Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yxdpk2GiteJSyAYO2gcI8bHpIKE.roa
File: yxdpk2GiteJSyAYO2gcI8bHpIKE.roa (raw, json)
Hash identifier: q/s/2bEMPJA3mo9lWqXdgSZvkNnVgQ4r6KG/zzqZD8E=
Subject key identifier: CB:17:69:93:61:A2:B5:E2:52:C8:06:0E:DA:07:08:F1:B1:E9:20:A1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 223E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yxdpk2GiteJSyAYO2gcI8bHpIKE.roa
Signing time: Sun 22 Jun 2025 05:11:52 +0000
ROA not before: Sun 22 Jun 2025 05:11:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8766 (0x223e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 05:11:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CB17699361A2B5E252C8060EDA0708F1B1E920A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ac:e0:16:34:bf:dc:ed:ee:50:48:5f:f8:90:
b0:ee:14:65:d8:0e:a0:76:62:53:b8:c5:aa:32:bb:
ba:ac:be:45:80:fa:5a:d0:82:70:2a:dd:31:1e:1e:
1f:65:ad:83:26:4a:02:d5:33:14:59:29:fe:e9:9b:
75:c2:36:40:d2:02:4d:88:68:a7:2c:8f:57:da:de:
cd:2e:db:c1:e5:65:66:8e:0a:25:df:94:02:ff:39:
86:7c:91:61:ca:60:79:32:9d:64:70:0c:4a:0a:ba:
db:d2:da:ba:7d:39:95:30:9e:e3:3f:ec:63:5f:d9:
d0:4b:76:4a:ad:44:1b:9e:2f:03:84:60:03:6b:8f:
a5:7d:9f:1a:38:c6:2f:84:6a:ba:a4:0c:3e:e2:52:
77:7d:2e:eb:65:bc:a7:7d:77:e5:2c:79:0d:e9:a6:
1b:f0:b9:94:99:cb:1b:97:88:e6:4e:25:6a:d1:09:
23:67:9d:0a:c1:d4:f6:18:d6:d7:31:7e:47:63:e0:
15:92:e2:95:47:3a:30:52:f6:e6:ce:24:ff:fc:fa:
b2:94:b8:1f:9a:7e:e4:f8:a1:1e:f0:aa:59:ef:b8:
a9:ab:d8:2a:05:53:97:5e:26:be:5e:26:5b:b2:d4:
2b:20:f9:8c:b8:57:8f:b4:9f:36:1b:c2:f5:8b:e2:
7e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:17:69:93:61:A2:B5:E2:52:C8:06:0E:DA:07:08:F1:B1:E9:20:A1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yxdpk2GiteJSyAYO2gcI8bHpIKE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:9c:bb:69:8e:c0:86:76:3c:f7:42:22:30:85:37:d4:ff:dc:
c1:2a:dc:0d:90:d6:eb:a1:b0:d8:27:9a:15:46:d9:d3:97:e0:
68:71:e3:90:0b:bf:d5:20:94:99:ff:84:89:e3:3d:45:e8:bb:
67:ce:5c:34:39:3d:fb:05:91:a8:c9:d8:32:e5:7a:06:d5:65:
cf:4b:83:b4:d6:6f:99:32:18:12:53:5f:fa:ca:b6:3d:a4:8d:
03:fe:29:e9:db:09:a6:f3:c1:17:93:28:b2:51:7b:95:5e:82:
94:1d:d5:bc:4d:cd:a0:1b:fd:f6:c2:8a:1b:2a:38:03:60:78:
74:e1:59:8d:36:89:22:10:d8:29:8b:9f:f2:30:a3:92:8d:47:
f0:61:17:10:cf:ea:63:78:e0:5d:0b:7a:2f:eb:d4:96:74:dc:
65:b0:94:27:3b:3c:56:2d:cb:3c:11:15:4e:d2:16:51:8e:bc:
df:ec:2c:b4:d7:df:b9:e8:6b:90:5d:64:33:98:77:26:ed:db:
ef:ac:05:31:48:3f:43:28:e4:0c:a9:a3:a0:1b:7d:57:99:34:
ca:c7:78:9c:a3:df:0a:81:c8:29:02:b7:e3:db:f1:5f:77:d7:
df:06:a7:0c:f2:34:c8:c0:0f:f3:09:b0:e5:19:59:4d:15:1c:
44:b9:4f:ad
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIj4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIw
NTExNTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENCMTc2OTkzNjFBMkI1
RTI1MkM4MDYwRURBMDcwOEYxQjFFOTIwQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzrOAWNL/c7e5QSF/4kLDuFGXYDqB2YlO4xaoyu7qsvkWA+lrQ
gnAq3TEeHh9lrYMmSgLVMxRZKf7pm3XCNkDSAk2IaKcsj1fa3s0u28HlZWaOCiXf
lAL/OYZ8kWHKYHkynWRwDEoKutvS2rp9OZUwnuM/7GNf2dBLdkqtRBueLwOEYANr
j6V9nxo4xi+EarqkDD7iUnd9LutlvKd9d+UseQ3pphvwuZSZyxuXiOZOJWrRCSNn
nQrB1PYY1tcxfkdj4BWS4pVHOjBS9ubOJP/8+rKUuB+afuT4oR7wqlnvuKmr2CoF
U5deJr5eJluy1Csg+Yy4V4+0nzYbwvWL4n5VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyxdpk2GiteJSyAYO2gcI8bHpIKEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95eGRwazJHaXRlSlN5QVlP
MmdjSThiSHBJS0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAFOcu2mOwIZ2PPdCIjCFN9T/3MEq3A2Q1uuh
sNgnmhVG2dOX4Ghx45ALv9UglJn/hInjPUXou2fOXDQ5PfsFkajJ2DLlegbVZc9L
g7TWb5kyGBJTX/rKtj2kjQP+KenbCabzwReTKLJRe5VegpQd1bxNzaAb/fbCihsq
OANgeHThWY02iSIQ2CmLn/Iwo5KNR/BhFxDP6mN44F0Lei/r1JZ03GWwlCc7PFYt
yzwRFU7SFlGOvN/sLLTX37noa5BdZDOYdybt2++sBTFIP0Mo5Aypo6AbfVeZNMrH
eJyj3wqByCkCt+Pb8V93198GpwzyNMjAD/MJsOUZWU0VHES5T60=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:52:11 2025 by rpki-client