Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/sHs_PrOKEDz8XXPwx4YWTYnaWXE.roa
File: sHs_PrOKEDz8XXPwx4YWTYnaWXE.roa (raw, json)
Hash identifier: 9gJA6D8ZChuqTzX3QQdzOyPe5+GlvRUgOFg/96ZT70E=
Subject key identifier: B0:7B:3F:3E:B3:8A:10:3C:FC:5D:73:F0:C7:86:16:4D:89:DA:59:71
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2176
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sHs_PrOKEDz8XXPwx4YWTYnaWXE.roa
Signing time: Sat 21 Jun 2025 04:11:52 +0000
ROA not before: Sat 21 Jun 2025 04:11:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8566 (0x2176)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 21 04:11:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B07B3F3EB38A103CFC5D73F0C786164D89DA5971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e7:8c:38:b3:82:78:a7:64:99:6d:02:ff:33:
4e:6f:11:84:e4:1a:e3:b0:68:de:d0:a1:c5:7f:21:
27:36:0d:d8:c2:20:45:1c:2b:2a:a6:a3:8c:39:35:
62:13:53:54:13:9d:f3:70:4e:fd:8d:2c:33:5b:d4:
e4:fc:3a:d8:19:62:1b:91:15:24:22:6e:b8:d2:00:
6b:cd:29:38:95:5b:25:d6:3c:44:5e:29:cf:e4:60:
b0:32:53:5a:29:b9:6c:2b:ab:75:56:d9:22:20:96:
6d:0b:ed:98:b0:9f:18:03:9c:86:eb:d1:9f:ff:65:
22:e4:65:69:d6:86:91:d1:3d:c5:bf:16:68:8a:ad:
7d:df:92:02:7c:1b:55:b6:17:5a:91:0d:b5:84:d2:
3f:16:55:e6:46:08:97:ad:66:9b:2d:72:c2:50:1a:
2e:95:2d:9f:3f:94:fe:5b:6f:c3:c3:55:3a:8e:1c:
da:e8:91:76:fb:33:c3:ad:95:a9:b6:c8:39:1f:bb:
5f:8a:c0:83:d0:3d:35:03:6b:db:22:7d:45:7f:1a:
55:5d:43:1f:56:04:c6:56:fc:f0:2c:ce:6b:87:7d:
57:79:52:77:de:0f:fd:fb:3c:94:26:fa:88:4a:ea:
9e:d8:7d:d0:a2:78:74:c3:65:ca:c8:cd:2e:31:37:
0f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:7B:3F:3E:B3:8A:10:3C:FC:5D:73:F0:C7:86:16:4D:89:DA:59:71
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/sHs_PrOKEDz8XXPwx4YWTYnaWXE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9f:c7:7a:22:6e:32:61:2a:3e:c3:be:ef:86:67:d5:43:20:12:
53:74:84:a3:7a:e7:62:40:5c:c0:98:69:71:46:e0:e4:05:53:
a1:4a:ee:3a:e9:cd:ef:60:20:1c:cf:91:a2:20:6d:58:ec:d6:
ef:17:3f:34:5f:f7:65:fd:f9:79:fe:c5:a9:d3:7d:3a:71:84:
b6:a7:51:82:fa:87:98:a9:50:14:b8:2e:ae:0b:b1:1e:9e:8e:
30:a6:ac:e5:24:ad:a5:dd:d8:6d:e1:42:b1:2d:13:1c:43:02:
e7:11:e8:1d:f7:31:f1:fb:48:d1:e5:72:ac:07:af:89:43:42:
4b:84:b9:f7:4e:60:f5:40:87:6e:cf:83:25:97:06:25:e5:a9:
56:96:f3:86:cd:55:e4:f7:ec:0d:53:b5:83:06:32:18:1d:10:
d4:50:03:c7:41:54:8f:48:a6:7c:2c:a8:cf:94:8e:6d:b4:cd:
11:ed:ca:72:d3:95:21:7a:9c:c2:2e:00:4f:6a:57:b5:91:b7:
35:85:7e:6d:65:d8:7c:2a:38:08:f2:06:7e:58:c3:59:be:50:
4b:5d:15:63:82:4f:da:9e:db:aa:e5:a5:f3:2e:0d:98:bc:2b:
65:02:66:48:a1:af:b6:a1:f7:f7:0a:78:26:a1:e2:d8:a2:09:
23:ac:da:59
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjEw
NDExNTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIwN0IzRjNFQjM4QTEw
M0NGQzVENzNGMEM3ODYxNjREODlEQTU5NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC454w4s4J4p2SZbQL/M05vEYTkGuOwaN7QocV/ISc2DdjCIEUc
Kyqmo4w5NWITU1QTnfNwTv2NLDNb1OT8OtgZYhuRFSQibrjSAGvNKTiVWyXWPERe
Kc/kYLAyU1opuWwrq3VW2SIglm0L7ZiwnxgDnIbr0Z//ZSLkZWnWhpHRPcW/FmiK
rX3fkgJ8G1W2F1qRDbWE0j8WVeZGCJetZpstcsJQGi6VLZ8/lP5bb8PDVTqOHNro
kXb7M8Otlam2yDkfu1+KwIPQPTUDa9sifUV/GlVdQx9WBMZW/PAszmuHfVd5Unfe
D/37PJQm+ohK6p7YfdCieHTDZcrIzS4xNw/BAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUsHs/PrOKEDz8XXPwx4YWTYnaWXEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zSHNfUHJPS0VEejhYWFB3
eDRZV1RZbmFXWEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJ/HeiJuMmEqPsO+74Zn1UMgElN0hKN652JA
XMCYaXFG4OQFU6FK7jrpze9gIBzPkaIgbVjs1u8XPzRf92X9+Xn+xanTfTpxhLan
UYL6h5ipUBS4Lq4LsR6ejjCmrOUkraXd2G3hQrEtExxDAucR6B33MfH7SNHlcqwH
r4lDQkuEufdOYPVAh27PgyWXBiXlqVaW84bNVeT37A1TtYMGMhgdENRQA8dBVI9I
pnwsqM+Ujm20zRHtynLTlSF6nMIuAE9qV7WRtzWFfm1l2HwqOAjyBn5Yw1m+UEtd
FWOCT9qe26rlpfMuDZi8K2UCZkihr7ah9/cKeCah4tiiCSOs2lk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:51:19 2025 by rpki-client