Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ZZytWyjzJpyo6jYpoH_uaY7WOZ8.roa
File: ZZytWyjzJpyo6jYpoH_uaY7WOZ8.roa (raw, json)
Hash identifier: GBGI44TO5h+iVO2Inj7Y2iyU7nohoZrPr3P31UCLBBc=
Subject key identifier: 65:9C:AD:5B:28:F3:26:9C:A8:EA:36:29:A0:7F:EE:69:8E:D6:39:9F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DCE
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZZytWyjzJpyo6jYpoH_uaY7WOZ8.roa
Signing time: Sun 25 May 2025 11:38:56 +0000
ROA not before: Sun 25 May 2025 11:38:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3534 (0xdce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 11:38:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=659CAD5B28F3269CA8EA3629A07FEE698ED6399F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2f:01:fd:c7:c6:ea:4f:88:39:44:e5:ca:7c:
67:c0:1a:36:d9:30:76:d0:17:26:2c:28:43:70:4e:
78:7c:c5:f3:09:54:5c:00:2a:d5:7e:56:ac:19:dc:
c1:82:c0:50:aa:16:9c:55:bc:2f:6f:b4:e8:ec:de:
dc:7d:4b:3e:02:cd:dc:77:b2:6c:29:7e:c9:4c:d4:
f3:00:e9:ba:9c:9b:4c:73:78:11:3e:c2:a8:59:6e:
d8:e9:99:df:ce:a0:ff:8d:9e:69:ce:df:32:1f:fa:
05:38:8a:c6:33:e4:e3:dc:aa:c1:e0:6c:b1:d0:b7:
16:c2:19:a5:8b:41:b0:83:34:0f:67:5e:ea:33:ef:
be:79:92:ee:6a:1f:31:6a:81:d4:8b:3f:94:c4:b1:
73:11:91:2e:82:27:f3:f5:c1:28:32:f1:d0:05:14:
db:6e:50:cc:30:46:4d:df:2b:c2:5b:17:83:82:6c:
42:e1:84:fe:f0:77:a5:59:85:6c:12:51:df:5c:66:
9e:37:19:5a:75:19:5d:e4:3f:11:09:4d:3b:f1:4f:
69:bd:33:12:99:7d:b4:55:b0:3a:83:f6:75:da:95:
62:8a:96:7c:c6:9a:04:7f:9f:1b:44:2c:34:0d:32:
db:4f:73:2f:07:e1:87:ff:13:ca:ac:ee:60:a4:e1:
09:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9C:AD:5B:28:F3:26:9C:A8:EA:36:29:A0:7F:EE:69:8E:D6:39:9F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ZZytWyjzJpyo6jYpoH_uaY7WOZ8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:b4:47:b7:1c:d6:08:4c:e4:b0:d4:31:f8:f5:40:2a:9e:d3:
da:8b:1c:f9:0f:68:06:87:e4:2d:81:c6:7d:76:10:ec:a5:ea:
c5:94:06:76:f5:ce:58:5e:44:d7:cd:6c:74:8b:2f:34:fb:13:
10:3f:b8:36:84:24:e5:13:83:ed:ef:e7:a8:63:4a:c6:51:6b:
ab:39:cc:2e:94:5a:4e:67:07:9a:bd:ee:0f:20:86:13:a1:5c:
6e:01:93:20:e1:59:e7:7f:48:22:e4:24:12:6a:e5:4d:e4:58:
08:c0:58:8a:08:bf:d1:fe:63:2d:4e:f6:c9:84:53:48:53:17:
d8:42:a7:58:76:cb:0a:1c:44:80:2a:4c:3c:34:10:1a:09:c9:
03:e7:29:c8:0f:f9:ce:0f:f7:a9:d0:52:52:e0:f6:31:64:02:
0b:22:c6:46:2e:27:b7:4f:bf:ae:53:0d:38:a6:8e:c1:72:ea:
a8:01:10:35:00:c3:c4:3f:63:2b:a1:24:d8:c0:16:62:d7:44:
a8:fe:83:e8:78:ec:04:af:99:bc:0b:58:47:f3:dc:32:36:19:
63:d4:2d:4f:32:f0:62:25:c4:be:d5:5b:2d:30:61:e7:2b:5d:
d1:d9:02:3a:47:0d:44:76:a4:23:ea:23:d3:66:ce:3e:57:76:
88:41:0c:a3
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDc4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUx
MTM4NTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDY1OUNBRDVCMjhGMzI2
OUNBOEVBMzYyOUEwN0ZFRTY5OEVENjM5OUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCLwH9x8bqT4g5ROXKfGfAGjbZMHbQFyYsKENwTnh8xfMJVFwA
KtV+VqwZ3MGCwFCqFpxVvC9vtOjs3tx9Sz4Czdx3smwpfslM1PMA6bqcm0xzeBE+
wqhZbtjpmd/OoP+NnmnO3zIf+gU4isYz5OPcqsHgbLHQtxbCGaWLQbCDNA9nXuoz
7755ku5qHzFqgdSLP5TEsXMRkS6CJ/P1wSgy8dAFFNtuUMwwRk3fK8JbF4OCbELh
hP7wd6VZhWwSUd9cZp43GVp1GV3kPxEJTTvxT2m9MxKZfbRVsDqD9nXalWKKlnzG
mgR/nxtELDQNMttPcy8H4Yf/E8qs7mCk4QkxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZZytWyjzJpyo6jYpoH/uaY7WOZ8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9aWnl0V3lqekpweW82allw
b0hfdWFZN1dPWjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAAa0R7cc1ghM5LDUMfj1QCqe09qLHPkPaAaH
5C2Bxn12EOyl6sWUBnb1zlheRNfNbHSLLzT7ExA/uDaEJOUTg+3v56hjSsZRa6s5
zC6UWk5nB5q97g8ghhOhXG4BkyDhWed/SCLkJBJq5U3kWAjAWIoIv9H+Yy1O9smE
U0hTF9hCp1h2ywocRIAqTDw0EBoJyQPnKcgP+c4P96nQUlLg9jFkAgsixkYuJ7dP
v65TDTimjsFy6qgBEDUAw8Q/YyuhJNjAFmLXRKj+g+h47ASvmbwLWEfz3DI2GWPU
LU8y8GIlxL7VWy0wYecrXdHZAjpHDUR2pCPqI9Nmzj5XdohBDKM=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:57:18 2025 by rpki-client