Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ybd1qL4IfGEb83GyGl2so98NaRE.roa
File: ybd1qL4IfGEb83GyGl2so98NaRE.roa (raw, json)
Hash identifier: 7SICl9wYT1OinV9C8b2M8aADQD23vYkBGBfrIInIJiY=
Subject key identifier: C9:B7:75:A8:BE:08:7C:61:1B:F3:71:B2:1A:5D:AC:A3:DF:0D:69:11
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0ACA
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ybd1qL4IfGEb83GyGl2so98NaRE.roa
Signing time: Wed 21 May 2025 11:08:19 +0000
ROA not before: Wed 21 May 2025 11:08:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2762 (0xaca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 11:08:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C9B775A8BE087C611BF371B21A5DACA3DF0D6911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:48:ca:11:d1:53:f1:f2:02:4d:ec:55:e3:34:
f9:00:1e:42:06:e5:bb:3e:bf:c6:21:90:55:d0:28:
99:07:ca:53:68:16:8f:6d:23:d4:d5:ef:5a:5d:23:
24:6b:37:6b:62:1e:ff:da:fc:d0:70:13:a6:b1:55:
7e:52:71:b4:67:bd:90:39:3a:9f:33:20:62:5f:cc:
ec:b7:ad:e9:15:43:9b:00:2a:62:b3:b6:23:af:c4:
39:99:13:81:e1:4c:2a:de:1d:1f:e5:1f:a3:23:50:
61:ea:20:62:7c:74:e6:71:96:a9:8b:42:bd:63:b9:
ab:b1:63:2a:6f:3a:9f:09:d1:35:0e:42:c7:77:e3:
4f:b7:9f:95:f1:2a:04:d9:1e:4d:a4:72:3b:9b:b2:
f1:f5:38:de:d3:09:41:4e:a6:e7:e5:f3:5d:ff:cb:
13:de:10:58:6b:40:df:28:50:89:6f:5b:7f:5e:1f:
0c:26:cf:3b:d1:4d:ba:88:89:5b:95:4f:af:6c:21:
7e:d6:07:c1:eb:e6:2f:cf:f9:3e:62:5d:60:0d:e1:
2f:4e:71:24:cf:40:f9:52:82:28:3e:23:fc:85:ef:
3e:6d:0b:84:05:e9:ae:54:da:a2:81:ac:fe:e1:7d:
5b:0b:da:51:ff:24:d2:a9:7d:3e:3f:97:1c:e8:15:
58:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:B7:75:A8:BE:08:7C:61:1B:F3:71:B2:1A:5D:AC:A3:DF:0D:69:11
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ybd1qL4IfGEb83GyGl2so98NaRE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:ae:c9:43:10:7c:c3:ee:47:94:e1:0d:43:7b:20:fb:8e:5c:
fc:15:04:34:3c:6a:30:8a:66:31:d9:1b:93:6b:d7:9b:2c:62:
4e:de:63:ac:73:b0:95:97:4b:39:0d:06:ca:1d:bf:70:4f:93:
98:bb:83:d4:89:4d:68:59:c1:34:79:89:40:aa:a4:e8:46:c5:
15:99:0c:06:a8:16:52:5b:ca:7a:b7:23:b8:aa:46:1c:d3:1d:
af:e7:49:2f:65:8d:d2:37:92:f9:b3:1d:27:e9:d1:91:cc:fb:
b2:8b:15:09:d6:42:08:d3:e8:a2:d0:2f:82:66:c9:f2:43:a1:
6b:d5:59:e1:4b:d0:79:f3:24:7a:d2:3d:d2:dd:81:a1:db:79:
f3:77:7d:e6:09:60:bf:31:d3:4f:0e:54:6e:4a:c1:0b:8e:8d:
c5:3e:5c:6b:44:17:f1:62:67:89:3d:d7:ff:d8:30:9f:02:c8:
e9:0c:41:65:5c:f6:ef:ce:d3:4f:b9:0d:41:0e:81:02:7e:72:
bd:9f:e3:74:3c:bd:af:67:12:6c:1e:5e:0c:59:ae:1e:7a:05:
9b:ae:0b:c9:8c:d6:71:8b:4d:48:87:da:fa:cc:73:1f:9d:9b:
50:3a:2f:a9:e0:d8:0f:04:21:1e:47:7f:94:f5:65:f5:35:7f:
41:62:a7:1a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCsowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEx
MTA4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM5Qjc3NUE4QkUwODdD
NjExQkYzNzFCMjFBNURBQ0EzREYwRDY5MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNSMoR0VPx8gJN7FXjNPkAHkIG5bs+v8YhkFXQKJkHylNoFo9t
I9TV71pdIyRrN2tiHv/a/NBwE6axVX5ScbRnvZA5Op8zIGJfzOy3rekVQ5sAKmKz
tiOvxDmZE4HhTCreHR/lH6MjUGHqIGJ8dOZxlqmLQr1juauxYypvOp8J0TUOQsd3
40+3n5XxKgTZHk2kcjubsvH1ON7TCUFOpufl813/yxPeEFhrQN8oUIlvW39eHwwm
zzvRTbqIiVuVT69sIX7WB8Hr5i/P+T5iXWAN4S9OcSTPQPlSgig+I/yF7z5tC4QF
6a5U2qKBrP7hfVsL2lH/JNKpfT4/lxzoFVg9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUybd1qL4IfGEb83GyGl2so98NaREwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95YmQxcUw0SWZHRWI4M0d5
R2wyc285OE5hUkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAE6uyUMQfMPuR5ThDUN7IPuOXPwVBDQ8ajCK
ZjHZG5Nr15ssYk7eY6xzsJWXSzkNBsodv3BPk5i7g9SJTWhZwTR5iUCqpOhGxRWZ
DAaoFlJbynq3I7iqRhzTHa/nSS9ljdI3kvmzHSfp0ZHM+7KLFQnWQgjT6KLQL4Jm
yfJDoWvVWeFL0HnzJHrSPdLdgaHbefN3feYJYL8x008OVG5KwQuOjcU+XGtEF/Fi
Z4k91//YMJ8CyOkMQWVc9u/O00+5DUEOgQJ+cr2f43Q8va9nEmweXgxZrh56BZuu
C8mM1nGLTUiH2vrMcx+dm1A6L6ng2A8EIR5Hf5T1ZfU1f0Fipxo=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:53:56 2025 by rpki-client