Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/WrYPGq2TWLYx6_WF4GM1FYFdnrA.roa
File: WrYPGq2TWLYx6_WF4GM1FYFdnrA.roa (raw, json)
Hash identifier: RmnjGyO1GSRn6WSZm00prO92Uz9qFsUBYSzMVjdBvaE=
Subject key identifier: 5A:B6:0F:1A:AD:93:58:B6:31:EB:F5:85:E0:63:35:15:81:5D:9E:B0
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F7E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WrYPGq2TWLYx6_WF4GM1FYFdnrA.roa
Signing time: Wed 18 Jun 2025 01:40:04 +0000
ROA not before: Wed 18 Jun 2025 01:40:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8062 (0x1f7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 01:40:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=5AB60F1AAD9358B631EBF585E0633515815D9EB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f8:0d:99:bc:f0:f7:69:6c:37:c6:64:db:75:
5c:ef:b3:a9:75:e5:9f:e2:47:55:9b:73:89:5f:08:
f6:47:26:aa:42:6f:3b:ab:b2:b8:96:69:50:18:e7:
67:0a:51:50:97:e4:44:17:48:0a:6d:fa:07:32:fb:
32:09:34:7d:be:45:e3:f4:92:c7:10:64:50:cf:7d:
72:c6:18:32:9d:03:56:72:4d:8f:24:2e:a9:5e:2b:
eb:df:1f:cb:02:e2:09:54:e3:e8:38:1e:9e:d6:ca:
f0:bf:05:1b:1a:42:ce:9e:73:fd:80:11:a4:0c:b6:
6b:dd:e7:63:52:a6:94:ff:b7:97:09:7e:f5:99:75:
71:07:6a:9b:6c:ea:20:6d:02:a1:3f:cb:32:1b:4c:
b0:1f:3d:ad:27:e7:27:2f:2d:d9:1b:c6:24:26:fa:
7b:c3:7d:45:33:c5:ce:e5:83:d5:1e:97:e2:55:6c:
18:da:ae:b5:ce:f0:f6:3f:86:74:3e:ad:4d:7c:be:
92:58:b7:5d:68:02:24:6a:ff:5d:f7:2c:31:d4:81:
b8:8b:e1:e0:59:93:5a:dd:b8:eb:fa:12:a4:8b:f0:
62:a6:61:00:1e:e7:94:62:1d:9b:b3:16:dc:a4:16:
73:b2:95:09:7a:2c:bd:99:ba:ae:d4:8d:21:4c:01:
d0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B6:0F:1A:AD:93:58:B6:31:EB:F5:85:E0:63:35:15:81:5D:9E:B0
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/WrYPGq2TWLYx6_WF4GM1FYFdnrA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2d:eb:b1:ae:32:a9:93:ad:d2:12:c6:78:50:20:4d:fc:85:a9:
4d:c9:54:9a:98:0f:10:f1:71:f8:66:91:43:46:31:17:06:6b:
f9:23:46:a9:89:61:e7:a8:f5:44:57:bf:f0:6a:1e:da:c9:50:
3f:2e:65:61:24:e2:cf:ce:8b:38:00:14:44:3b:88:92:47:a6:
7e:dc:b9:37:f6:29:39:ac:4c:34:b7:b4:59:69:49:46:97:43:
91:39:33:34:d4:64:23:6f:f1:9c:3e:a4:4d:d8:60:e3:41:2b:
1b:0c:6e:87:d7:2f:04:fe:3a:0d:46:9c:1a:fa:9f:f8:91:4b:
38:fd:df:85:02:51:b2:26:43:a1:59:e1:cb:33:83:54:ac:cd:
05:a9:5b:80:0c:b4:44:ca:05:88:e1:a6:6b:b1:0b:49:0a:ce:
d0:88:ac:5e:38:4a:30:5e:20:b4:9c:55:39:0e:a5:9b:32:82:
f9:c2:89:2b:7a:56:3e:39:eb:0d:eb:b4:01:b6:86:90:3c:f0:
b4:66:d2:61:44:11:96:2a:26:e7:74:48:8e:a4:85:70:38:03:
6b:04:03:8c:a8:fe:b0:5a:be:79:45:16:d8:fc:e3:32:a1:4c:
0d:45:ef:04:52:b1:46:62:89:af:c0:4d:e0:1e:4e:7a:9b:61:
47:d4:c5:3b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH34wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgw
MTQwMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDVBQjYwRjFBQUQ5MzU4
QjYzMUVCRjU4NUUwNjMzNTE1ODE1RDlFQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDU+A2ZvPD3aWw3xmTbdVzvs6l15Z/iR1Wbc4lfCPZHJqpCbzur
sriWaVAY52cKUVCX5EQXSApt+gcy+zIJNH2+ReP0kscQZFDPfXLGGDKdA1ZyTY8k
LqleK+vfH8sC4glU4+g4Hp7WyvC/BRsaQs6ec/2AEaQMtmvd52NSppT/t5cJfvWZ
dXEHapts6iBtAqE/yzIbTLAfPa0n5ycvLdkbxiQm+nvDfUUzxc7lg9Uel+JVbBja
rrXO8PY/hnQ+rU18vpJYt11oAiRq/133LDHUgbiL4eBZk1rduOv6EqSL8GKmYQAe
55RiHZuzFtykFnOylQl6LL2Zuq7UjSFMAdA/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUWrYPGq2TWLYx6/WF4GM1FYFdnrAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9XcllQR3EyVFdMWXg2X1dG
NEdNMUZZRmRuckEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAC3rsa4yqZOt0hLGeFAgTfyFqU3JVJqYDxDx
cfhmkUNGMRcGa/kjRqmJYeeo9URXv/BqHtrJUD8uZWEk4s/OizgAFEQ7iJJHpn7c
uTf2KTmsTDS3tFlpSUaXQ5E5MzTUZCNv8Zw+pE3YYONBKxsMbofXLwT+Og1GnBr6
n/iRSzj934UCUbImQ6FZ4cszg1SszQWpW4AMtETKBYjhpmuxC0kKztCIrF44SjBe
ILScVTkOpZsygvnCiSt6Vj456w3rtAG2hpA88LRm0mFEEZYqJud0SI6khXA4A2sE
A4yo/rBavnlFFtj84zKhTA1F7wRSsUZiia/ATeAeTnqbYUfUxTs=
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:25:48 2025 by rpki-client