Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YDjG5MqKImXUZunlNKNFu_TVQsw.roa
File: YDjG5MqKImXUZunlNKNFu_TVQsw.roa (raw, json)
Hash identifier: TwKjfZw1nCtuH0is5RtmYJKokSEkH3DDudUwNf4uHmY=
Subject key identifier: 60:38:C6:E4:CA:8A:22:65:D4:66:E9:E5:34:A3:45:BB:F4:D5:42:CC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0F26
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YDjG5MqKImXUZunlNKNFu_TVQsw.roa
Signing time: Tue 27 May 2025 06:38:48 +0000
ROA not before: Tue 27 May 2025 06:38:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3878 (0xf26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 27 06:38:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6038C6E4CA8A2265D466E9E534A345BBF4D542CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:61:76:29:8c:5f:28:41:e8:ed:ab:99:de:56:
4e:6c:d1:cf:a4:89:89:12:62:1e:5a:9d:80:31:02:
9a:29:e9:3d:12:47:b6:f9:ce:f0:2d:dc:09:2f:a7:
40:a6:9c:b8:ab:0f:03:5b:4a:45:6c:19:1f:f6:35:
9f:dc:9c:04:8d:79:aa:13:54:de:6a:52:af:c8:3f:
bd:a3:ce:18:5b:df:6f:2f:21:b9:28:94:53:e6:c7:
61:f7:90:b6:1d:24:9a:fa:dc:df:23:2a:fa:44:5d:
d7:41:ac:86:75:a9:5c:79:be:52:0c:4e:9f:77:e1:
35:54:5d:71:51:36:ff:b3:72:07:1a:75:82:66:cb:
1c:33:ae:ce:7a:b4:45:bd:1e:96:2a:8a:d9:00:bc:
ba:26:06:60:81:6f:fb:44:7b:2f:cd:eb:f1:44:50:
56:e1:22:95:9d:f6:74:d1:60:23:a8:8b:8b:80:c8:
67:e7:c1:db:60:3b:ed:f6:4b:ec:10:ef:1d:73:07:
12:6d:38:80:b3:1d:a5:dd:8c:c2:e1:cf:d8:6c:5d:
17:1b:92:1c:b4:40:1c:92:fc:26:a8:7f:03:f8:42:
21:18:c4:9d:13:1a:5e:6c:dc:44:80:60:08:0f:78:
0d:69:98:01:0e:e6:19:0e:ce:b7:de:d1:0c:46:60:
f3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:38:C6:E4:CA:8A:22:65:D4:66:E9:E5:34:A3:45:BB:F4:D5:42:CC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YDjG5MqKImXUZunlNKNFu_TVQsw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8e:79:82:4d:05:bf:aa:a9:20:e8:17:fb:c1:dc:f8:61:20:fa:
4c:40:f4:28:1a:d0:e3:97:56:8d:c1:a2:6d:39:3b:d7:be:b3:
99:97:80:f5:49:f5:2f:3b:e0:7d:ab:f1:bb:39:d4:59:0f:32:
43:71:24:25:a8:10:84:ef:30:dc:b7:de:a0:18:f4:42:d2:f7:
54:5b:d7:c9:a6:e7:42:c3:9d:d8:3c:06:61:0d:61:de:8c:18:
ad:37:79:1c:62:89:ac:d1:0d:28:0b:39:4d:ee:3e:3a:4a:9c:
c9:52:3f:46:d9:42:7a:65:71:2a:24:70:98:59:92:f7:0b:64:
c7:ec:bc:92:39:d9:46:49:d6:c0:af:df:a8:4b:b4:4f:c8:12:
6a:30:ec:5b:66:1a:20:86:fe:14:fd:fe:dc:4c:f3:77:1c:1b:
56:4a:eb:aa:5d:73:f2:9f:b6:1c:7c:1e:55:48:17:77:a5:2b:
bf:b4:fd:1d:fa:f6:94:c6:80:ec:1c:e3:72:69:e0:ce:73:99:
fc:f6:d6:3d:52:84:e3:30:e9:02:34:7d:ae:07:63:2e:4b:23:
7f:f7:7d:a3:70:ac:6a:54:75:d9:8c:5a:2b:9a:e1:c9:63:bd:
dd:0a:7b:e2:cf:cc:6b:df:de:02:5d:14:fd:0a:59:65:04:d1:
7f:84:e7:4c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDyYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1Mjcw
NjM4NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYwMzhDNkU0Q0E4QTIy
NjVENDY2RTlFNTM0QTM0NUJCRjRENTQyQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJYXYpjF8oQejtq5neVk5s0c+kiYkSYh5anYAxApop6T0SR7b5
zvAt3Akvp0CmnLirDwNbSkVsGR/2NZ/cnASNeaoTVN5qUq/IP72jzhhb328vIbko
lFPmx2H3kLYdJJr63N8jKvpEXddBrIZ1qVx5vlIMTp934TVUXXFRNv+zcgcadYJm
yxwzrs56tEW9HpYqitkAvLomBmCBb/tEey/N6/FEUFbhIpWd9nTRYCOoi4uAyGfn
wdtgO+32S+wQ7x1zBxJtOICzHaXdjMLhz9hsXRcbkhy0QByS/CaofwP4QiEYxJ0T
Gl5s3ESAYAgPeA1pmAEO5hkOzrfe0QxGYPO3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYDjG5MqKImXUZunlNKNFu/TVQswwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZRGpHNU1xS0ltWFVadW5s
TktORnVfVFZRc3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAI55gk0Fv6qpIOgX+8Hc+GEg+kxA9Cga0OOX
Vo3Bom05O9e+s5mXgPVJ9S874H2r8bs51FkPMkNxJCWoEITvMNy33qAY9ELS91Rb
18mm50LDndg8BmENYd6MGK03eRxiiazRDSgLOU3uPjpKnMlSP0bZQnplcSokcJhZ
kvcLZMfsvJI52UZJ1sCv36hLtE/IEmow7FtmGiCG/hT9/txM83ccG1ZK66pdc/Kf
thx8HlVIF3elK7+0/R369pTGgOwc43Jp4M5zmfz21j1ShOMw6QI0fa4HYy5LI3/3
faNwrGpUddmMWiua4cljvd0Ke+LPzGvf3gJdFP0KWWUE0X+E50w=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:03:10 2025 by rpki-client