Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/_Y7MHdU1pZytwEKSelvXz3zyn3k.roa
File: _Y7MHdU1pZytwEKSelvXz3zyn3k.roa (raw, json)
Hash identifier: pV0SRDftFUXdAwNVQQqsA2DZlF3PYoiWxAqjdyJyf1c=
Subject key identifier: FD:8E:CC:1D:D5:35:A5:9C:AD:C0:42:92:7A:5B:D7:CF:7C:F2:9F:79
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 235E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Y7MHdU1pZytwEKSelvXz3zyn3k.roa
Signing time: Mon 23 Jun 2025 17:11:56 +0000
ROA not before: Mon 23 Jun 2025 17:11:56 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9054 (0x235e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 17:11:56 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=FD8ECC1DD535A59CADC042927A5BD7CF7CF29F79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:a7:28:17:9f:af:c8:fd:4a:60:3e:8d:5b:
41:ce:89:e4:eb:0c:4b:a1:86:e4:f0:da:55:71:11:
ac:35:9d:bf:ad:57:4b:9f:fd:a4:e9:b3:c2:8a:10:
59:be:2e:02:6e:29:9d:6a:5f:f8:26:e7:ee:70:6d:
e6:4f:09:06:bc:db:a3:b5:70:0a:f2:49:fa:c4:77:
c7:e6:b4:7a:4a:20:95:4b:5e:c1:3c:83:73:58:af:
3a:1c:c9:5c:99:97:5b:12:87:c8:d1:bb:d3:32:d7:
6f:01:a8:43:e7:cd:3c:82:dc:ce:bf:ca:56:2f:e1:
ae:15:7d:69:e3:85:d3:2c:c0:db:04:3b:7c:ff:8a:
27:91:46:df:39:96:38:33:f2:6e:8b:0b:96:6e:fd:
54:b4:93:44:32:bd:dd:95:13:e0:6f:fb:72:ea:de:
a0:15:e2:37:45:e1:7a:09:c7:e6:9f:e6:6c:d2:32:
9b:e7:46:af:81:65:1d:a0:0d:01:30:b2:ed:40:4d:
cd:11:a7:49:a6:ae:8e:79:9b:75:cb:db:fb:6f:65:
2c:c0:2a:0d:59:ff:b1:4c:bf:21:ea:5f:60:cc:a0:
68:a4:8d:7a:25:30:0d:84:a5:e4:5d:63:37:e9:7b:
93:ab:15:5e:4a:93:eb:32:86:d1:d5:d5:03:26:f5:
34:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8E:CC:1D:D5:35:A5:9C:AD:C0:42:92:7A:5B:D7:CF:7C:F2:9F:79
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/_Y7MHdU1pZytwEKSelvXz3zyn3k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:69:2b:43:bb:05:80:eb:b6:c7:04:65:83:49:1c:c2:5b:b4:
d0:62:8b:ae:b9:a8:2b:15:4c:ba:9b:31:1a:c3:76:c8:1d:3c:
b0:41:fa:51:7b:e7:e4:74:e3:11:c9:42:06:18:2f:11:4a:09:
f1:ec:7f:2a:ec:5f:ae:15:53:58:76:a5:83:1d:dd:f2:b6:c1:
76:cc:be:2f:f8:79:1e:4e:4c:5b:4c:be:36:b0:40:4e:6f:50:
bc:75:b4:1f:37:5a:24:b1:28:ec:76:08:89:a7:cf:1b:1e:39:
b9:ee:83:ed:d5:5e:27:c8:d6:24:74:44:41:bb:a0:09:d4:2d:
2a:82:b4:26:e9:5e:9c:70:88:1e:06:33:54:d6:34:ce:96:39:
f0:a4:ee:16:ca:8c:fc:4f:83:6a:d1:09:b3:0e:35:ac:72:27:
24:88:96:42:44:30:00:f4:b0:0e:f7:54:8e:45:85:b2:09:46:
f9:e2:a0:71:1a:6a:aa:ed:dd:f5:d6:cf:4f:36:ce:7c:4d:87:
7e:94:5a:9d:69:dc:91:02:9d:f3:27:93:71:e5:6f:49:f0:90:
9f:9b:81:a4:72:04:c0:78:6f:a7:ea:a0:52:fa:83:d0:49:bb:
e3:7b:fb:e9:89:8a:70:e6:26:47:ee:8b:d4:69:b6:9f:5d:56:
4e:f8:f6:ee
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICI14wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMx
NzExNTZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEZEOEVDQzFERDUzNUE1
OUNBREMwNDI5MjdBNUJEN0NGN0NGMjlGNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDuacoF5+vyP1KYD6NW0HOieTrDEuhhuTw2lVxEaw1nb+tV0uf
/aTps8KKEFm+LgJuKZ1qX/gm5+5wbeZPCQa826O1cArySfrEd8fmtHpKIJVLXsE8
g3NYrzocyVyZl1sSh8jRu9My128BqEPnzTyC3M6/ylYv4a4VfWnjhdMswNsEO3z/
iieRRt85ljgz8m6LC5Zu/VS0k0Qyvd2VE+Bv+3Lq3qAV4jdF4XoJx+af5mzSMpvn
Rq+BZR2gDQEwsu1ATc0Rp0mmro55m3XL2/tvZSzAKg1Z/7FMvyHqX2DMoGikjXol
MA2EpeRdYzfpe5OrFV5Kk+syhtHV1QMm9TT3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU/Y7MHdU1pZytwEKSelvXz3zyn3kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9fWTdNSGRVMXBaeXR3RUtT
ZWx2WHozenluM2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAGtpK0O7BYDrtscEZYNJHMJbtNBii665qCsV
TLqbMRrDdsgdPLBB+lF75+R04xHJQgYYLxFKCfHsfyrsX64VU1h2pYMd3fK2wXbM
vi/4eR5OTFtMvjawQE5vULx1tB83WiSxKOx2CImnzxseObnug+3VXifI1iR0REG7
oAnULSqCtCbpXpxwiB4GM1TWNM6WOfCk7hbKjPxPg2rRCbMONaxyJySIlkJEMAD0
sA73VI5FhbIJRvnioHEaaqrt3fXWz082znxNh36UWp1p3JECnfMnk3Hlb0nwkJ+b
gaRyBMB4b6fqoFL6g9BJu+N7++mJinDmJkfui9Rptp9dVk749u4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:47:29 2025 by rpki-client