be:e2:40:43:0e:31:48:
b9:86:ab:9a:56:03:42:45:1f:3d:6b:ce:34:fd:b3:c3:3d:40:
94:96:23:83:8b:90:2f:81:07:a6:cf:7d:cc:61:d3:9c:a8:ce:
ff:5b:04:bc:c2:79:db:c1:84:25:41:f0:a3:5a:a2:c8:cc:8b:
b0:e5:32:d8:c7:43:3b:c7:c6:c5:1d:f4:e4:0c:99:d3:6e:47:
e8:5a:04:ec:3d:31:73:92:83:e8:6e:d0:fe:62:15:f9:7e:79:
57:e5:6d:97:3a:79:c8:57:af:2e:d2:55:69:01:4e:15:57:54:
53:50:42:2f:7b:31:87:e2:6c:8a:55:eb:77:15:2c:eb:20:13:
3e:53:c8:d2:b7:4b:1a:0d:ce:0c:c5:d2:8a:ce:e0:3e:b1:54:
93:92:f2:dc:22:2f:b9:78:c5:70:c5:b0:dd:94:fc:d9:42:da:
73:18:11:65:68:16:15:5b:69:d0:61:3e:73:30:9b:5c:a2:7b:
1f:b7:3f:92
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAL4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgw
MjIzNThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYyOTUyOTdBQTlBQUM4
RDI4RUFEQjIyMTVFMkEyMTY5NkU2NUQ3RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmt2kHIVM+GLDUCFw4Smjq2H3amWg6r8oyGawf0CG6Cc9eKUMM
T3s5xAzL1E1VTqop/Y+W7mn5paifScbrMfU1Yx8ShXIEzi0u1vzcptcCqOiP5Kio
hznpTNzjNOGNVnfz2YqU02qMPp+bJhoBDm5YErTpC9Q3kvntcXpPEQ9P3NGfpE0r
8WUPDAOHwQMGjmqttHotStq2Ox6LOPDFMQBBJqYhyUdMlZn2VCyhazax6X4s5Zw7
PpkzfoK5/MD7GHDSWWUeMRc0zZsJ70JlTKjPFfFnz5zWuXCk74x/rH41PpANyT9R
1jnDoRNI6pbadm/XaQysgTpcfe8qSKMOwIEvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYpUpeqmqyNKOrbIhXiohaW5l1/YwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZcFVwZXFtcXlOS09yYklo
WGlvaGFXNWwxX1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEVywOAP/s9rcaA73Rz5yViS+v6crb9FYRaW
gHUIuRMgHThSohA9Cbq7y7Clu7L8ewq8TN87Zy4EG8pxxxzhXuYCvuJAQw4xSLmG
q5pWA0JFHz1rzjT9s8M9QJSWI4OLkC+BB6bPfcxh05yozv9bBLzCedvBhCVB8KNa
osjMi7DlMtjHQzvHxsUd9OQMmdNuR+haBOw9MXOSg+hu0P5iFfl+eVflbZc6echX
ry7SVWkBThVXVFNQQi97MYfibIpV63cVLOsgEz5TyNK3SxoNzgzF0orO4D6xVJOS
8twiL7l4xXDFsN2U/NlC2nMYEWVoFhVbadBhPnMwm1yiex+3P5I=
-----END CERTIFICATE-----
Generated at Sat Jun 21 20:05:01 2025 by rpki-client