Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/LzbKFDPFKsLaPDPs3tpbpHI6bRo.roa
File: LzbKFDPFKsLaPDPs3tpbpHI6bRo.roa (raw, json)
Hash identifier: csW6vOX5WxjuzlCSXbSvwnLZ19IJAmqAwddONLIZEW8=
Subject key identifier: 2F:36:CA:14:33:C5:2A:C2:DA:3C:33:EC:DE:DA:5B:A4:72:3A:6D:1A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05A2
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LzbKFDPFKsLaPDPs3tpbpHI6bRo.roa
Signing time: Wed 14 May 2025 14:08:04 +0000
ROA not before: Wed 14 May 2025 14:08:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1442 (0x5a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 14:08:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2F36CA1433C52AC2DA3C33ECDEDA5BA4723A6D1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:80:48:a4:b7:a5:69:94:2f:e1:c3:85:53:3d:
75:a0:34:7e:75:e7:50:58:2e:22:e6:2c:50:bb:bf:
24:9d:7b:0a:8e:25:bb:f9:17:06:6b:55:d9:55:59:
ee:15:2c:76:99:c1:ff:39:bb:78:49:d2:12:bd:86:
d5:5d:53:2a:18:8a:14:e4:c5:fd:1d:ce:88:96:e4:
1c:e8:73:69:1b:1e:32:ba:f9:d6:78:9e:7f:9d:5d:
0c:21:82:be:78:e5:bb:3e:0b:c4:0b:de:ad:b7:f5:
a6:a8:10:89:42:80:ec:23:b9:04:9a:5a:d9:ff:7b:
35:b9:41:02:71:aa:34:36:1c:6b:65:2d:f3:8c:4e:
04:c6:a4:5f:81:74:af:7f:fc:eb:14:51:85:5a:4a:
4b:f9:23:91:46:c2:fa:75:14:3a:b4:4f:1e:99:00:
a4:26:8f:0e:32:78:61:f8:2a:af:ea:b6:00:4d:af:
a6:f1:28:86:92:1f:40:19:87:29:4f:d0:ed:4f:10:
c1:45:78:3d:39:7b:e8:7b:4c:05:0d:cc:1c:b9:a5:
49:09:1e:3c:ee:72:00:cd:0c:da:90:1a:fc:2d:79:
74:46:e4:fb:00:fe:a9:b7:0a:f8:27:62:3e:97:dc:
8a:23:89:04:5a:01:b1:4b:ee:8a:be:38:8a:03:47:
a9:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:36:CA:14:33:C5:2A:C2:DA:3C:33:EC:DE:DA:5B:A4:72:3A:6D:1A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LzbKFDPFKsLaPDPs3tpbpHI6bRo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:ba:37:26:f0:19:ca:ba:3f:33:d3:ed:2b:48:6c:72:41:dd:
78:8d:23:82:7b:79:34:ad:bc:50:6c:97:1e:c1:11:92:98:c9:
0f:2e:9b:52:ee:96:0c:71:c5:4c:22:e2:71:0c:4f:34:4f:68:
e8:61:dc:f5:b4:06:7d:9e:26:28:11:c5:01:a3:08:aa:c5:4a:
a1:a8:57:06:32:04:19:5e:d3:27:11:b9:72:02:8d:d3:65:3c:
e5:38:ed:b4:3a:35:54:b2:92:24:24:55:7d:9f:2a:ae:de:79:
95:c5:1e:da:ea:d6:c8:73:50:7f:7e:0d:64:6f:86:1f:f8:d7:
ca:e5:c3:24:6d:fe:3e:d3:bc:19:69:79:b0:3e:b7:c8:6b:d7:
45:d8:63:62:ca:2f:76:69:53:65:59:ea:6b:7e:db:f7:24:10:
d7:66:d0:72:f5:57:e1:98:ee:0d:95:ce:6b:e8:89:88:7f:fe:
8a:ef:e8:40:f7:82:e4:d0:93:b7:01:64:2f:96:fd:72:5e:60:
57:fa:e4:5c:e8:8e:8d:3c:7c:7e:32:25:ce:be:5f:72:34:03:
31:8e:4e:f9:67:38:7d:eb:21:fd:cc:e3:02:3d:a3:f8:63:c6:
39:7f:80:f1:ea:87:8d:bd:b9:08:73:4d:90:42:16:93:17:c1:
61:69:9d:34
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBaIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
NDA4MDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJGMzZDQTE0MzNDNTJB
QzJEQTNDMzNFQ0RFREE1QkE0NzIzQTZEMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVgEikt6VplC/hw4VTPXWgNH5151BYLiLmLFC7vySdewqOJbv5
FwZrVdlVWe4VLHaZwf85u3hJ0hK9htVdUyoYihTkxf0dzoiW5Bzoc2kbHjK6+dZ4
nn+dXQwhgr545bs+C8QL3q239aaoEIlCgOwjuQSaWtn/ezW5QQJxqjQ2HGtlLfOM
TgTGpF+BdK9//OsUUYVaSkv5I5FGwvp1FDq0Tx6ZAKQmjw4yeGH4Kq/qtgBNr6bx
KIaSH0AZhylP0O1PEMFFeD05e+h7TAUNzBy5pUkJHjzucgDNDNqQGvwteXRG5PsA
/qm3CvgnYj6X3IojiQRaAbFL7oq+OIoDR6nNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULzbKFDPFKsLaPDPs3tpbpHI6bRowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MemJLRkRQRktzTGFQRFBz
M3RwYnBISTZiUm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEO6NybwGcq6PzPT7StIbHJB3XiNI4J7eTSt
vFBslx7BEZKYyQ8um1LulgxxxUwi4nEMTzRPaOhh3PW0Bn2eJigRxQGjCKrFSqGo
VwYyBBle0ycRuXICjdNlPOU47bQ6NVSykiQkVX2fKq7eeZXFHtrq1shzUH9+DWRv
hh/418rlwyRt/j7TvBlpebA+t8hr10XYY2LKL3ZpU2VZ6mt+2/ckENdm0HL1V+GY
7g2VzmvoiYh//orv6ED3guTQk7cBZC+W/XJeYFf65Fzojo08fH4yJc6+X3I0AzGO
TvlnOH3rIf3M4wI9o/hjxjl/gPHqh429uQhzTZBCFpMXwWFpnTQ=
-----END CERTIFICATE-----
Generated at Sat May 17 23:27:16 2025 by rpki-client