Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Lo1iEOzVkUhPK2AY-EMyAs2d80k.roa
File: Lo1iEOzVkUhPK2AY-EMyAs2d80k.roa (raw, json)
Hash identifier: IhQkaIgiwAtlDQ55pPV1zDnsCUoL93bRhVm/Gxrn/Qs=
Subject key identifier: 2E:8D:62:10:EC:D5:91:48:4F:2B:60:18:F8:43:32:02:CD:9D:F3:49
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0755
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Lo1iEOzVkUhPK2AY-EMyAs2d80k.roa
Signing time: Fri 16 May 2025 20:38:06 +0000
ROA not before: Fri 16 May 2025 20:38:06 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1877 (0x755)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 16 20:38:06 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2E8D6210ECD591484F2B6018F8433202CD9DF349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f7:6c:1d:11:b2:a4:2c:6b:c9:89:ab:f4:9d:
4b:2a:c2:39:81:df:f2:b3:e5:ec:30:29:38:76:40:
6e:8c:57:f7:3e:67:08:44:e3:cc:d1:32:68:70:df:
95:a4:0e:6f:13:e9:49:20:39:4d:ae:73:d6:1d:04:
28:62:d6:32:3c:28:32:96:14:b6:ee:20:c5:a3:e1:
4e:d0:cf:e1:ea:35:96:9d:1b:4a:b0:dc:67:91:a6:
1d:83:1a:cc:db:08:26:ea:2c:4c:35:b4:eb:df:9b:
b8:b1:eb:79:00:af:87:84:ae:36:71:a4:91:85:29:
be:8e:cd:e8:1c:eb:d6:a2:c6:fb:05:e1:52:28:b5:
cd:55:a0:6f:95:03:97:ab:fa:00:a5:c1:04:72:b6:
4d:c2:e1:86:64:59:94:aa:3d:68:4e:a2:ff:5a:8e:
6f:97:3c:f7:02:75:47:5e:97:82:e9:e4:67:2d:89:
4b:43:03:2d:8a:32:2b:d4:ab:d8:9b:23:4e:7d:f1:
2e:4d:56:6f:51:d4:1e:f9:a6:d0:a8:a9:b5:66:a1:
bf:8d:76:48:e7:ef:27:2a:e4:36:76:da:00:e7:cc:
86:05:be:8b:14:74:fa:40:00:85:a6:bd:ab:42:53:
56:f0:fc:b8:29:73:d7:91:65:59:1a:b3:b7:4f:b5:
dc:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:8D:62:10:EC:D5:91:48:4F:2B:60:18:F8:43:32:02:CD:9D:F3:49
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Lo1iEOzVkUhPK2AY-EMyAs2d80k.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:62:eb:3a:b9:9d:e2:6c:49:a2:b0:56:5e:73:1e:32:05:d7:
66:93:17:8d:a1:df:85:54:94:0a:31:d6:c0:5c:ab:6b:4c:e7:
4a:5c:8f:47:fa:96:28:f0:3d:17:d8:16:13:1c:aa:0e:6b:7d:
d6:ac:7b:71:9c:74:bb:e8:4a:bb:fe:76:12:03:4d:fa:ae:c6:
94:5f:2c:49:bc:4b:13:27:04:cf:6a:07:a1:77:d1:79:b0:22:
d0:1d:4e:e2:a1:45:37:21:37:83:32:6d:6b:61:5f:c7:fc:f7:
79:04:67:7c:a1:54:be:9c:1c:5b:6e:05:17:97:a4:d7:81:c3:
a9:54:fd:4b:b7:cf:a2:8f:36:57:35:c2:03:04:77:b3:b3:c8:
f9:1d:96:7e:f4:96:c7:4e:30:81:76:79:f9:20:c3:63:3c:bc:
28:3d:2f:4d:2b:39:40:74:75:fe:77:41:b7:3d:1f:71:53:a2:
3e:82:76:66:f2:16:e5:97:ef:44:56:b0:71:3b:00:d3:84:cb:
b8:10:ca:bc:a6:45:a8:f4:36:a0:f6:bb:2a:bd:98:cf:d2:82:
34:0e:7a:e1:41:c8:58:17:66:2b:73:3d:9b:c8:84:96:fe:37:
29:d6:84:a2:9a:2c:76:88:48:f9:83:d6:45:c8:90:67:4f:d3:
b1:96:5e:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB1UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTYy
MDM4MDZaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJFOEQ2MjEwRUNENTkx
NDg0RjJCNjAxOEY4NDMzMjAyQ0Q5REYzNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT92wdEbKkLGvJiav0nUsqwjmB3/Kz5ewwKTh2QG6MV/c+ZwhE
48zRMmhw35WkDm8T6UkgOU2uc9YdBChi1jI8KDKWFLbuIMWj4U7Qz+HqNZadG0qw
3GeRph2DGszbCCbqLEw1tOvfm7ix63kAr4eErjZxpJGFKb6Ozegc69aixvsF4VIo
tc1VoG+VA5er+gClwQRytk3C4YZkWZSqPWhOov9ajm+XPPcCdUdel4Lp5GctiUtD
Ay2KMivUq9ibI0598S5NVm9R1B75ptCoqbVmob+Ndkjn7ycq5DZ22gDnzIYFvosU
dPpAAIWmvatCU1bw/Lgpc9eRZVkas7dPtdwxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULo1iEOzVkUhPK2AY+EMyAs2d80kwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MbzFpRU96VmtVaFBLMkFZ
LUVNeUFzMmQ4MGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKhi6zq5neJsSaKwVl5zHjIF12aTF42h34VU
lAox1sBcq2tM50pcj0f6lijwPRfYFhMcqg5rfdase3GcdLvoSrv+dhIDTfquxpRf
LEm8SxMnBM9qB6F30XmwItAdTuKhRTchN4MybWthX8f893kEZ3yhVL6cHFtuBReX
pNeBw6lU/Uu3z6KPNlc1wgMEd7OzyPkdln70lsdOMIF2efkgw2M8vCg9L00rOUB0
df53Qbc9H3FToj6CdmbyFuWX70RWsHE7ANOEy7gQyrymRaj0NqD2uyq9mM/SgjQO
euFByFgXZitzPZvIhJb+NynWhKKaLHaISPmD1kXIkGdP07GWXtU=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:30 2025 by rpki-client