Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yn0jaj0wGdKx4oLuA5OTFicOQB8.roa
File: yn0jaj0wGdKx4oLuA5OTFicOQB8.roa (raw, json)
Hash identifier: /XUqFozAuwRzF3sNI1e+p9pvaVYddMv/7am9BPqXVSc=
Subject key identifier: CA:7D:23:6A:3D:30:19:D2:B1:E2:82:EE:03:93:93:16:27:0E:40:1F
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1676
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yn0jaj0wGdKx4oLuA5OTFicOQB8.roa
Signing time: Fri 06 Jun 2025 00:39:25 +0000
ROA not before: Fri 06 Jun 2025 00:39:25 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5750 (0x1676)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 6 00:39:25 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CA7D236A3D3019D2B1E282EE03939316270E401F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:4a:aa:72:b7:ae:19:1d:2b:3b:3d:b8:88:01:
4d:ba:3a:6f:2b:9c:df:e2:9f:d9:e4:51:32:2e:b0:
49:c8:8d:9d:55:db:f2:b9:60:d4:ef:e0:85:0b:09:
53:54:ac:de:77:53:05:48:9f:95:50:ae:f2:aa:83:
a1:8f:f1:06:b4:8a:87:d0:fc:6a:ba:92:fa:ba:a2:
f2:de:1b:49:6d:7c:d6:ac:14:7b:da:97:70:92:2c:
20:71:0a:8e:a3:ae:b8:c8:b5:98:39:ba:33:bb:dc:
52:34:2c:37:f2:8c:ba:d3:77:b7:e4:d8:66:f4:60:
5e:a1:42:aa:cc:80:c4:30:33:a0:84:2c:e3:30:4d:
95:a4:03:47:82:df:98:22:82:1a:4a:30:63:e7:a0:
45:6e:54:e6:05:d6:52:bd:f2:a6:d1:7b:4c:87:52:
bd:d2:bd:06:a4:7c:72:af:e3:49:a3:41:5d:2c:69:
f3:a2:55:9f:a0:65:e2:20:23:3d:de:c7:f2:b2:59:
76:2d:2c:f5:8e:df:56:54:76:bd:a1:2a:72:78:0b:
41:b2:6b:81:60:c2:48:82:d2:e0:72:46:b9:73:8f:
55:3d:8c:d8:16:ac:73:32:df:3e:b3:57:cc:8b:b2:
a8:28:39:d0:1d:88:4a:14:08:0c:7b:08:27:33:7d:
91:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7D:23:6A:3D:30:19:D2:B1:E2:82:EE:03:93:93:16:27:0E:40:1F
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yn0jaj0wGdKx4oLuA5OTFicOQB8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:f7:04:33:7b:61:7b:42:b1:86:bf:f1:7e:3a:68:e1:2d:e4:
8f:70:67:7d:60:5d:b1:e4:1a:e4:c8:b1:69:f1:85:85:fa:6f:
c5:fc:48:c0:08:35:28:5c:e4:2b:d6:15:c3:a9:8e:c6:c1:ba:
ef:2a:f4:27:d1:a7:91:e7:47:4b:2e:18:b3:d1:dc:a1:f4:79:
29:60:6b:c8:db:1e:e6:0f:ce:a3:fc:f0:1c:3a:9f:b0:39:d0:
c5:dd:29:48:15:2d:5a:fe:e5:4a:5e:37:ec:7c:69:87:16:f8:
94:4d:16:76:51:1d:16:c0:c1:fc:45:8e:c2:60:83:66:cf:9f:
83:4a:72:5e:98:a2:20:98:d6:22:49:2a:a4:73:41:1b:44:7a:
82:0a:78:3b:a4:b2:88:a6:76:0d:be:3a:68:79:56:9b:72:7d:
fa:e8:2c:98:a7:e7:9a:9e:25:ca:99:6f:b4:ae:98:0d:8f:e5:
72:a1:fd:28:da:6a:89:02:b5:5d:1d:df:61:b3:3b:02:45:06:
bf:f2:e2:35:12:b2:4a:00:e5:16:28:3b:ea:2d:7a:54:a6:03:
19:bc:5c:ad:e3:38:ac:5c:1d:14:a8:eb:bf:fd:a9:ab:8e:77:
79:79:d2:04:4a:80:95:f4:e1:0b:4b:f7:a2:40:02:b1:74:fb:
23:5c:a8:43
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDYw
MDM5MjVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENBN0QyMzZBM0QzMDE5
RDJCMUUyODJFRTAzOTM5MzE2MjcwRTQwMUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJSqpyt64ZHSs7PbiIAU26Om8rnN/in9nkUTIusEnIjZ1V2/K5
YNTv4IULCVNUrN53UwVIn5VQrvKqg6GP8Qa0iofQ/Gq6kvq6ovLeG0ltfNasFHva
l3CSLCBxCo6jrrjItZg5ujO73FI0LDfyjLrTd7fk2Gb0YF6hQqrMgMQwM6CELOMw
TZWkA0eC35gighpKMGPnoEVuVOYF1lK98qbRe0yHUr3SvQakfHKv40mjQV0safOi
VZ+gZeIgIz3ex/KyWXYtLPWO31ZUdr2hKnJ4C0Gya4FgwkiC0uByRrlzj1U9jNgW
rHMy3z6zV8yLsqgoOdAdiEoUCAx7CCczfZEZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyn0jaj0wGdKx4oLuA5OTFicOQB8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95bjBqYWowd0dkS3g0b0x1
QTVPVEZpY09RQjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ73BDN7YXtCsYa/8X46aOEt5I9wZ31gXbHk
GuTIsWnxhYX6b8X8SMAINShc5CvWFcOpjsbBuu8q9CfRp5HnR0suGLPR3KH0eSlg
a8jbHuYPzqP88Bw6n7A50MXdKUgVLVr+5UpeN+x8aYcW+JRNFnZRHRbAwfxFjsJg
g2bPn4NKcl6YoiCY1iJJKqRzQRtEeoIKeDuksoimdg2+Omh5VptyffroLJin55qe
JcqZb7SumA2P5XKh/SjaaokCtV0d32GzOwJFBr/y4jUSskoA5RYoO+otelSmAxm8
XK3jOKxcHRSo67/9qauOd3l50gRKgJX04QtL96JAArF0+yNcqEM=
-----END CERTIFICATE-----
Generated at Sun Jun 22 04:19:02 2025 by rpki-client