Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LvrKxztYEy3ZLIKu84UqmKkJMyE.roa
File: LvrKxztYEy3ZLIKu84UqmKkJMyE.roa (raw, json)
Hash identifier: 5wxIYNheW6wkIWZKtm0ko2rTPrE+ajSddrZpLf9swwM=
Subject key identifier: 2E:FA:CA:C7:3B:58:13:2D:D9:2C:82:AE:F3:85:2A:98:A9:09:33:21
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 029E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LvrKxztYEy3ZLIKu84UqmKkJMyE.roa
Signing time: Sat 10 May 2025 13:38:22 +0000
ROA not before: Sat 10 May 2025 13:38:22 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 670 (0x29e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 13:38:22 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2EFACAC73B58132DD92C82AEF3852A98A9093321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:13:38:9c:9f:73:63:86:12:e1:67:cd:fa:25:
f1:6a:ad:aa:c5:25:7d:16:3a:2f:47:b3:28:61:25:
5d:1a:ad:47:41:03:da:b2:2f:08:43:bd:68:5c:b0:
a2:29:6b:4d:a8:35:cb:37:b0:71:86:ed:02:a1:c8:
7e:ed:e0:39:40:0a:63:ad:a0:8d:dc:a7:8d:7f:3b:
31:a7:36:3c:15:8a:8f:44:44:a4:fc:2e:fc:2e:a0:
44:91:49:7a:4f:28:30:c9:c6:71:33:70:57:45:8a:
8c:a9:83:1f:e0:4c:fd:12:14:d0:64:4f:06:89:ca:
ed:d2:df:ec:de:cb:0a:97:55:09:f8:0f:dc:eb:b3:
40:68:05:fa:53:7b:72:67:b5:66:52:c9:6c:c3:3b:
ed:ee:bb:63:6f:28:05:22:a6:07:50:8c:99:da:96:
8e:f7:6e:f1:02:9c:fe:58:a1:a2:6b:9d:0b:fc:5f:
5a:12:50:8a:fa:80:14:d9:f0:5b:4a:09:c0:79:09:
f4:0f:55:b4:59:77:a5:87:66:1f:c5:d5:98:9a:c9:
02:0b:75:80:04:55:56:14:68:37:ef:a7:ca:a8:9b:
d1:ec:dc:20:3e:0b:bc:66:4d:de:b1:47:06:f2:53:
02:e6:e9:2f:c1:27:6e:4f:dc:02:f5:98:bc:16:20:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FA:CA:C7:3B:58:13:2D:D9:2C:82:AE:F3:85:2A:98:A9:09:33:21
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LvrKxztYEy3ZLIKu84UqmKkJMyE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:11:4e:69:2a:e7:04:5a:ba:76:6e:b6:e3:82:0e:ef:d1:97:
d8:56:30:d9:27:5e:3f:32:db:ce:35:06:47:72:b8:ad:73:25:
46:f9:3f:b5:9e:74:1a:57:e2:11:42:0a:a2:3b:c4:cf:91:8f:
7b:3b:83:58:3a:ad:54:46:a4:4e:d3:97:65:34:ae:89:19:1f:
4c:5d:37:50:56:36:92:be:ac:f4:46:61:fb:60:d6:78:7f:69:
30:6e:6d:a2:10:c2:00:83:93:e2:2a:c2:e5:54:2e:a5:70:8c:
32:42:aa:31:85:29:b8:e0:90:ac:6b:b6:7b:2b:0e:b5:a8:d6:
ff:74:50:b2:4c:f1:14:13:fb:c7:88:ee:21:ed:0d:18:ab:57:
91:1c:73:67:b4:2e:c3:eb:3e:41:f4:78:d2:98:5a:6d:d7:2c:
e0:d1:e4:3e:38:26:3c:2b:b7:e6:57:07:ff:eb:8e:7d:41:0a:
69:61:9c:80:bc:60:be:f0:3d:ea:19:5d:46:a3:ad:bf:e3:30:
98:d6:45:0d:d8:d0:cf:d5:0d:a9:c5:db:aa:4c:07:76:8c:fb:
4a:65:10:31:b7:74:a9:7a:85:46:06:b9:7c:50:e4:b6:2f:c7:
b4:32:8b:4c:16:6e:8d:ab:63:ab:fd:98:28:87:f8:ca:6e:bc:
00:04:84:4c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAp4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
MzM4MjJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJFRkFDQUM3M0I1ODEz
MkREOTJDODJBRUYzODUyQTk4QTkwOTMzMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2Ezicn3NjhhLhZ836JfFqrarFJX0WOi9HsyhhJV0arUdBA9qy
LwhDvWhcsKIpa02oNcs3sHGG7QKhyH7t4DlACmOtoI3cp41/OzGnNjwVio9ERKT8
LvwuoESRSXpPKDDJxnEzcFdFioypgx/gTP0SFNBkTwaJyu3S3+zeywqXVQn4D9zr
s0BoBfpTe3JntWZSyWzDO+3uu2NvKAUipgdQjJnalo73bvECnP5YoaJrnQv8X1oS
UIr6gBTZ8FtKCcB5CfQPVbRZd6WHZh/F1ZiayQILdYAEVVYUaDfvp8qom9Hs3CA+
C7xmTd6xRwbyUwLm6S/BJ25P3AL1mLwWIBTZAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULvrKxztYEy3ZLIKu84UqmKkJMyEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MdnJLeHp0WUV5M1pMSUt1
ODRVcW1La0pNeUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEIRTmkq5wRaunZutuOCDu/Rl9hWMNknXj8y
2841BkdyuK1zJUb5P7WedBpX4hFCCqI7xM+Rj3s7g1g6rVRGpE7Tl2U0rokZH0xd
N1BWNpK+rPRGYftg1nh/aTBubaIQwgCDk+IqwuVULqVwjDJCqjGFKbjgkKxrtnsr
DrWo1v90ULJM8RQT+8eI7iHtDRirV5Ecc2e0LsPrPkH0eNKYWm3XLODR5D44Jjwr
t+ZXB//rjn1BCmlhnIC8YL7wPeoZXUajrb/jMJjWRQ3Y0M/VDanF26pMB3aM+0pl
EDG3dKl6hUYGuXxQ5LYvx7Qyi0wWbo2rY6v9mCiH+MpuvAAEhEw=
-----END CERTIFICATE-----
Generated at Sun May 18 18:59:38 2025 by rpki-client