Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2YM0BGT-M5g4V1cJy5ObbpJGXjs.roa
File: 2YM0BGT-M5g4V1cJy5ObbpJGXjs.roa (raw, json)
Hash identifier: O2tMvd+7ZqKDYDrwR3MKW/f6T01OS9SWbmolBUZZpts=
Subject key identifier: D9:83:34:04:64:FE:33:98:38:57:57:09:CB:93:9B:6E:92:46:5E:3B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D9A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2YM0BGT-M5g4V1cJy5ObbpJGXjs.roa
Signing time: Sun 25 May 2025 05:08:33 +0000
ROA not before: Sun 25 May 2025 05:08:33 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3482 (0xd9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 05:08:33 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D983340464FE339838575709CB939B6E92465E3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:22:30:b8:26:58:b3:a3:21:e0:5a:4c:7f:b5:
ef:a1:39:2f:91:76:26:6f:ba:ea:40:fc:57:d2:2e:
0d:a1:fd:e8:7d:0f:b2:6d:89:c0:b6:3a:69:d3:ea:
13:56:74:58:d1:55:06:54:fa:87:f2:76:d5:b6:45:
ce:dd:4f:86:a9:e2:26:97:d5:07:65:73:59:b9:1e:
87:de:b9:4c:50:b8:c7:46:9c:20:95:93:02:c8:ad:
9d:cf:c4:2f:0f:d8:30:c1:53:55:e0:c6:70:9a:62:
f0:ab:28:bb:da:f0:4c:33:9d:d6:71:ee:37:dc:85:
ff:74:8b:2d:3c:76:75:61:92:c6:ef:f8:dd:c0:67:
86:d6:1a:58:32:45:86:84:aa:e3:d1:18:6a:c0:d2:
c9:49:08:7e:61:76:af:78:d0:43:59:ea:c3:08:db:
4d:8d:91:64:d1:43:2b:a2:f3:24:cd:cd:a7:88:04:
d7:2b:89:4f:78:99:6a:ac:46:35:82:6b:80:2f:25:
50:95:ce:43:13:ab:26:67:bd:b5:96:17:63:a6:91:
f5:27:6c:ba:57:7c:59:1e:dc:01:9f:eb:21:a1:f7:
5c:7a:df:06:2a:4e:fa:1c:70:de:9d:c4:d8:78:2f:
b8:32:d9:5e:5c:44:2d:c9:84:e9:c1:f2:48:07:a5:
93:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:83:34:04:64:FE:33:98:38:57:57:09:CB:93:9B:6E:92:46:5E:3B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2YM0BGT-M5g4V1cJy5ObbpJGXjs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:98:20:9a:de:4d:46:e6:61:65:f6:54:8b:9a:3a:e6:d2:15:
22:7d:e4:14:28:ea:84:12:fc:ab:21:2e:4e:cd:37:d7:3b:f3:
02:f9:43:30:03:8e:8b:9e:99:bb:51:ec:14:6a:c6:aa:03:03:
5a:51:19:7d:e4:c8:ba:a4:dd:3a:79:5c:01:a9:00:61:15:59:
8b:1d:92:b0:59:73:ce:15:11:ce:30:d8:53:74:b7:85:58:72:
63:1c:e6:1c:e4:6b:5f:c9:f1:2d:b3:7f:db:9a:6d:5b:ae:73:
07:95:ce:0f:a6:ec:c4:95:21:71:bb:1c:e7:c0:fe:a7:83:e3:
68:96:dc:bc:67:e5:98:04:32:9b:f2:57:d9:c7:25:a0:f7:26:
7f:1a:bc:97:3c:4a:f3:75:db:88:a0:9e:a7:8e:a3:c5:a2:f6:
78:02:85:39:53:2a:e0:60:2f:d9:15:90:57:30:f5:c8:2c:2d:
81:d4:41:b3:36:5e:c6:15:03:fe:66:d5:9e:1b:fd:da:91:c7:
57:e9:c7:7d:18:13:32:4a:6b:16:e7:96:e2:e6:2c:fa:b1:39:
80:60:0c:ab:1a:e1:de:51:ac:c2:3d:bf:fe:ad:91:36:f2:b1:
75:9d:ad:fc:2e:db:52:b7:f9:c2:ed:74:cd:d0:ee:64:81:a1:
3e:68:08:dd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
NTA4MzNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ5ODMzNDA0NjRGRTMz
OTgzODU3NTcwOUNCOTM5QjZFOTI0NjVFM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDIjC4JlizoyHgWkx/te+hOS+RdiZvuupA/FfSLg2h/eh9D7Jt
icC2OmnT6hNWdFjRVQZU+ofydtW2Rc7dT4ap4iaX1Qdlc1m5HofeuUxQuMdGnCCV
kwLIrZ3PxC8P2DDBU1XgxnCaYvCrKLva8EwzndZx7jfchf90iy08dnVhksbv+N3A
Z4bWGlgyRYaEquPRGGrA0slJCH5hdq940ENZ6sMI202NkWTRQyui8yTNzaeIBNcr
iU94mWqsRjWCa4AvJVCVzkMTqyZnvbWWF2OmkfUnbLpXfFke3AGf6yGh91x63wYq
TvoccN6dxNh4L7gy2V5cRC3JhOnB8kgHpZPhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2YM0BGT+M5g4V1cJy5ObbpJGXjswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yWU0wQkdULU01ZzRWMWNK
eTVPYmJwSkdYanMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAK2YIJreTUbmYWX2VIuaOubSFSJ95BQo6oQS
/KshLk7NN9c78wL5QzADjouembtR7BRqxqoDA1pRGX3kyLqk3Tp5XAGpAGEVWYsd
krBZc84VEc4w2FN0t4VYcmMc5hzka1/J8S2zf9uabVuucweVzg+m7MSVIXG7HOfA
/qeD42iW3Lxn5ZgEMpvyV9nHJaD3Jn8avJc8SvN124ignqeOo8Wi9ngChTlTKuBg
L9kVkFcw9cgsLYHUQbM2XsYVA/5m1Z4b/dqRx1fpx30YEzJKaxbnluLmLPqxOYBg
DKsa4d5RrMI9v/6tkTbysXWdrfwu21K3+cLtdM3Q7mSBoT5oCN0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:38 2025 by rpki-client