Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lrxHcmYkYXJEXoYAbgnOV9yC3Zk.roa
File: lrxHcmYkYXJEXoYAbgnOV9yC3Zk.roa (raw, json)
Hash identifier: 1ijvBJ5FyJrLAmxH5JQe8BhFBpwmXK6pcsfmfUlNzhg=
Subject key identifier: 96:BC:47:72:66:24:61:72:44:5E:86:00:6E:09:CE:57:DC:82:DD:99
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07B6
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lrxHcmYkYXJEXoYAbgnOV9yC3Zk.roa
Signing time: Sat 17 May 2025 08:38:12 +0000
ROA not before: Sat 17 May 2025 08:38:12 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1974 (0x7b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 08:38:12 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=96BC477266246172445E86006E09CE57DC82DD99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:50:b5:c0:fd:61:c1:59:76:17:c2:22:d8:96:
f9:47:ac:38:61:45:19:e0:a8:52:6b:ae:01:df:af:
d2:bc:f2:1a:3e:14:e6:94:7b:de:58:8b:fc:da:8d:
13:1e:0d:ed:9b:6e:2a:3e:e6:18:c5:0f:ad:cc:29:
e1:99:06:b9:71:36:65:cd:a8:12:3f:08:c7:e0:7e:
bb:10:e9:e6:67:a2:a7:71:fb:60:bf:62:bb:ca:b0:
0f:7d:ba:23:98:8b:2a:e1:1d:0d:72:6f:45:f3:1a:
1e:b8:ae:ed:a7:15:c8:6f:7a:0e:48:e7:0b:96:a4:
21:69:42:f6:10:07:72:3d:52:5e:0a:ee:02:08:a3:
4f:b5:87:8d:9c:fc:6a:09:b6:95:d4:d1:d4:96:63:
aa:e5:ab:df:ca:00:5d:01:5a:e5:b0:47:71:53:48:
07:b0:55:cf:08:e6:cb:b0:51:07:56:3d:b0:4c:0c:
d3:d5:ef:59:95:6a:af:4c:f4:97:96:ce:20:a0:66:
ca:89:ae:1a:26:6e:95:d0:dd:38:18:53:1e:2d:a4:
1e:c9:66:34:d2:58:71:a9:4c:46:08:59:e9:fc:cd:
9c:0e:1b:f7:39:90:db:a2:55:46:dd:2f:c6:db:3b:
70:b8:7e:68:3d:25:1f:88:c8:44:52:1f:75:1b:67:
99:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BC:47:72:66:24:61:72:44:5E:86:00:6E:09:CE:57:DC:82:DD:99
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lrxHcmYkYXJEXoYAbgnOV9yC3Zk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:25:92:e1:6d:68:9d:9a:0c:7f:26:71:ba:60:8a:7b:50:3c:
9b:55:be:e8:cf:4e:b2:cf:de:51:23:32:06:c1:c1:28:8e:bb:
0b:5e:36:6d:29:28:2c:28:17:f1:5b:69:1a:f0:3e:82:bb:01:
24:ff:28:c6:9a:3d:a5:cb:22:0e:14:b5:89:49:71:7c:c0:9a:
e1:d5:e3:a7:6f:e8:6e:aa:c0:1f:6e:89:7f:25:2d:8c:22:a2:
08:9a:58:c3:93:48:d2:26:3a:4c:45:e9:9a:70:ea:ff:46:1e:
3d:a9:1f:b2:2c:f5:40:57:95:e0:5b:40:4b:49:fc:2d:84:5c:
c2:d5:aa:7e:ad:96:c5:16:07:16:cc:96:69:95:0c:1c:7a:89:
8e:dd:9b:37:c9:e8:88:40:bc:8c:94:bf:38:44:49:b8:de:6f:
e1:57:cd:5d:88:59:60:24:a1:c1:04:06:53:66:51:cd:a5:2f:
57:13:41:74:db:b3:01:5e:ba:57:8e:00:e3:a0:e7:49:c3:34:
d4:fb:41:ee:6e:ff:ec:d3:68:10:3d:53:69:de:25:2b:9e:f8:
36:f3:ee:56:b4:1d:ac:c8:f1:5f:71:b1:3e:b2:9f:da:76:ab:
aa:5b:5d:56:8d:dd:1c:c8:d9:ad:bd:48:e3:36:86:04:65:f9:
82:41:d2:de
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB7YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
ODM4MTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk2QkM0NzcyNjYyNDYx
NzI0NDVFODYwMDZFMDlDRTU3REM4MkREOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxULXA/WHBWXYXwiLYlvlHrDhhRRngqFJrrgHfr9K88ho+FOaU
e95Yi/zajRMeDe2bbio+5hjFD63MKeGZBrlxNmXNqBI/CMfgfrsQ6eZnoqdx+2C/
YrvKsA99uiOYiyrhHQ1yb0XzGh64ru2nFchveg5I5wuWpCFpQvYQB3I9Ul4K7gII
o0+1h42c/GoJtpXU0dSWY6rlq9/KAF0BWuWwR3FTSAewVc8I5suwUQdWPbBMDNPV
71mVaq9M9JeWziCgZsqJrhombpXQ3TgYUx4tpB7JZjTSWHGpTEYIWen8zZwOG/c5
kNuiVUbdL8bbO3C4fmg9JR+IyERSH3UbZ5mTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlrxHcmYkYXJEXoYAbgnOV9yC3ZkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9scnhIY21Za1lYSkVYb1lB
YmduT1Y5eUMzWmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBACYlkuFtaJ2aDH8mcbpgintQPJtVvujPTrLP
3lEjMgbBwSiOuwteNm0pKCwoF/FbaRrwPoK7AST/KMaaPaXLIg4UtYlJcXzAmuHV
46dv6G6qwB9uiX8lLYwiogiaWMOTSNImOkxF6Zpw6v9GHj2pH7Is9UBXleBbQEtJ
/C2EXMLVqn6tlsUWBxbMlmmVDBx6iY7dmzfJ6IhAvIyUvzhESbjeb+FXzV2IWWAk
ocEEBlNmUc2lL1cTQXTbswFeuleOAOOg50nDNNT7Qe5u/+zTaBA9U2neJSue+Dbz
7la0HazI8V9xsT6yn9p2q6pbXVaN3RzI2a29SOM2hgRl+YJB0t4=
-----END CERTIFICATE-----
Generated at Sat May 17 23:25:47 2025 by rpki-client