Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/CypY_RJXY4W-LIVhKxMk-z5OXk4.roa
File: CypY_RJXY4W-LIVhKxMk-z5OXk4.roa (raw, json)
Hash identifier: 35K0WeMG2VA9fQc819bGytZnbO6rsBNE1ciW0wTKxGI=
Subject key identifier: 0B:2A:58:FD:12:57:63:85:BE:2C:85:61:2B:13:24:FB:3E:4E:5E:4E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2052
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CypY_RJXY4W-LIVhKxMk-z5OXk4.roa
Signing time: Thu 19 Jun 2025 08:58:01 +0000
ROA not before: Thu 19 Jun 2025 08:58:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8274 (0x2052)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 08:58:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=0B2A58FD12576385BE2C85612B1324FB3E4E5E4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e8:83:31:ad:9e:e4:07:d3:86:3b:92:89:f9:
d6:15:67:f8:3b:ff:32:69:08:41:56:5a:69:27:16:
ad:3a:8f:a2:53:49:6b:d5:4a:44:ae:a1:f8:d2:00:
44:e5:19:61:a0:a8:e7:a4:8d:ab:cc:05:3a:3a:0d:
ee:4a:a6:13:17:6b:77:cb:7e:73:ad:d9:ba:19:5c:
b8:f0:0c:40:9b:da:47:01:f6:db:63:a3:64:99:b2:
81:97:11:19:75:9d:63:d8:14:f8:e6:3c:f4:7a:3c:
88:da:f8:a6:7c:c9:4f:3d:72:c3:d9:3b:fc:27:0c:
c5:d8:75:a5:ea:de:b2:30:5a:28:2c:32:fd:8b:a6:
d0:70:fa:85:fc:21:7f:72:a6:5d:3e:ed:04:76:15:
b6:ad:44:2e:e7:d6:59:20:57:f4:21:8d:d1:d0:17:
06:b3:c5:81:eb:43:9d:24:e8:9e:fb:4e:83:66:0d:
bb:de:b0:62:4f:e9:50:ce:25:30:b3:ce:18:d2:b7:
8c:22:7f:33:f8:ee:70:39:bf:45:70:98:bc:9e:22:
d3:ca:92:f6:a4:b2:f8:57:b9:9b:50:df:0a:74:2b:
e2:9b:47:31:68:b4:28:09:de:8a:d9:e4:bc:a5:e0:
36:44:60:d1:69:9f:a7:33:2d:c4:87:03:8f:af:07:
3f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2A:58:FD:12:57:63:85:BE:2C:85:61:2B:13:24:FB:3E:4E:5E:4E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/CypY_RJXY4W-LIVhKxMk-z5OXk4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
34:aa:74:02:9c:6f:6b:b5:df:aa:94:d9:e8:1b:05:fa:81:f9:
8d:1b:05:f6:98:53:33:9e:f0:57:62:a5:ff:ae:a9:55:8e:09:
a2:e9:eb:2e:28:e5:4f:07:cb:0d:d7:65:ce:e5:92:ea:fa:d3:
14:dc:06:e1:39:9a:3f:27:7e:93:89:9a:7c:a0:bd:ec:9f:93:
bf:f7:fd:76:dc:61:33:2c:4f:4f:fe:23:20:f3:80:b4:e8:57:
33:f1:6f:89:f2:e5:7e:51:4d:32:dc:10:99:e1:a8:38:38:21:
a0:aa:1b:3d:1c:8f:15:c5:e5:ba:c8:5f:0b:cf:32:a1:77:c9:
a2:70:15:c4:3a:cd:51:87:70:26:64:c5:63:19:e8:7c:91:7f:
c7:f0:df:d6:8d:9d:b3:05:7c:e5:64:07:c0:12:09:1d:48:4d:
60:ec:69:42:f7:82:2c:a9:bb:b9:9c:d2:04:5a:5a:7b:ff:31:
f0:21:6a:0d:48:67:ef:c9:b5:0c:3e:b7:b6:6b:76:46:d3:89:
f6:13:d7:a2:41:7b:95:a6:d1:92:30:3f:93:dd:c2:56:60:58:
e5:d7:64:52:46:cf:ce:7c:69:8c:c9:bb:16:77:de:03:b7:6c:
2f:b7:bb:c9:5d:1f:a1:6d:b3:f3:a5:28:f4:4a:ae:e8:7c:ec:
14:32:c4:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkw
ODU4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDBCMkE1OEZEMTI1NzYz
ODVCRTJDODU2MTJCMTMyNEZCM0U0RTVFNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD06IMxrZ7kB9OGO5KJ+dYVZ/g7/zJpCEFWWmknFq06j6JTSWvV
SkSuofjSAETlGWGgqOekjavMBTo6De5KphMXa3fLfnOt2boZXLjwDECb2kcB9ttj
o2SZsoGXERl1nWPYFPjmPPR6PIja+KZ8yU89csPZO/wnDMXYdaXq3rIwWigsMv2L
ptBw+oX8IX9ypl0+7QR2FbatRC7n1lkgV/QhjdHQFwazxYHrQ50k6J77ToNmDbve
sGJP6VDOJTCzzhjSt4wifzP47nA5v0VwmLyeItPKkvaksvhXuZtQ3wp0K+KbRzFo
tCgJ3orZ5Lyl4DZEYNFpn6czLcSHA4+vBz9TAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCypY/RJXY4W+LIVhKxMk+z5OXk4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9DeXBZX1JKWFk0Vy1MSVZo
S3hNay16NU9YazQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADSqdAKcb2u136qU2egbBfqB+Y0bBfaYUzOe
8Fdipf+uqVWOCaLp6y4o5U8Hyw3XZc7lkur60xTcBuE5mj8nfpOJmnygveyfk7/3
/XbcYTMsT0/+IyDzgLToVzPxb4ny5X5RTTLcEJnhqDg4IaCqGz0cjxXF5brIXwvP
MqF3yaJwFcQ6zVGHcCZkxWMZ6HyRf8fw39aNnbMFfOVkB8ASCR1ITWDsaUL3giyp
u7mc0gRaWnv/MfAhag1IZ+/JtQw+t7ZrdkbTifYT16JBe5Wm0ZIwP5PdwlZgWOXX
ZFJGz858aYzJuxZ33gO3bC+3u8ldH6Fts/OlKPRKruh87BQyxNU=
-----END CERTIFICATE-----
Generated at Sun Jul 20 23:37:17 2025 by rpki-client