Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Yq0vQmOWnlE8J7DDhlr342NtdoA.roa
File: Yq0vQmOWnlE8J7DDhlr342NtdoA.roa (raw, json)
Hash identifier: INmPaZO/pybPKB9VaaLqjZA25HniOU7tVEifH9G0gYs=
Subject key identifier: 62:AD:2F:42:63:96:9E:51:3C:27:B0:C3:86:5A:F7:E3:63:6D:76:80
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1902
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Yq0vQmOWnlE8J7DDhlr342NtdoA.roa
Signing time: Mon 09 Jun 2025 10:09:37 +0000
ROA not before: Mon 09 Jun 2025 10:09:37 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6402 (0x1902)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 9 10:09:37 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=62AD2F4263969E513C27B0C3865AF7E3636D7680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:82:fb:26:20:23:08:9b:a0:dd:ae:a0:d5:f2:
43:4f:1f:a5:b7:1c:af:34:bb:33:a0:4a:e9:45:b1:
48:57:45:dc:07:72:84:9a:38:b9:a3:88:64:07:7e:
6c:41:fb:54:6a:1e:8b:62:b1:b7:62:8e:6a:c9:73:
31:e4:26:c8:e2:0e:7c:e1:89:b5:91:a1:e0:91:15:
02:e7:de:ad:15:fc:74:0c:15:e2:d7:37:3b:e3:ad:
f9:f8:f1:78:bb:ac:ed:7d:d5:08:58:82:b1:23:c8:
af:19:77:d1:6e:b1:6c:4b:e7:68:41:a0:ec:f9:83:
53:73:eb:44:aa:2b:4d:18:b2:cb:c3:ff:99:82:ed:
c0:17:d1:41:76:95:57:7e:52:77:e8:c4:af:08:8c:
af:94:84:10:5f:04:0d:38:1d:5d:e8:34:7c:c7:69:
e2:40:42:63:c1:6e:c8:6a:96:71:8a:74:57:84:76:
38:d0:d6:4f:7c:55:cc:22:de:2b:df:22:16:48:74:
e3:95:96:b9:7c:d8:f8:93:77:e4:69:1a:53:fc:db:
9f:42:31:9d:8a:61:b9:58:da:db:cb:98:70:19:2a:
03:f3:fb:58:4b:b4:5e:6e:6e:0d:6f:82:58:8b:d0:
58:21:3d:8f:a7:33:fd:c0:c8:2d:e5:a8:9d:bd:5e:
33:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AD:2F:42:63:96:9E:51:3C:27:B0:C3:86:5A:F7:E3:63:6D:76:80
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Yq0vQmOWnlE8J7DDhlr342NtdoA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:be:57:41:f3:46:1d:b6:09:1d:d0:57:77:90:9c:78:65:01:
79:7a:5e:1c:8e:6c:e6:e0:07:c5:12:61:b2:86:bf:be:99:e9:
cc:91:8e:db:77:65:ab:6c:8e:7f:9d:16:0b:a8:26:7e:60:e4:
fa:b6:22:48:8d:66:83:14:ec:fc:00:32:bf:9c:c6:2d:7e:26:
cc:39:e3:83:43:d3:7c:d4:41:53:33:92:60:e6:a2:81:ae:dd:
72:d5:af:99:56:a1:dc:dc:db:01:52:1e:70:e9:e6:87:3e:2c:
b5:41:bb:70:5b:4d:5e:60:b3:7a:dc:5b:de:97:ae:bd:9a:4c:
57:4b:df:4f:33:7b:ae:13:ea:0e:ae:c2:32:4f:84:17:8b:31:
55:35:f5:28:05:49:0c:6a:35:7f:39:09:ea:fa:28:8c:41:84:
9f:16:03:99:98:24:01:68:f1:d3:4e:14:56:72:62:1e:f6:78:
fe:0c:a8:03:db:c9:74:a7:81:ad:75:c1:d5:56:82:64:d6:fb:
45:49:56:c5:39:6e:48:a9:30:bd:98:a6:cc:b4:45:b3:a4:f3:
e0:de:4f:da:2c:0a:8a:f9:32:53:f9:c2:7c:89:dd:db:03:43:
b4:45:35:5d:4f:f7:be:72:28:52:3e:6a:9d:63:04:75:6b:d9:
b1:d5:7c:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDkx
MDA5MzdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYyQUQyRjQyNjM5NjlF
NTEzQzI3QjBDMzg2NUFGN0UzNjM2RDc2ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2gvsmICMIm6DdrqDV8kNPH6W3HK80uzOgSulFsUhXRdwHcoSa
OLmjiGQHfmxB+1RqHotisbdijmrJczHkJsjiDnzhibWRoeCRFQLn3q0V/HQMFeLX
Nzvjrfn48Xi7rO191QhYgrEjyK8Zd9FusWxL52hBoOz5g1Nz60SqK00YssvD/5mC
7cAX0UF2lVd+UnfoxK8IjK+UhBBfBA04HV3oNHzHaeJAQmPBbshqlnGKdFeEdjjQ
1k98Vcwi3ivfIhZIdOOVlrl82PiTd+RpGlP8259CMZ2KYblY2tvLmHAZKgPz+1hL
tF5ubg1vgliL0FghPY+nM/3AyC3lqJ29XjOHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYq0vQmOWnlE8J7DDhlr342NtdoAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZcTB2UW1PV25sRThKN0RE
aGxyMzQyTnRkb0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADu+V0HzRh22CR3QV3eQnHhlAXl6XhyObObg
B8USYbKGv76Z6cyRjtt3Zatsjn+dFguoJn5g5Pq2IkiNZoMU7PwAMr+cxi1+Jsw5
44ND03zUQVMzkmDmooGu3XLVr5lWodzc2wFSHnDp5oc+LLVBu3BbTV5gs3rcW96X
rr2aTFdL308ze64T6g6uwjJPhBeLMVU19SgFSQxqNX85Cer6KIxBhJ8WA5mYJAFo
8dNOFFZyYh72eP4MqAPbyXSnga11wdVWgmTW+0VJVsU5bkipML2Ypsy0RbOk8+De
T9osCor5MlP5wnyJ3dsDQ7RFNV1P975yKFI+ap1jBHVr2bHVfCw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:27:47 2025 by rpki-client