Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lj-B7c11tQdT1W2M6h1LoUAgD1A.roa
File: lj-B7c11tQdT1W2M6h1LoUAgD1A.roa (raw, json)
Hash identifier: 1IdaZQOv+sjAFUSFUpHVr9XOI1TagLXAojwMsV8yEtk=
Subject key identifier: 96:3F:81:ED:CD:75:B5:07:53:D5:6D:8C:EA:1D:4B:A1:40:20:0F:50
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0536
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lj-B7c11tQdT1W2M6h1LoUAgD1A.roa
Signing time: Wed 14 May 2025 00:37:59 +0000
ROA not before: Wed 14 May 2025 00:37:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1334 (0x536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 00:37:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=963F81EDCD75B50753D56D8CEA1D4BA140200F50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c9:72:8f:63:2f:7e:6a:7a:b8:21:1b:03:b7:
24:34:eb:dd:05:c4:87:ef:68:62:83:90:28:d0:f4:
a5:a0:44:94:9a:d1:78:72:58:b8:3d:57:d3:04:d0:
71:fc:64:c4:0b:17:c0:15:e2:35:3b:ce:ed:a6:ba:
92:13:01:13:18:fd:4b:c7:36:ef:bc:6a:14:bf:2c:
f4:77:d7:58:8e:e9:68:f0:25:b7:99:7e:4d:65:db:
d6:01:6a:ff:09:df:cd:8e:65:86:18:54:8c:f4:8e:
94:f9:17:ce:db:92:13:1f:4a:be:a8:10:cd:ba:e7:
74:9a:be:25:ef:81:64:f0:e7:72:61:b9:66:17:15:
f0:5f:b2:27:09:dd:e5:e1:10:7a:e0:04:76:50:a4:
40:41:82:ff:92:4e:f6:8f:2d:41:1d:b6:40:84:90:
58:cf:ae:59:b1:8d:58:95:ce:94:3e:ab:43:32:f8:
e1:c1:58:af:c5:d1:60:47:46:8e:16:93:42:46:f4:
37:ce:98:4c:fb:c2:08:18:5a:d2:c2:44:2e:62:ae:
81:de:b5:f1:27:59:9a:83:d3:96:16:f9:45:e3:16:
0f:b3:8d:1e:9f:9f:ed:09:f8:83:09:34:25:a7:07:
89:be:05:ed:50:ac:18:a1:d7:3d:cb:62:e4:5f:4f:
7c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3F:81:ED:CD:75:B5:07:53:D5:6D:8C:EA:1D:4B:A1:40:20:0F:50
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lj-B7c11tQdT1W2M6h1LoUAgD1A.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:af:d2:e7:c3:c9:50:82:80:6a:72:9d:18:b1:e7:87:b7:65:
8c:d1:67:f6:1c:6d:6b:84:02:39:3f:39:b6:d1:ff:5e:d9:36:
f4:a2:d8:73:78:92:46:46:39:20:8d:76:9a:60:1c:e8:e1:0e:
c8:c2:4d:02:55:10:fc:fc:38:62:5d:48:f6:29:65:3e:3c:ed:
00:df:90:bb:81:27:ac:b2:c7:e1:96:2f:db:43:c8:ff:52:c4:
2a:50:c1:8c:7d:dd:54:c5:b2:3f:6a:db:5c:45:01:4f:00:bc:
45:53:90:4b:fd:d3:da:37:a3:37:cc:72:d9:53:7d:74:b6:60:
b6:f0:b3:e4:df:16:60:4a:25:47:8b:11:c5:97:1a:8c:99:f3:
07:7c:79:c1:25:6d:c8:17:96:b6:81:b3:32:4a:ba:96:46:0a:
61:40:2e:f9:8c:2c:3b:99:e6:5c:b0:43:49:01:58:3f:80:d6:
ce:5a:65:56:f3:13:87:ee:5b:7c:d0:d6:66:b1:16:a2:0f:6d:
58:0c:54:d1:74:69:2b:2c:a0:cf:09:05:4b:44:a1:a2:90:3a:
18:d9:5b:0c:98:3a:f0:e3:ca:1e:48:7e:bc:9b:0c:d1:80:f2:
d9:09:ce:ee:10:fa:e2:14:c4:44:64:2a:f3:e2:61:1d:a6:c7:
83:70:99:ba
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBTYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MDM3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk2M0Y4MUVEQ0Q3NUI1
MDc1M0Q1NkQ4Q0VBMUQ0QkExNDAyMDBGNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTyXKPYy9+anq4IRsDtyQ0690FxIfvaGKDkCjQ9KWgRJSa0Xhy
WLg9V9ME0HH8ZMQLF8AV4jU7zu2mupITARMY/UvHNu+8ahS/LPR311iO6WjwJbeZ
fk1l29YBav8J382OZYYYVIz0jpT5F87bkhMfSr6oEM2653SaviXvgWTw53JhuWYX
FfBfsicJ3eXhEHrgBHZQpEBBgv+STvaPLUEdtkCEkFjPrlmxjViVzpQ+q0My+OHB
WK/F0WBHRo4Wk0JG9DfOmEz7wggYWtLCRC5iroHetfEnWZqD05YW+UXjFg+zjR6f
n+0J+IMJNCWnB4m+Be1QrBih1z3LYuRfT3ylAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlj+B7c11tQdT1W2M6h1LoUAgD1AwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sai1CN2MxMXRRZFQxVzJN
NmgxTG9VQWdEMUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAJCv0ufDyVCCgGpynRix54e3ZYzRZ/YcbWuE
Ajk/ObbR/17ZNvSi2HN4kkZGOSCNdppgHOjhDsjCTQJVEPz8OGJdSPYpZT487QDf
kLuBJ6yyx+GWL9tDyP9SxCpQwYx93VTFsj9q21xFAU8AvEVTkEv909o3ozfMctlT
fXS2YLbws+TfFmBKJUeLEcWXGoyZ8wd8ecElbcgXlraBszJKupZGCmFALvmMLDuZ
5lywQ0kBWD+A1s5aZVbzE4fuW3zQ1maxFqIPbVgMVNF0aSssoM8JBUtEoaKQOhjZ
WwyYOvDjyh5IfrybDNGA8tkJzu4Q+uIUxERkKvPiYR2mx4Nwmbo=
-----END CERTIFICATE-----
Generated at Sat May 17 21:27:02 2025 by rpki-client