Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LkLZlR5GQUdIUE2AXbCgEKHLF4o.roa
File: LkLZlR5GQUdIUE2AXbCgEKHLF4o.roa (raw, json)
Hash identifier: Im2cS6sG95otdz+m/dcfMV9DnWW1Gr1F+4slVdqE3FA=
Subject key identifier: 2E:42:D9:95:1E:46:41:47:48:50:4D:80:5D:B0:A0:10:A1:CB:17:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 076A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LkLZlR5GQUdIUE2AXbCgEKHLF4o.roa
Signing time: Fri 16 May 2025 23:08:09 +0000
ROA not before: Fri 16 May 2025 23:08:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1898 (0x76a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 23:08:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2E42D9951E46414748504D805DB0A010A1CB178A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4b:df:bf:4f:21:29:8e:a4:5b:e1:d5:fa:71:
65:63:47:bf:df:e0:10:7f:ce:d5:2a:03:bc:93:62:
e9:51:90:31:75:cc:97:6f:f6:98:76:1e:a5:6f:ae:
0f:5d:55:d8:8e:54:51:40:a7:57:3d:14:76:28:f4:
02:02:57:ae:a7:d6:99:02:50:7d:b4:31:10:2d:01:
69:96:16:e9:5e:08:e6:a2:fa:4b:4a:69:0a:f9:f0:
94:e8:a0:0a:9d:51:b7:9b:fd:74:47:52:f2:58:c2:
09:57:50:f0:ec:cd:c8:b9:4d:2b:8a:2f:a3:28:b8:
44:77:61:02:44:ae:8c:23:5a:a8:86:b4:06:73:eb:
8c:4c:53:ad:5f:be:c2:2a:7b:30:16:d0:d9:2a:43:
f8:bd:20:8e:ce:4f:23:c6:ab:6c:80:4c:d5:12:71:
43:dc:90:c1:f0:7f:52:7c:0e:4a:82:45:01:ab:3b:
c3:83:1f:21:31:7d:37:d4:dd:71:b1:f8:20:4f:4f:
ed:7b:de:f3:86:d0:49:59:c3:8f:d2:99:ab:b5:f6:
b8:a3:74:74:56:98:13:50:de:b8:a6:15:09:4e:95:
a9:bc:28:35:02:67:8f:a3:71:0c:8f:5a:ff:b0:16:
92:1e:c1:ed:fe:ef:c1:44:8d:5d:7f:f2:50:44:38:
7f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:42:D9:95:1E:46:41:47:48:50:4D:80:5D:B0:A0:10:A1:CB:17:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LkLZlR5GQUdIUE2AXbCgEKHLF4o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:13:52:48:ef:74:40:c0:2d:59:53:d7:23:f5:9a:5e:f5:41:
fb:7e:8b:64:36:b1:ca:27:d9:e9:1a:bf:eb:4e:d0:c8:4f:22:
71:e2:bd:1c:b9:a0:97:8a:90:eb:cd:05:33:b9:bc:60:93:50:
d8:90:b5:21:fa:66:e6:a2:85:b4:44:f2:f1:cb:cd:33:90:f1:
17:fc:4d:fd:20:d7:45:8b:fb:9e:5f:06:7b:3e:ac:dd:d2:49:
b1:8c:8a:8d:38:f4:f1:ed:74:e5:41:86:14:03:83:b9:ba:41:
56:7a:3f:cc:a4:90:a5:af:d2:4d:9f:d7:9f:00:02:f2:81:2a:
1b:93:88:6d:41:a6:4e:9a:78:a5:3a:1e:34:28:3c:b4:bc:1a:
5d:40:a6:27:0f:ca:29:14:ea:34:1e:c5:2a:55:9f:67:ea:d5:
88:9f:af:8e:34:86:8b:ea:81:49:66:4f:be:a5:3d:53:bb:ef:
92:9b:4a:56:c1:38:39:ad:9c:61:be:d0:c2:99:d9:85:00:8a:
ef:3e:8f:f7:fe:40:d2:eb:12:e2:06:15:0f:de:a7:c2:38:08:
f5:3f:b0:8e:88:1b:5d:3d:a4:19:87:4f:44:9d:8c:6d:dd:9c:
9f:59:f0:8f:ae:50:14:a1:30:32:48:83:be:98:04:f0:e8:90:
a5:39:af:8f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB2owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYy
MzA4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJFNDJEOTk1MUU0NjQx
NDc0ODUwNEQ4MDVEQjBBMDEwQTFDQjE3OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIS9+/TyEpjqRb4dX6cWVjR7/f4BB/ztUqA7yTYulRkDF1zJdv
9ph2HqVvrg9dVdiOVFFAp1c9FHYo9AICV66n1pkCUH20MRAtAWmWFuleCOai+ktK
aQr58JTooAqdUbeb/XRHUvJYwglXUPDszci5TSuKL6MouER3YQJErowjWqiGtAZz
64xMU61fvsIqezAW0NkqQ/i9II7OTyPGq2yATNUScUPckMHwf1J8DkqCRQGrO8OD
HyExfTfU3XGx+CBPT+173vOG0ElZw4/Smau19rijdHRWmBNQ3rimFQlOlam8KDUC
Z4+jcQyPWv+wFpIewe3+78FEjV1/8lBEOH/VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULkLZlR5GQUdIUE2AXbCgEKHLF4owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Ma0xabFI1R1FVZElVRTJB
WGJDZ0VLSExGNG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAIsTUkjvdEDALVlT1yP1ml71Qft+i2Q2scon
2ekav+tO0MhPInHivRy5oJeKkOvNBTO5vGCTUNiQtSH6ZuaihbRE8vHLzTOQ8Rf8
Tf0g10WL+55fBns+rN3SSbGMio049PHtdOVBhhQDg7m6QVZ6P8ykkKWv0k2f158A
AvKBKhuTiG1Bpk6aeKU6HjQoPLS8Gl1ApicPyikU6jQexSpVn2fq1Yifr440hovq
gUlmT76lPVO775KbSlbBODmtnGG+0MKZ2YUAiu8+j/f+QNLrEuIGFQ/ep8I4CPU/
sI6IG109pBmHT0SdjG3dnJ9Z8I+uUBShMDJIg76YBPDokKU5r48=
-----END CERTIFICATE-----
Generated at Sat May 17 22:22:22 2025 by rpki-client