Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lSG-Aw24DETlXJGqRBXN8UidliA.roa
File: lSG-Aw24DETlXJGqRBXN8UidliA.roa (raw, json)
Hash identifier: ytKqp5V6L0APx14Ufd2W0stoIch3HAhofBZIvf3A4Xg=
Subject key identifier: 95:21:BE:03:0D:B8:0C:44:E5:5C:91:AA:44:15:CD:F1:48:9D:96:20
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1B92
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lSG-Aw24DETlXJGqRBXN8UidliA.roa
Signing time: Thu 12 Jun 2025 20:09:53 +0000
ROA not before: Thu 12 Jun 2025 20:09:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 119.16.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7058 (0x1b92)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 12 20:09:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=9521BE030DB80C44E55C91AA4415CDF1489D9620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c0:cf:93:85:59:07:ff:fc:a9:9f:09:14:b9:
55:2e:76:2f:35:7b:f3:bd:2e:f3:bc:7c:ae:1b:c7:
2b:85:94:9b:fd:11:95:09:1c:5c:28:48:3c:8b:24:
01:1f:4c:02:b5:b2:9c:34:e6:4e:dd:65:51:09:e0:
d2:ae:4c:f1:62:0a:0a:ad:e7:3f:f6:9d:31:1e:ae:
5d:44:3f:6a:9c:cd:4a:06:84:2f:5a:0f:67:6c:4a:
5c:54:2c:2a:67:38:43:51:95:7f:19:a8:f0:66:59:
b9:33:9b:80:50:2a:95:5f:4f:a6:c0:0e:df:2a:c1:
a2:7d:47:d0:19:d6:92:cc:84:c9:35:46:c4:7c:bb:
03:58:b6:31:9b:ff:18:b7:aa:f1:a3:98:4b:c8:d9:
d9:45:99:9f:1b:a5:ac:1f:37:a7:74:c4:d3:05:f8:
7a:42:8c:bf:e3:c2:76:c4:10:2b:44:64:ad:df:5f:
d1:7c:4c:41:d1:6f:cb:57:04:1b:0c:89:99:c8:50:
b2:c6:b9:1f:9d:dd:48:a1:0d:54:1f:bf:2a:59:9e:
8c:54:ee:bc:c8:cc:57:a7:a8:6f:aa:a4:51:e7:24:
95:0b:96:80:c7:35:31:68:4d:82:b0:c2:76:1c:de:
90:02:69:3e:bb:b6:82:28:97:e5:ca:5a:8f:68:d6:
3d:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:21:BE:03:0D:B8:0C:44:E5:5C:91:AA:44:15:CD:F1:48:9D:96:20
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lSG-Aw24DETlXJGqRBXN8UidliA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.16.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:db:37:db:93:80:39:d9:98:39:c0:03:7b:7f:b2:71:d0:7d:
f2:e0:f9:2e:2c:c8:33:ba:73:b2:67:65:80:3e:00:9b:ab:9f:
8b:63:e6:8b:f8:e5:64:3e:8b:bc:f4:c4:2f:57:80:68:59:9a:
84:54:b8:5e:41:74:dd:f3:47:0d:b1:1d:27:e7:1a:1a:1f:d8:
ba:76:27:f1:80:b8:48:8b:b0:c4:f7:fb:63:d1:1f:94:fe:c8:
2b:d5:8b:5d:9b:45:af:d6:79:7e:87:0a:6e:6b:dd:d4:23:a6:
8d:9c:63:30:19:e2:98:a9:dc:c7:12:d3:3c:e1:28:62:22:bc:
70:e9:fd:18:db:a6:ca:64:0f:a0:ce:5d:6d:67:ca:5e:8c:c0:
e5:6f:1e:c9:4d:b2:8f:c3:c6:99:69:0a:f3:38:c5:0b:9a:f4:
4f:07:6e:d4:e3:45:e4:1c:0d:0a:59:7f:47:7b:d0:0e:32:a1:
da:49:54:e9:72:79:b7:56:39:81:d2:85:6c:9d:1f:f4:b9:0f:
bc:5d:60:30:d1:f6:5d:ba:d5:ef:19:92:75:fc:ea:79:35:59:
87:5b:1d:79:00:b6:11:1a:10:fc:22:1a:63:77:e7:6f:d8:d1:
4e:ee:c0:c1:61:2c:65:38:b5:14:2c:5d:90:05:0d:d2:22:8b:
0f:bb:87:7d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICG5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTIy
MDA5NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1MjFCRTAzMERCODBD
NDRFNTVDOTFBQTQ0MTVDREYxNDg5RDk2MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlwM+ThVkH//ypnwkUuVUudi81e/O9LvO8fK4bxyuFlJv9EZUJ
HFwoSDyLJAEfTAK1spw05k7dZVEJ4NKuTPFiCgqt5z/2nTEerl1EP2qczUoGhC9a
D2dsSlxULCpnOENRlX8ZqPBmWbkzm4BQKpVfT6bADt8qwaJ9R9AZ1pLMhMk1RsR8
uwNYtjGb/xi3qvGjmEvI2dlFmZ8bpawfN6d0xNMF+HpCjL/jwnbEECtEZK3fX9F8
TEHRb8tXBBsMiZnIULLGuR+d3UihDVQfvypZnoxU7rzIzFenqG+qpFHnJJULloDH
NTFoTYKwwnYc3pACaT67toIol+XKWo9o1j3xAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlSG+Aw24DETlXJGqRBXN8UidliAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sU0ctQXcyNERFVGxYSkdx
UkJYTjhVaWRsaUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
dxAwDQYJKoZIhvcNAQELBQADggEBAALbN9uTgDnZmDnAA3t/snHQffLg+S4syDO6
c7JnZYA+AJurn4tj5ov45WQ+i7z0xC9XgGhZmoRUuF5BdN3zRw2xHSfnGhof2Lp2
J/GAuEiLsMT3+2PRH5T+yCvVi12bRa/WeX6HCm5r3dQjpo2cYzAZ4pip3McS0zzh
KGIivHDp/RjbpspkD6DOXW1nyl6MwOVvHslNso/DxplpCvM4xQua9E8HbtTjReQc
DQpZf0d70A4yodpJVOlyebdWOYHShWydH/S5D7xdYDDR9l261e8ZknX86nk1WYdb
HXkAthEaEPwiGmN352/Y0U7uwMFhLGU4tRQsXZAFDdIiiw+7h30=
-----END CERTIFICATE-----
Generated at Sat Jun 21 08:58:14 2025 by rpki-client