Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YjdtXJHxfJQ0ROW_aNo4znMGjto.roa
File: YjdtXJHxfJQ0ROW_aNo4znMGjto.roa (raw, json)
Hash identifier: WTVKeFHe6CzY5KYh6OVXt2ZwcAFj6odLhcXov7sV6OQ=
Subject key identifier: 62:37:6D:5C:91:F1:7C:94:34:44:E5:BF:68:DA:38:CE:73:06:8E:DA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2062
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YjdtXJHxfJQ0ROW_aNo4znMGjto.roa
Signing time: Thu 19 Jun 2025 11:51:44 +0000
ROA not before: Thu 19 Jun 2025 11:51:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8290 (0x2062)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 19 11:51:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=62376D5C91F17C943444E5BF68DA38CE73068EDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b5:81:10:4d:1a:0a:dd:15:6c:8a:f9:4e:64:
6a:ea:1d:7c:4e:c5:e6:4e:f1:3d:93:e1:78:97:b5:
d6:9e:8d:26:fe:6a:56:67:5c:d9:e1:67:d6:2a:0f:
97:98:92:2f:93:6c:c4:32:45:0b:8b:1a:e3:05:5a:
17:27:b9:c7:e3:a7:c0:82:66:f7:fb:e0:f1:b2:12:
ab:2e:f8:79:72:97:b7:92:b4:ef:d4:e4:30:56:1b:
78:44:83:86:05:79:69:63:b0:eb:12:70:19:bc:41:
0f:e6:93:f9:c1:88:cf:96:24:43:62:ec:91:e8:64:
33:fa:7f:26:fb:9a:14:53:7a:7b:50:f4:5e:f8:a0:
b0:c9:0c:fe:b4:45:09:06:0c:4e:48:a3:42:fa:be:
64:7a:1c:93:74:4b:2e:fa:fe:50:96:43:93:9b:e5:
6c:1b:de:b4:9e:63:3a:00:85:d8:5f:6b:76:fe:79:
df:75:6d:ed:af:23:c3:84:8f:6b:6e:12:50:45:26:
c7:f6:b4:85:75:20:9b:48:5c:6b:56:06:7a:75:e5:
3e:f6:72:2b:65:15:01:a9:54:d8:ac:01:71:f2:7c:
2a:44:03:b9:0d:a2:4c:49:af:1a:3d:23:88:0e:dc:
ef:4a:07:30:27:6a:69:e8:f6:45:67:f5:c4:81:19:
2e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:37:6D:5C:91:F1:7C:94:34:44:E5:BF:68:DA:38:CE:73:06:8E:DA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YjdtXJHxfJQ0ROW_aNo4znMGjto.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:a4:6e:15:a8:89:8e:0c:ac:14:76:4a:7d:a8:b6:7c:5d:b7:
14:12:b8:aa:36:37:14:a3:9f:dd:3d:12:48:24:1d:93:d8:a6:
30:68:4f:dc:5a:48:85:ba:bf:f3:29:67:b9:4c:ad:4b:9c:15:
0e:76:1a:95:70:75:e5:f8:24:0f:cf:ce:c4:d2:ba:ea:74:ed:
ff:cb:a6:52:f2:e0:3b:22:08:66:d5:91:b1:dd:bf:d0:ff:58:
cd:ab:41:2d:dd:e6:59:2a:f6:d4:1d:14:7a:ec:7c:86:a4:45:
64:d5:0c:ae:1a:8a:00:0c:dd:d6:d7:4e:60:d7:2c:56:04:ac:
d1:93:6c:44:c7:4b:6a:9d:24:f5:79:fc:33:09:81:39:d7:14:
71:c6:ed:9f:4a:90:c2:4f:fb:70:7c:68:ce:ee:57:b5:fd:1a:
cb:16:df:c6:84:c1:d5:a4:4b:39:04:f8:86:fa:f5:29:68:fa:
33:d5:fb:b6:af:bb:53:04:ce:4e:9b:1c:39:bb:44:00:74:e5:
78:8b:6c:89:7c:9f:57:23:84:57:67:02:08:42:0a:3a:45:9e:
6b:58:0f:73:4e:76:d6:f6:53:15:fd:2e:70:35:14:5b:c8:1b:
9e:e5:21:d3:30:85:44:7d:9e:de:e3:cb:4f:17:4f:9c:ca:6c:
bd:9d:01:16
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTkx
MTUxNDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYyMzc2RDVDOTFGMTdD
OTQzNDQ0RTVCRjY4REEzOENFNzMwNjhFREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTtYEQTRoK3RVsivlOZGrqHXxOxeZO8T2T4XiXtdaejSb+alZn
XNnhZ9YqD5eYki+TbMQyRQuLGuMFWhcnucfjp8CCZvf74PGyEqsu+Hlyl7eStO/U
5DBWG3hEg4YFeWljsOsScBm8QQ/mk/nBiM+WJENi7JHoZDP6fyb7mhRTentQ9F74
oLDJDP60RQkGDE5Io0L6vmR6HJN0Sy76/lCWQ5Ob5Wwb3rSeYzoAhdhfa3b+ed91
be2vI8OEj2tuElBFJsf2tIV1IJtIXGtWBnp15T72citlFQGpVNisAXHyfCpEA7kN
okxJrxo9I4gO3O9KBzAnamno9kVn9cSBGS69AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYjdtXJHxfJQ0ROW/aNo4znMGjtowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ZamR0WEpIeGZKUTBST1df
YU5vNHpuTUdqdG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBABmkbhWoiY4MrBR2Sn2otnxdtxQSuKo2NxSj
n909EkgkHZPYpjBoT9xaSIW6v/MpZ7lMrUucFQ52GpVwdeX4JA/PzsTSuup07f/L
plLy4DsiCGbVkbHdv9D/WM2rQS3d5lkq9tQdFHrsfIakRWTVDK4aigAM3dbXTmDX
LFYErNGTbETHS2qdJPV5/DMJgTnXFHHG7Z9KkMJP+3B8aM7uV7X9GssW38aEwdWk
SzkE+Ib69Slo+jPV+7avu1MEzk6bHDm7RAB05XiLbIl8n1cjhFdnAghCCjpFnmtY
D3NOdtb2UxX9LnA1FFvIG57lIdMwhUR9nt7jy08XT5zKbL2dARY=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:25 2025 by rpki-client