
Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yP3XU9qnDpjguiNK68LwZYnw36g.roa
File: yP3XU9qnDpjguiNK68LwZYnw36g.roa (raw, json)
Hash identifier: Kbz6+9NF3BU0AI1b25CmHRVJPMYUTlDmEV7UGmPeUmM=
Subject key identifier: C8:FD:D7:53:DA:A7:0E:98:E0:BA:23:4A:EB:C2:F0:65:89:F0:DF:A8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2302
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yP3XU9qnDpjguiNK68LwZYnw36g.roa
Signing time: Mon 23 Jun 2025 05:41:55 +0000
ROA not before: Mon 23 Jun 2025 05:41:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8962 (0x2302)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 23 05:41:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C8FDD753DAA70E98E0BA234AEBC2F06589F0DFA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b3:c1:0f:60:d9:84:32:1b:c6:66:de:fe:b5:
f7:a9:a3:1d:99:a2:07:7b:05:78:26:c4:a1:68:04:
8e:ae:8f:72:eb:bc:6e:17:2f:c2:e6:05:01:41:da:
2d:59:a8:02:2a:d3:90:08:0e:b0:26:be:be:97:a9:
9a:5d:6c:a6:6b:d9:99:4b:8b:a4:b9:1e:6a:8c:eb:
ec:ad:f9:f7:76:4b:4c:a1:54:9e:f4:b2:66:37:9f:
24:99:9b:c7:78:b7:d5:81:d7:ee:00:db:0b:34:59:
ed:32:a1:3a:34:f2:28:6b:e0:43:0f:46:54:1c:36:
f4:20:d4:88:1b:4b:ee:94:23:77:bc:20:8b:e1:15:
5a:47:48:7e:9a:0c:b8:2d:aa:5f:0c:82:2c:54:97:
0f:4a:05:89:13:ca:d9:3b:4a:2e:2a:02:70:23:99:
5d:27:c4:59:47:16:1d:57:49:da:32:c0:05:04:7f:
1e:37:7d:d1:c7:09:08:ef:fa:14:53:52:62:1f:31:
08:0e:c4:e9:eb:06:e8:66:55:dd:51:18:19:57:29:
be:a4:ee:a7:71:35:f1:47:ec:35:28:07:8f:23:79:
4e:1e:bb:34:b2:52:62:e1:70:3e:01:17:da:ea:ce:
9e:bb:0e:db:16:a7:eb:8a:31:e2:a9:f1:69:a3:0f:
ab:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FD:D7:53:DA:A7:0E:98:E0:BA:23:4A:EB:C2:F0:65:89:F0:DF:A8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yP3XU9qnDpjguiNK68LwZYnw36g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:f1:30:cb:41:45:8f:39:33:f8:0d:f3:19:f4:e3:9e:32:e9:
ca:91:97:08:37:15:b3:54:1a:7d:f2:07:f9:40:90:94:6f:90:
68:fe:5b:5f:72:ef:cf:03:f6:c3:f3:9a:e0:b1:80:61:97:64:
9b:63:e4:40:c8:b9:dc:5e:6d:ad:fd:61:83:c8:23:a7:49:8b:
83:7d:d1:ce:ce:82:2c:a8:10:ef:bb:50:2f:26:56:10:a9:de:
5b:70:a5:1b:39:ca:4a:11:58:c5:de:c1:9d:f1:a7:e8:24:50:
50:7c:e3:f3:c6:09:92:44:8d:aa:1d:6a:10:f9:58:97:98:18:
d3:c0:80:e8:58:d9:c1:f2:49:96:aa:5a:53:1f:a8:d2:82:4c:
3a:c5:24:c1:85:88:31:97:eb:3d:44:bd:5f:3a:41:b2:82:a7:
7f:39:71:17:e9:fe:2d:25:2f:7e:1d:b0:34:9e:d2:41:93:34:
31:4d:0b:de:ed:56:50:d3:25:e9:a7:31:e1:cb:83:02:7c:f3:
ee:ed:74:68:cd:a3:4f:fb:79:97:c0:ef:c0:67:d1:b0:f4:d7:
79:0d:6c:54:44:46:e6:c3:bf:72:ba:56:b3:6b:d0:2d:cb:4a:
d9:f3:92:d6:2f:6b:9d:c9:ea:f8:6d:aa:b6:d7:61:d7:28:ca:
4e:19:46:7b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIwIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjMw
NTQxNTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM4RkRENzUzREFBNzBF
OThFMEJBMjM0QUVCQzJGMDY1ODlGMERGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqs8EPYNmEMhvGZt7+tfepox2Zogd7BXgmxKFoBI6uj3LrvG4X
L8LmBQFB2i1ZqAIq05AIDrAmvr6XqZpdbKZr2ZlLi6S5HmqM6+yt+fd2S0yhVJ70
smY3nySZm8d4t9WB1+4A2ws0We0yoTo08ihr4EMPRlQcNvQg1IgbS+6UI3e8IIvh
FVpHSH6aDLgtql8MgixUlw9KBYkTytk7Si4qAnAjmV0nxFlHFh1XSdoywAUEfx43
fdHHCQjv+hRTUmIfMQgOxOnrBuhmVd1RGBlXKb6k7qdxNfFH7DUoB48jeU4euzSy
UmLhcD4BF9rqzp67DtsWp+uKMeKp8WmjD6vnAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyP3XU9qnDpjguiNK68LwZYnw36gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95UDNYVTlxbkRwamd1aU5L
NjhMd1pZbnczNmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE/xMMtBRY85M/gN8xn0454y6cqRlwg3FbNU
Gn3yB/lAkJRvkGj+W19y788D9sPzmuCxgGGXZJtj5EDIudxeba39YYPII6dJi4N9
0c7OgiyoEO+7UC8mVhCp3ltwpRs5ykoRWMXewZ3xp+gkUFB84/PGCZJEjaodahD5
WJeYGNPAgOhY2cHySZaqWlMfqNKCTDrFJMGFiDGX6z1EvV86QbKCp385cRfp/i0l
L34dsDSe0kGTNDFNC97tVlDTJemnMeHLgwJ88+7tdGjNo0/7eZfA78Bn0bD013kN
bFRERubDv3K6VrNr0C3LStnzktYva53J6vhtqrbXYdcoyk4ZRns=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:47 2025 by rpki-client