Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lraaOm_JovEtdeB9ddaYo9gTMKo.roa
File: lraaOm_JovEtdeB9ddaYo9gTMKo.roa (raw, json)
Hash identifier: ciIMvR4MxJ4GKcdBnzHWci/RUsJzzo9KICEQI/nDZoQ=
Subject key identifier: 96:B6:9A:3A:6F:C9:A2:F1:2D:75:E0:7D:75:D6:98:A3:D8:13:30:AA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 021A
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lraaOm_JovEtdeB9ddaYo9gTMKo.roa
Signing time: Fri 09 May 2025 21:07:49 +0000
ROA not before: Fri 09 May 2025 21:07:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 538 (0x21a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 21:07:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=96B69A3A6FC9A2F12D75E07D75D698A3D81330AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a0:7f:4e:20:3d:9a:f6:71:f0:05:78:9a:92:
cd:03:51:24:23:d5:cf:d8:e7:48:72:e6:6e:7a:d5:
18:bd:f5:d8:11:de:72:91:07:e8:d6:02:09:22:76:
ca:d6:e4:c7:84:03:4b:8f:f4:27:98:fe:9a:3a:83:
a8:a3:39:36:87:07:0c:8d:cd:57:d2:26:12:c6:9c:
42:a2:c1:6a:1b:1b:02:2a:7f:c2:84:5f:ea:54:a4:
64:ce:8a:d2:18:cd:cb:b0:b6:cb:c0:e4:9d:c3:50:
a2:50:9f:7d:86:25:f2:99:4e:f1:65:0b:7e:c4:c7:
da:84:38:79:f1:1f:81:b9:7f:60:00:c9:d1:fd:41:
80:8a:46:a6:3a:ae:88:08:95:48:c2:00:06:3e:48:
c1:2d:9b:da:d9:d4:f7:be:ff:44:91:9f:ff:19:c8:
8b:7a:c7:ac:82:91:18:5b:29:1c:34:90:c4:85:df:
d1:de:37:fc:79:db:58:a2:be:39:74:6c:78:10:48:
01:dd:89:2d:5b:0d:6c:36:0e:7a:69:08:be:d4:fd:
b5:54:59:eb:31:21:b9:f6:d1:d4:a9:6f:4e:87:a9:
02:5b:58:48:fa:4a:c9:5c:4e:88:9b:16:a1:4d:35:
c2:68:7e:f3:b1:46:da:65:7e:13:23:fb:2c:61:ee:
ee:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B6:9A:3A:6F:C9:A2:F1:2D:75:E0:7D:75:D6:98:A3:D8:13:30:AA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lraaOm_JovEtdeB9ddaYo9gTMKo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:a8:32:26:4a:54:22:2e:af:f4:63:a7:68:58:2e:02:0c:63:
2b:cd:4d:81:fd:06:71:61:02:1f:4f:7f:c4:a7:67:46:1f:86:
ae:05:2d:3b:1f:3b:2f:17:ae:22:62:32:cc:d1:ac:a0:c5:fd:
63:fd:e6:97:79:41:03:bd:ea:7f:d1:d3:7e:4b:95:c1:b2:63:
68:28:f1:10:9b:3f:43:90:e9:69:9a:7f:9f:78:8d:df:54:04:
58:bb:29:df:d7:1b:95:6a:ee:8c:07:18:f4:9c:39:a5:2d:16:
18:54:7b:c0:fb:6d:58:98:97:12:a3:1f:3a:51:c7:1b:2c:53:
88:91:40:62:cb:99:2d:ca:e9:9c:1d:92:e1:68:24:f5:6c:f3:
d6:c4:49:a8:b8:d1:f7:b2:b8:d4:54:8b:8c:cb:c3:00:38:85:
42:99:1b:6d:0e:b0:16:fc:a9:87:03:4f:c0:48:9b:9f:49:f3:
5f:0c:90:1a:7e:9b:bb:10:e1:e2:48:64:67:f4:8d:ba:7d:6f:
b2:8c:36:0b:3a:07:39:cc:ea:fd:e4:27:39:bf:d4:0b:a4:e1:
e3:8c:4b:78:f8:8d:ac:f2:79:af:05:f3:84:6a:01:bb:d0:f8:
f5:fc:0b:d9:46:01:74:6b:e4:40:96:b5:be:a2:d1:b8:30:cc:
2f:72:ea:5c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDky
MTA3NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk2QjY5QTNBNkZDOUEy
RjEyRDc1RTA3RDc1RDY5OEEzRDgxMzMwQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpoH9OID2a9nHwBXiaks0DUSQj1c/Y50hy5m561Ri99dgR3nKR
B+jWAgkidsrW5MeEA0uP9CeY/po6g6ijOTaHBwyNzVfSJhLGnEKiwWobGwIqf8KE
X+pUpGTOitIYzcuwtsvA5J3DUKJQn32GJfKZTvFlC37Ex9qEOHnxH4G5f2AAydH9
QYCKRqY6rogIlUjCAAY+SMEtm9rZ1Pe+/0SRn/8ZyIt6x6yCkRhbKRw0kMSF39He
N/x521iivjl0bHgQSAHdiS1bDWw2DnppCL7U/bVUWesxIbn20dSpb06HqQJbWEj6
SslcToibFqFNNcJofvOxRtplfhMj+yxh7u4rAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlraaOm/JovEtdeB9ddaYo9gTMKowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9scmFhT21fSm92RXRkZUI5
ZGRhWW85Z1RNS28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBADaoMiZKVCIur/Rjp2hYLgIMYyvNTYH9BnFh
Ah9Pf8SnZ0Yfhq4FLTsfOy8XriJiMszRrKDF/WP95pd5QQO96n/R035LlcGyY2go
8RCbP0OQ6Wmaf594jd9UBFi7Kd/XG5Vq7owHGPScOaUtFhhUe8D7bViYlxKjHzpR
xxssU4iRQGLLmS3K6ZwdkuFoJPVs89bESai40feyuNRUi4zLwwA4hUKZG20OsBb8
qYcDT8BIm59J818MkBp+m7sQ4eJIZGf0jbp9b7KMNgs6BznM6v3kJzm/1Auk4eOM
S3j4jazyea8F84RqAbvQ+PX8C9lGAXRr5ECWtb6i0bgwzC9y6lw=
-----END CERTIFICATE-----
Generated at Sun May 18 02:08:21 2025 by rpki-client