Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lvg-ONZVfTrZD4e8hMqXDetI1r4.roa
File: lvg-ONZVfTrZD4e8hMqXDetI1r4.roa (raw, json)
Hash identifier: RvV6O/RZEl4r/YHF88idKCAyi92f7rDbf7M37DKVqZs=
Subject key identifier: 96:F8:3E:38:D6:55:7D:3A:D9:0F:87:BC:84:CA:97:0D:EB:48:D6:BE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 047E
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lvg-ONZVfTrZD4e8hMqXDetI1r4.roa
Signing time: Tue 13 May 2025 01:37:59 +0000
ROA not before: Tue 13 May 2025 01:37:59 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1150 (0x47e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 01:37:59 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=96F83E38D6557D3AD90F87BC84CA970DEB48D6BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:46:37:fc:44:cb:80:60:fb:01:31:08:7e:de:
b4:a7:d2:4a:31:f4:76:62:00:ef:83:76:fe:69:fb:
c8:f2:a9:c3:e9:9e:19:c3:fb:76:09:95:8d:47:a7:
8a:6f:01:c6:c7:c0:ad:d6:47:52:45:03:c7:bf:3c:
c9:bc:f6:e8:36:c0:33:ab:b4:23:a7:96:d6:7c:e3:
69:d0:fc:cc:00:63:0a:d3:59:91:28:c5:93:18:46:
5a:24:40:00:36:cb:76:e6:b3:b4:bf:ba:de:f1:6f:
92:23:c6:d1:5f:c4:56:f1:4b:67:c3:65:b4:b1:26:
0a:12:95:48:c1:48:22:a0:7c:f4:dd:c6:b2:16:0f:
2c:e0:a7:9d:2f:77:ee:db:91:a8:1b:61:b9:b3:01:
e1:4f:02:cd:e6:16:08:11:82:cb:98:41:de:73:31:
3a:93:41:08:70:47:a3:40:db:78:7a:1f:d2:a5:ba:
78:05:af:5a:64:a0:c3:7e:e4:b5:72:2b:cf:5c:e7:
af:0a:1d:e8:1f:f0:a7:fd:e5:db:db:03:87:3b:79:
53:b9:fa:b1:da:f7:90:b7:93:0d:58:c6:a4:0c:26:
e2:8e:2b:c0:bc:89:a0:3c:c0:03:9c:be:17:2f:8c:
d6:30:b8:ed:49:54:b0:eb:d2:2f:7a:93:b7:5f:43:
7d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F8:3E:38:D6:55:7D:3A:D9:0F:87:BC:84:CA:97:0D:EB:48:D6:BE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lvg-ONZVfTrZD4e8hMqXDetI1r4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
45:78:32:dd:53:8c:93:c4:e2:ba:5a:c7:b0:56:77:0e:7d:0a:
c2:3b:39:87:6a:a7:3e:4a:5f:e7:b4:08:c8:07:8a:8d:74:08:
1d:7d:ce:d3:00:ff:2a:34:3b:33:46:32:7b:2e:f8:f6:64:af:
c4:db:6d:d4:60:9a:64:50:05:43:b7:f3:e1:81:4b:2d:7d:1d:
03:2a:4d:2f:c6:fc:22:01:f6:9e:7d:62:f1:4d:ae:d8:aa:42:
7c:48:20:23:b8:7b:b6:55:9b:f3:3c:a8:d4:61:59:9d:90:01:
a5:87:88:80:bf:0b:83:30:d6:71:9c:a6:f3:eb:1d:c3:ea:b3:
08:12:e4:76:ef:7c:84:b6:73:60:74:da:3a:27:77:0d:6b:40:
14:50:8c:18:14:a7:ac:95:6a:64:5e:53:98:0a:22:6c:37:9c:
27:56:9b:f2:d0:ee:3f:64:a0:06:fd:9b:4f:35:d3:1b:d7:07:
b6:bb:58:bd:ee:2a:d4:6e:4e:a2:0c:d4:a6:eb:a6:4c:87:06:
a7:31:69:76:7f:65:6b:36:2d:91:ad:32:85:85:14:e6:63:93:
d9:82:98:58:19:96:fb:38:ec:df:b1:00:3a:04:d2:41:f8:86:
5a:b8:ac:88:ac:86:9a:9c:40:84:2f:c7:f2:fc:2e:25:77:db:
14:77:eb:ea
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBH4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
MTM3NTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk2RjgzRTM4RDY1NTdE
M0FEOTBGODdCQzg0Q0E5NzBERUI0OEQ2QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVRjf8RMuAYPsBMQh+3rSn0kox9HZiAO+Ddv5p+8jyqcPpnhnD
+3YJlY1Hp4pvAcbHwK3WR1JFA8e/PMm89ug2wDOrtCOnltZ842nQ/MwAYwrTWZEo
xZMYRlokQAA2y3bms7S/ut7xb5IjxtFfxFbxS2fDZbSxJgoSlUjBSCKgfPTdxrIW
Dyzgp50vd+7bkagbYbmzAeFPAs3mFggRgsuYQd5zMTqTQQhwR6NA23h6H9KlungF
r1pkoMN+5LVyK89c568KHegf8Kf95dvbA4c7eVO5+rHa95C3kw1YxqQMJuKOK8C8
iaA8wAOcvhcvjNYwuO1JVLDr0i96k7dfQ30VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlvg+ONZVfTrZD4e8hMqXDetI1r4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sdmctT05aVmZUclpENGU4
aE1xWERldEkxcjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAEV4Mt1TjJPE4rpax7BWdw59CsI7OYdqpz5K
X+e0CMgHio10CB19ztMA/yo0OzNGMnsu+PZkr8TbbdRgmmRQBUO38+GBSy19HQMq
TS/G/CIB9p59YvFNrtiqQnxIICO4e7ZVm/M8qNRhWZ2QAaWHiIC/C4Mw1nGcpvPr
HcPqswgS5HbvfIS2c2B02jondw1rQBRQjBgUp6yVamReU5gKImw3nCdWm/LQ7j9k
oAb9m0810xvXB7a7WL3uKtRuTqIM1KbrpkyHBqcxaXZ/ZWs2LZGtMoWFFOZjk9mC
mFgZlvs47N+xADoE0kH4hlq4rIishpqcQIQvx/L8LiV32xR36+o=
-----END CERTIFICATE-----
Generated at Sat May 17 19:41:17 2025 by rpki-client