Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/kh6gC-RRphLhH7UVAF_hmmNzZVo.roa
File: kh6gC-RRphLhH7UVAF_hmmNzZVo.roa (raw, json)
Hash identifier: 8X8RASJisqgO7wM1D+sXzlXklXgPwr/Jjiamq7RLOUo=
Subject key identifier: 92:1E:A0:0B:E4:51:A6:12:E1:1F:B5:15:00:5F:E1:9A:63:73:65:5A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0DF6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kh6gC-RRphLhH7UVAF_hmmNzZVo.roa
Signing time: Sun 25 May 2025 16:38:55 +0000
ROA not before: Sun 25 May 2025 16:38:55 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3574 (0xdf6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 16:38:55 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=921EA00BE451A612E11FB515005FE19A6373655A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4e:10:36:09:c5:a9:6e:a3:75:df:46:59:0d:
8e:59:46:35:fe:1a:c9:4a:04:1b:3a:7a:b8:5a:03:
e4:24:c2:97:85:3a:1f:ce:fc:d5:7a:8e:05:19:52:
b6:00:da:0e:53:36:53:05:e4:1d:00:45:bb:32:1a:
50:1b:41:11:5a:cd:d3:18:c2:84:6f:e3:3f:bd:64:
85:da:6f:39:b2:76:05:ef:57:5d:9e:d2:84:33:8a:
65:b0:74:f5:0a:9d:c9:b2:35:2a:5b:05:56:e5:52:
a5:c3:f7:a6:66:41:1d:7e:b5:e6:aa:d0:e8:55:5e:
8f:2c:99:6f:4a:4f:db:fc:86:50:58:b0:45:0b:7e:
fc:c0:d5:df:2d:dd:d0:fa:5f:42:6f:da:12:ff:e1:
21:6a:93:03:ab:51:8c:df:67:ba:6f:0c:e8:bc:9d:
a7:54:62:52:aa:07:33:a9:79:20:23:e5:5d:2b:a0:
cd:b5:cd:7c:d9:6c:fd:5e:af:3a:a6:65:c8:e9:1d:
c5:86:81:24:a9:a5:ae:6a:1a:30:2c:8e:e7:20:40:
b9:dd:9b:c4:b5:a8:98:b7:d6:e6:5b:78:d3:d3:d0:
48:40:ed:72:26:90:c7:20:ef:07:13:73:3c:b1:93:
2b:ac:e6:bb:47:2d:1a:dd:a5:fd:f7:3a:90:e8:02:
6d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1E:A0:0B:E4:51:A6:12:E1:1F:B5:15:00:5F:E1:9A:63:73:65:5A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/kh6gC-RRphLhH7UVAF_hmmNzZVo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:a5:94:0f:6d:9e:20:6e:b3:eb:7f:5a:d3:b2:4b:72:c5:54:
d3:4e:60:fb:2f:f9:66:62:1a:22:1a:7d:10:2d:43:8f:4d:a2:
f7:f6:ca:d2:64:fc:6f:dc:14:6c:cc:b7:c2:57:02:59:74:26:
92:72:b0:29:b5:58:68:6a:74:db:54:36:ec:c4:eb:c2:82:3c:
3a:72:e3:bc:4e:d9:fa:77:68:c0:a2:53:cb:ef:3e:94:47:5e:
ca:e3:19:6c:82:33:ce:99:6d:e0:b2:31:bf:df:96:70:43:0d:
f6:a1:fc:bb:af:24:59:f3:7c:75:bd:fd:60:30:98:7f:a3:71:
29:f9:37:f3:c0:3d:ea:b1:9e:d5:0b:42:56:ac:95:f1:ab:50:
96:c0:a9:7a:27:d3:55:cc:07:bd:98:eb:78:cd:60:8c:38:86:
ef:98:c6:15:bf:23:8f:93:f1:54:5a:bc:41:4e:e8:73:11:3a:
1c:99:b8:f6:ea:f6:28:9d:ea:45:9d:2f:d1:5a:ed:56:b4:f4:
91:f4:19:f2:69:f8:22:3a:40:58:cd:9e:dc:1b:bd:1e:63:a6:
08:7b:f4:56:68:0a:25:b5:af:13:e5:39:64:5d:d0:e7:35:ff:
15:11:e0:cc:83:30:d4:44:60:77:65:dc:32:8a:27:22:c1:dd:
68:ce:b0:4f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDfYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUx
NjM4NTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDkyMUVBMDBCRTQ1MUE2
MTJFMTFGQjUxNTAwNUZFMTlBNjM3MzY1NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtThA2CcWpbqN130ZZDY5ZRjX+GslKBBs6erhaA+QkwpeFOh/O
/NV6jgUZUrYA2g5TNlMF5B0ARbsyGlAbQRFazdMYwoRv4z+9ZIXabzmydgXvV12e
0oQzimWwdPUKncmyNSpbBVblUqXD96ZmQR1+teaq0OhVXo8smW9KT9v8hlBYsEUL
fvzA1d8t3dD6X0Jv2hL/4SFqkwOrUYzfZ7pvDOi8nadUYlKqBzOpeSAj5V0roM21
zXzZbP1erzqmZcjpHcWGgSSppa5qGjAsjucgQLndm8S1qJi31uZbeNPT0EhA7XIm
kMcg7wcTczyxkyus5rtHLRrdpf33OpDoAm1rAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUkh6gC+RRphLhH7UVAF/hmmNzZVowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9raDZnQy1SUnBoTGhIN1VW
QUZfaG1tTnpaVm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADqllA9tniBus+t/WtOyS3LFVNNOYPsv+WZi
GiIafRAtQ49Novf2ytJk/G/cFGzMt8JXAll0JpJysCm1WGhqdNtUNuzE68KCPDpy
47xO2fp3aMCiU8vvPpRHXsrjGWyCM86ZbeCyMb/flnBDDfah/LuvJFnzfHW9/WAw
mH+jcSn5N/PAPeqxntULQlaslfGrUJbAqXon01XMB72Y63jNYIw4hu+YxhW/I4+T
8VRavEFO6HMROhyZuPbq9iid6kWdL9Fa7Va09JH0GfJp+CI6QFjNntwbvR5jpgh7
9FZoCiW1rxPlOWRd0Oc1/xUR4MyDMNREYHdl3DKKJyLB3WjOsE8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:37:05 2025 by rpki-client