Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ybmZN-dRYJ3feky_IB6lfygfu9M.roa
File: ybmZN-dRYJ3feky_IB6lfygfu9M.roa (raw, json)
Hash identifier: ulA9GYDm2COKt/mvEBKHG2//L5n+WNIYtMDrhm1hqd8=
Subject key identifier: C9:B9:99:37:E7:51:60:9D:DF:7A:4C:BF:20:1E:A5:7F:28:1F:BB:D3
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F4A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ybmZN-dRYJ3feky_IB6lfygfu9M.roa
Signing time: Tue 27 May 2025 11:08:50 +0000
ROA not before: Tue 27 May 2025 11:08:50 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3914 (0xf4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 11:08:50 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C9B99937E751609DDF7A4CBF201EA57F281FBBD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:54:7a:44:a8:43:4d:c4:27:8a:1d:1d:25:65:
bb:ae:a0:5f:ae:a4:52:6d:4d:20:a6:0e:05:6a:9d:
6a:fe:c1:1c:cc:7b:cd:3d:dc:81:39:92:29:aa:21:
a7:0e:38:c6:7c:fd:e7:f3:c3:5e:2d:bf:e0:39:b0:
cb:0c:34:2d:d3:6f:99:e8:8b:8a:94:c4:d3:7d:b2:
3b:b7:46:23:77:30:b7:22:21:9d:35:36:d8:b6:11:
a2:af:f3:ea:01:52:b4:0d:41:b8:91:6a:57:c8:72:
a0:79:85:0a:b4:44:b4:ce:34:85:d3:b9:f4:5f:35:
4a:9b:07:15:45:3a:c3:c4:be:67:b8:12:2c:80:7e:
39:6d:38:67:f0:d0:8d:d7:c0:1c:65:1d:d0:43:81:
14:67:d1:e9:d8:3f:14:e2:74:ee:63:db:51:d1:a7:
73:90:b6:64:60:2d:ee:bd:cb:7d:89:2d:b3:e2:f6:
15:b0:39:1e:38:98:0e:74:98:c0:e8:b5:4d:09:8c:
ce:db:03:27:7a:cd:1b:4b:c7:f5:74:1d:87:ee:e8:
5f:0d:5e:f1:9b:48:2a:32:29:aa:7b:46:27:22:9b:
1d:45:bc:59:b8:61:1f:a1:0c:2c:b9:00:82:fc:1e:
35:71:e0:32:33:4c:76:8b:a2:62:5f:0b:de:98:22:
74:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B9:99:37:E7:51:60:9D:DF:7A:4C:BF:20:1E:A5:7F:28:1F:BB:D3
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ybmZN-dRYJ3feky_IB6lfygfu9M.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:03:6e:2c:ae:2f:c7:86:ec:b2:33:f1:be:60:9f:d9:90:06:
d9:9e:74:85:1f:46:23:b0:fc:b5:0b:a9:ba:a6:42:30:4d:61:
34:12:d3:59:91:ad:cc:d9:0a:fc:9b:6b:3b:3a:b7:d6:ab:05:
09:5f:4e:51:1c:67:30:bf:bb:b7:04:d8:4f:99:1a:15:f2:cd:
d0:79:3f:20:5c:71:df:69:ac:9a:17:5d:e4:d9:8a:82:c6:88:
3e:c0:91:3f:ab:57:3c:f8:e1:b3:08:94:20:2e:32:93:aa:bc:
60:92:ee:93:bb:82:1c:31:93:69:7b:38:b8:8f:e2:e5:7b:41:
c3:55:6e:2b:f0:0f:21:ea:18:65:84:1a:e4:3a:e2:dc:05:ea:
83:6d:99:c8:46:47:d8:49:99:fc:bf:4a:96:79:06:27:26:5a:
37:af:9e:7d:dd:03:f5:7d:65:00:75:40:bd:3f:50:ec:6f:d6:
ed:a2:f2:c9:1c:fb:91:c3:75:90:15:5c:0e:b7:30:0e:4a:4f:
91:18:42:61:6c:a1:28:f4:fb:dc:ff:7c:78:2c:6e:d1:53:3c:
0f:59:00:c5:1c:42:dc:7d:63:3f:d5:80:34:9a:8e:8e:05:3d:
a8:e6:c6:7a:b8:ef:94:eb:8b:0d:94:5a:fc:6c:00:99:0f:de:
94:6a:66:bc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICD0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcx
MTA4NTBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM5Qjk5OTM3RTc1MTYw
OURERjdBNENCRjIwMUVBNTdGMjgxRkJCRDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtVHpEqENNxCeKHR0lZbuuoF+upFJtTSCmDgVqnWr+wRzMe809
3IE5kimqIacOOMZ8/efzw14tv+A5sMsMNC3Tb5noi4qUxNN9sju3RiN3MLciIZ01
Nti2EaKv8+oBUrQNQbiRalfIcqB5hQq0RLTONIXTufRfNUqbBxVFOsPEvme4EiyA
fjltOGfw0I3XwBxlHdBDgRRn0enYPxTidO5j21HRp3OQtmRgLe69y32JLbPi9hWw
OR44mA50mMDotU0JjM7bAyd6zRtLx/V0HYfu6F8NXvGbSCoyKap7Ricimx1FvFm4
YR+hDCy5AIL8HjVx4DIzTHaLomJfC96YInSdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUybmZN+dRYJ3feky/IB6lfygfu9MwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95Ym1aTi1kUllKM2Zla3lf
SUI2bGZ5Z2Z1OU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEUDbiyuL8eG7LIz8b5gn9mQBtmedIUfRiOw
/LULqbqmQjBNYTQS01mRrczZCvybazs6t9arBQlfTlEcZzC/u7cE2E+ZGhXyzdB5
PyBccd9prJoXXeTZioLGiD7AkT+rVzz44bMIlCAuMpOqvGCS7pO7ghwxk2l7OLiP
4uV7QcNVbivwDyHqGGWEGuQ64twF6oNtmchGR9hJmfy/SpZ5BicmWjevnn3dA/V9
ZQB1QL0/UOxv1u2i8skc+5HDdZAVXA63MA5KT5EYQmFsoSj0+9z/fHgsbtFTPA9Z
AMUcQtx9Yz/VgDSajo4FPajmxnq475Triw2UWvxsAJkP3pRqZrw=
-----END CERTIFICATE-----
Generated at Sat Jun 21 16:55:23 2025 by rpki-client