Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/3LVfBBCLFGuh5ZMpqgPmaA9LFxg.roa
File: 3LVfBBCLFGuh5ZMpqgPmaA9LFxg.roa (raw, json)
Hash identifier: beLbyjT1IDNXFBosavcE7xwRefM/qDws/gXOU9JvuFI=
Subject key identifier: DC:B5:5F:04:10:8B:14:6B:A1:E5:93:29:AA:03:E6:68:0F:4B:17:18
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 04A9
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3LVfBBCLFGuh5ZMpqgPmaA9LFxg.roa
Signing time: Tue 13 May 2025 07:08:01 +0000
ROA not before: Tue 13 May 2025 07:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1193 (0x4a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 07:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=DCB55F04108B146BA1E59329AA03E6680F4B1718
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c9:23:74:10:99:be:a3:86:2f:67:94:a0:ea:
70:d6:95:1a:e3:3e:84:f9:58:89:bb:b7:d2:9b:29:
4f:43:ab:bc:df:fe:05:e3:2e:93:79:a6:3d:c6:c8:
c4:57:52:5d:f3:f0:c6:b5:ec:3c:a8:05:6d:6e:3e:
b5:e5:31:20:ef:ec:aa:f4:bf:de:36:a0:ae:53:21:
35:cb:29:d2:38:53:de:3b:d4:3c:94:af:48:05:c5:
2e:28:30:91:92:c2:b5:6d:e8:ba:51:27:10:77:a6:
7c:12:72:aa:a2:fc:af:58:db:73:43:b7:f7:75:f0:
85:19:e7:d0:15:a6:68:bd:87:d3:2b:ef:6a:25:7c:
80:8d:24:7b:81:73:45:20:cf:24:9e:d2:bb:84:d3:
74:1c:31:71:4b:96:de:6a:93:2c:69:77:d3:19:ee:
94:71:cb:fa:41:39:62:7f:30:6b:26:e6:45:ec:48:
d0:69:b7:75:be:97:65:a7:b2:2a:b0:fb:af:00:30:
ff:10:6c:1b:7f:4f:6d:de:2a:a2:67:52:40:e2:bf:
f3:d1:9a:44:e4:b3:47:d4:48:68:0e:27:3a:98:47:
8a:5e:d9:4e:ba:47:ee:1a:f7:8e:5f:a9:2d:2b:0b:
de:99:7d:29:b4:81:f0:7f:b4:1d:2b:97:85:10:09:
35:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:B5:5F:04:10:8B:14:6B:A1:E5:93:29:AA:03:E6:68:0F:4B:17:18
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/3LVfBBCLFGuh5ZMpqgPmaA9LFxg.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1a:d1:a1:a1:a9:13:2d:f9:e3:de:ed:6f:6c:7c:81:58:d1:67:
25:b1:0e:4c:f8:a9:f4:a7:dd:10:fc:9c:da:fb:2b:c7:73:cf:
30:b5:ef:8f:ae:0a:b5:40:7c:8a:f8:dd:eb:44:91:9d:e5:7c:
0f:1c:66:3e:41:b1:a3:88:0a:02:d5:38:9e:d7:e1:fb:98:3a:
11:08:2b:aa:28:df:bd:3c:66:f2:63:86:03:f4:e8:44:24:4b:
88:48:d6:2f:20:e6:ae:6e:41:67:b2:5c:a0:51:6f:5f:91:1b:
7f:90:62:ee:9c:5c:c3:b1:2e:a0:0e:5d:5c:0a:49:e3:cf:48:
18:ef:67:0f:85:96:2a:0e:14:b0:c0:81:28:41:7f:d3:79:74:
ab:9d:c8:16:11:2c:83:8a:70:18:5f:37:8d:da:8b:c5:9c:99:
e1:a8:84:94:d7:76:5f:4d:ad:1d:51:19:f3:c1:c1:02:c1:2d:
f5:fa:d6:3d:30:bc:bc:9c:33:7c:f0:12:b2:d8:5f:a2:4a:61:
13:f9:35:6b:ad:60:71:cd:63:6c:c8:53:87:ff:11:0a:03:c1:
ee:74:7f:19:91:de:4b:f0:c3:bd:96:4e:67:89:fa:43:40:d3:
cc:20:56:67:22:23:f8:08:61:f6:bc:1d:e6:2c:c9:94:74:d0:
3b:3c:41:ed
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMw
NzA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKERDQjU1RjA0MTA4QjE0
NkJBMUU1OTMyOUFBMDNFNjY4MEY0QjE3MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlySN0EJm+o4YvZ5Sg6nDWlRrjPoT5WIm7t9KbKU9Dq7zf/gXj
LpN5pj3GyMRXUl3z8Ma17DyoBW1uPrXlMSDv7Kr0v942oK5TITXLKdI4U9471DyU
r0gFxS4oMJGSwrVt6LpRJxB3pnwScqqi/K9Y23NDt/d18IUZ59AVpmi9h9Mr72ol
fICNJHuBc0UgzySe0ruE03QcMXFLlt5qkyxpd9MZ7pRxy/pBOWJ/MGsm5kXsSNBp
t3W+l2Wnsiqw+68AMP8QbBt/T23eKqJnUkDiv/PRmkTks0fUSGgOJzqYR4pe2U66
R+4a945fqS0rC96ZfSm0gfB/tB0rl4UQCTX/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3LVfBBCLFGuh5ZMpqgPmaA9LFxgwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8zTFZmQkJDTEZHdWg1Wk1w
cWdQbWFBOUxGeGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABrRoaGpEy35497tb2x8gVjRZyWxDkz4qfSn
3RD8nNr7K8dzzzC174+uCrVAfIr43etEkZ3lfA8cZj5BsaOICgLVOJ7X4fuYOhEI
K6oo3708ZvJjhgP06EQkS4hI1i8g5q5uQWeyXKBRb1+RG3+QYu6cXMOxLqAOXVwK
SePPSBjvZw+FlioOFLDAgShBf9N5dKudyBYRLIOKcBhfN43ai8WcmeGohJTXdl9N
rR1RGfPBwQLBLfX61j0wvLycM3zwErLYX6JKYRP5NWutYHHNY2zIU4f/EQoDwe50
fxmR3kvww72WTmeJ+kNA08wgVmciI/gIYfa8HeYsyZR00Ds8Qe0=
-----END CERTIFICATE-----
Generated at Sun May 18 20:04:04 2025 by rpki-client