Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/ypzb83elzdeJzxkodsmiyaEMCs0.roa
File: ypzb83elzdeJzxkodsmiyaEMCs0.roa (raw, json)
Hash identifier: oP2kWZunWoxKW2P8al6HGWePnxCQAjPmhbAmbZvIzeY=
Subject key identifier: CA:9C:DB:F3:77:A5:CD:D7:89:CF:19:28:76:C9:A2:C9:A1:0C:0A:CD
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1E4A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ypzb83elzdeJzxkodsmiyaEMCs0.roa
Signing time: Mon 16 Jun 2025 11:09:59 +0000
ROA not before: Mon 16 Jun 2025 11:09:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7754 (0x1e4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 16 11:09:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CA9CDBF377A5CDD789CF192876C9A2C9A10C0ACD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c9:aa:c3:78:b3:24:a4:7c:ce:77:0f:b9:10:
5f:fe:94:ba:96:82:6c:4a:2c:98:8d:31:90:a7:15:
9a:94:2c:9f:27:43:df:f7:26:08:9a:74:c0:a2:de:
87:1f:0c:54:90:77:86:72:e8:45:a9:94:20:64:77:
0e:b9:54:20:46:d6:ff:20:4d:c4:0c:d9:41:d1:e5:
4d:be:a7:13:e7:49:96:f3:2f:4e:5a:23:e7:5a:8d:
a2:06:16:a1:7a:7c:b7:e7:a7:95:ae:67:ea:f5:d5:
ea:e2:82:bc:cf:bd:74:6b:0c:d9:2f:41:6f:de:5d:
af:a3:fb:d0:bf:10:bd:a8:58:1e:cf:b5:35:ce:45:
d5:af:f4:22:96:6f:be:1e:10:7a:ad:a3:05:8c:a7:
0a:6a:fe:53:c2:90:f9:8a:69:30:f2:1d:2e:1e:00:
8a:4f:b7:61:26:d5:e3:b1:be:d5:6c:02:d8:3f:dd:
3f:be:fd:98:d4:49:06:48:25:ac:0f:d0:61:41:c3:
86:93:b5:28:94:36:16:6d:2f:8e:96:a1:46:28:c0:
d6:6b:ee:90:27:f0:90:09:1a:05:b3:91:bb:e9:4d:
2e:fa:ca:f2:47:e2:56:34:4c:c8:22:33:1a:5e:15:
93:01:3e:10:43:21:52:4f:34:1b:50:7f:8b:ca:2f:
7f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:9C:DB:F3:77:A5:CD:D7:89:CF:19:28:76:C9:A2:C9:A1:0C:0A:CD
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/ypzb83elzdeJzxkodsmiyaEMCs0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:b9:de:b0:95:b7:e3:00:eb:5b:73:5e:bf:57:09:6b:25:cb:
6b:8d:b1:95:f1:0f:15:39:ac:02:5a:aa:5d:f4:48:58:72:c5:
6c:72:11:e2:33:4e:3c:e8:bf:ab:b6:85:67:77:75:08:04:14:
d1:7b:6d:cf:4b:64:73:f8:2d:e2:31:e0:40:d0:d7:eb:1f:83:
36:61:b1:1f:3d:b3:55:f3:d8:68:6e:56:b2:68:09:b2:5d:40:
08:2b:97:25:35:16:9c:2f:65:a0:41:78:94:84:47:82:66:61:
d4:eb:ba:fa:ce:99:d6:ca:c1:b7:2d:85:65:82:88:7c:71:3b:
ca:56:a3:f8:bd:73:1b:85:6e:ee:0e:2d:ff:32:c1:19:03:aa:
45:cc:83:44:16:e9:17:8d:32:76:a0:39:98:de:b5:47:a6:fb:
bf:83:4e:2c:ad:f1:68:16:85:a1:88:07:a6:5e:a1:10:74:81:
c3:b9:fa:c7:43:9b:02:25:7d:6a:94:2d:68:45:6a:ae:59:47:
e0:c1:7c:45:d9:bf:3e:53:8d:15:b3:f6:c8:c2:f9:a7:e3:b5:
dd:a8:2d:c0:99:ea:44:58:f5:f3:b9:8b:27:65:c5:71:a0:26:
cf:56:ff:29:dc:21:87:6f:ac:e2:8d:ca:87:51:3b:b3:87:5a:
b5:0c:8d:da
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICHkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTYx
MTA5NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENBOUNEQkYzNzdBNUNE
RDc4OUNGMTkyODc2QzlBMkM5QTEwQzBBQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvyarDeLMkpHzOdw+5EF/+lLqWgmxKLJiNMZCnFZqULJ8nQ9/3
JgiadMCi3ocfDFSQd4Zy6EWplCBkdw65VCBG1v8gTcQM2UHR5U2+pxPnSZbzL05a
I+dajaIGFqF6fLfnp5WuZ+r11erigrzPvXRrDNkvQW/eXa+j+9C/EL2oWB7PtTXO
RdWv9CKWb74eEHqtowWMpwpq/lPCkPmKaTDyHS4eAIpPt2Em1eOxvtVsAtg/3T++
/ZjUSQZIJawP0GFBw4aTtSiUNhZtL46WoUYowNZr7pAn8JAJGgWzkbvpTS76yvJH
4lY0TMgiMxpeFZMBPhBDIVJPNBtQf4vKL39NAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUypzb83elzdeJzxkodsmiyaEMCs0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95cHpiODNlbHpkZUp6eGtv
ZHNtaXlhRU1DczAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADm53rCVt+MA61tzXr9XCWsly2uNsZXxDxU5
rAJaql30SFhyxWxyEeIzTjzov6u2hWd3dQgEFNF7bc9LZHP4LeIx4EDQ1+sfgzZh
sR89s1Xz2GhuVrJoCbJdQAgrlyU1FpwvZaBBeJSER4JmYdTruvrOmdbKwbcthWWC
iHxxO8pWo/i9cxuFbu4OLf8ywRkDqkXMg0QW6ReNMnagOZjetUem+7+DTiyt8WgW
haGIB6ZeoRB0gcO5+sdDmwIlfWqULWhFaq5ZR+DBfEXZvz5TjRWz9sjC+afjtd2o
LcCZ6kRY9fO5iydlxXGgJs9W/yncIYdvrOKNyodRO7OHWrUMjdo=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:53:18 2025 by rpki-client