Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/YkdMYOt9iSZQKi-Bnkn2XqooSM4.roa
File: YkdMYOt9iSZQKi-Bnkn2XqooSM4.roa (raw, json)
Hash identifier: zi65n9sIc2UtUD1UboJbDfjTp2DFm6+iHFF/rlEXHic=
Subject key identifier: 62:47:4C:60:EB:7D:89:26:50:2A:2F:81:9E:49:F6:5E:AA:28:48:CE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E12
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YkdMYOt9iSZQKi-Bnkn2XqooSM4.roa
Signing time: Mon 16 Jun 2025 04:25:48 +0000
ROA not before: Mon 16 Jun 2025 04:25:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7698 (0x1e12)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 04:25:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=62474C60EB7D8926502A2F819E49F65EAA2848CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:68:69:d5:c5:ec:6c:50:ee:af:a2:49:73:a3:
04:c5:38:24:c9:47:17:09:41:d2:8c:a9:21:1a:7a:
36:92:34:9f:fc:93:1e:f9:40:8f:ef:e2:ed:08:65:
85:8f:c7:0e:f9:bd:11:f0:2e:38:23:77:60:9a:37:
c0:b3:87:b9:21:ce:0b:95:47:7a:be:53:5e:f1:cd:
05:ac:42:86:c1:11:46:62:fc:6f:2e:91:c3:17:a4:
54:97:3f:d0:36:96:d7:13:d8:ad:f4:7f:a0:6b:ee:
f9:11:69:ed:b1:00:1f:48:2d:53:4c:fb:56:48:09:
4c:a5:90:34:c1:23:3f:83:3b:88:a2:3d:7e:57:15:
56:f4:e1:ae:bc:2b:8f:c9:1f:ce:8e:2e:92:09:d1:
07:e6:8a:9b:0b:42:3b:aa:f9:b5:b8:73:71:ac:48:
7d:14:3d:cd:eb:9c:e4:0f:08:98:dc:74:f4:ad:96:
c3:18:55:99:4c:8c:8e:99:3e:3f:2c:e4:0f:43:47:
0a:bf:8a:97:23:fb:ce:80:6d:c4:12:65:8e:a5:27:
b2:a3:1f:06:c7:bf:9b:93:c7:27:05:a1:1b:da:52:
de:f5:19:b4:eb:e4:22:0d:d2:e3:cf:b4:3d:e0:75:
81:38:ec:91:16:67:32:37:d5:ee:bb:82:22:a4:61:
f6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:47:4C:60:EB:7D:89:26:50:2A:2F:81:9E:49:F6:5E:AA:28:48:CE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/YkdMYOt9iSZQKi-Bnkn2XqooSM4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:ea:79:41:4c:4a:f5:4e:8a:97:d2:8f:2f:9c:a8:83:bc:7f:
b6:29:45:86:31:b9:0c:c2:e2:6f:9c:7c:1d:82:c0:52:e7:cd:
40:3a:fd:02:fc:1e:35:da:4e:37:ea:56:d3:e0:93:e4:d7:cd:
bc:2b:4e:c0:74:c8:2c:27:58:dd:b6:3e:23:22:73:e0:c1:5c:
ce:fb:07:e7:a3:fd:12:30:d7:d2:1e:52:32:a6:dc:15:47:df:
24:2d:55:5e:a3:f6:84:b1:7b:c4:ae:ad:08:1e:a0:1d:de:56:
8d:bf:03:44:3b:79:e0:77:d8:93:05:2e:97:f3:92:3a:66:1f:
25:d1:79:22:17:4b:c0:04:a5:db:fe:fe:7f:2b:28:38:67:84:
db:fa:58:4a:d1:55:3b:f2:6f:77:75:99:d8:0b:9a:c8:6b:65:
69:89:1c:05:e2:89:9f:7a:7b:3c:d0:50:bb:39:01:db:4d:d3:
09:e1:3e:03:0a:d8:e8:22:12:4c:aa:2d:03:ed:c5:d1:d4:47:
92:79:1e:af:67:10:85:3e:fe:69:31:f0:76:13:55:b4:5d:26:
9f:34:36:f2:af:fb:1c:02:b9:21:57:41:4b:53:0f:84:63:6a:
90:cf:b2:a0:c9:61:3c:11:ad:3d:95:b8:f3:d4:2a:0a:53:49:
77:10:1f:e8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHhIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYw
NDI1NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDYyNDc0QzYwRUI3RDg5
MjY1MDJBMkY4MTlFNDlGNjVFQUEyODQ4Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyaGnVxexsUO6voklzowTFOCTJRxcJQdKMqSEaejaSNJ/8kx75
QI/v4u0IZYWPxw75vRHwLjgjd2CaN8Czh7khzguVR3q+U17xzQWsQobBEUZi/G8u
kcMXpFSXP9A2ltcT2K30f6Br7vkRae2xAB9ILVNM+1ZICUylkDTBIz+DO4iiPX5X
FVb04a68K4/JH86OLpIJ0QfmipsLQjuq+bW4c3GsSH0UPc3rnOQPCJjcdPStlsMY
VZlMjI6ZPj8s5A9DRwq/ipcj+86AbcQSZY6lJ7KjHwbHv5uTxycFoRvaUt71GbTr
5CIN0uPPtD3gdYE47JEWZzI31e67giKkYfa5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUYkdMYOt9iSZQKi+Bnkn2XqooSM4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Za2RNWU90OWlTWlFLaS1C
bmtuMlhxb29TTTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAHLqeUFMSvVOipfSjy+cqIO8f7YpRYYxuQzC
4m+cfB2CwFLnzUA6/QL8HjXaTjfqVtPgk+TXzbwrTsB0yCwnWN22PiMic+DBXM77
B+ej/RIw19IeUjKm3BVH3yQtVV6j9oSxe8SurQgeoB3eVo2/A0Q7eeB32JMFLpfz
kjpmHyXReSIXS8AEpdv+/n8rKDhnhNv6WErRVTvyb3d1mdgLmshrZWmJHAXiiZ96
ezzQULs5AdtN0wnhPgMK2OgiEkyqLQPtxdHUR5J5Hq9nEIU+/mkx8HYTVbRdJp80
NvKv+xwCuSFXQUtTD4RjapDPsqDJYTwRrT2VuPPUKgpTSXcQH+g=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:50:39 2025 by rpki-client