Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lCafjEdt2pvHrtoy4bOVuhNJTBc.roa
File: lCafjEdt2pvHrtoy4bOVuhNJTBc.roa (raw, json)
Hash identifier: 4Ufd6vILFgTGUoEYlJX4Elq0CdWbyubBv1zG8NjOHK8=
Subject key identifier: 94:26:9F:8C:47:6D:DA:9B:C7:AE:DA:32:E1:B3:95:BA:13:49:4C:17
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05E1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lCafjEdt2pvHrtoy4bOVuhNJTBc.roa
Signing time: Wed 14 May 2025 22:08:02 +0000
ROA not before: Wed 14 May 2025 22:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1505 (0x5e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 22:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=94269F8C476DDA9BC7AEDA32E1B395BA13494C17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ca:6c:0f:36:c1:80:44:ac:4b:c6:27:a2:04:
c0:b0:b9:6a:e6:6e:4a:cc:d9:94:77:20:2d:26:9c:
7a:c3:83:a5:b9:5e:00:d4:7b:82:25:ba:52:e4:a2:
c9:45:38:c3:d8:13:de:09:26:ec:81:7f:f4:e7:ed:
eb:75:36:98:47:1a:71:97:1b:ac:5e:37:6a:ff:89:
c9:9e:fa:1d:70:c6:a9:4a:f4:f0:73:56:a1:4e:14:
e6:8b:82:36:a9:75:1d:c8:bc:ba:82:39:5a:1e:3d:
bc:09:4a:c0:f9:96:b5:97:d9:ce:51:bc:0a:13:29:
9b:ab:30:b0:94:3f:82:eb:65:d6:1f:97:1a:b9:4b:
0b:8a:b5:5a:84:2f:5e:19:c1:6c:66:d6:6e:fe:cf:
b4:06:1b:68:ee:ba:b0:d4:15:95:ee:8a:1c:78:13:
3f:02:67:ca:b1:9e:76:10:d3:84:f9:0c:0c:24:d8:
4e:b9:1f:56:08:d9:64:a1:c1:53:47:29:bd:1f:3f:
82:fc:30:fc:cc:a7:6a:31:aa:f5:cc:f5:7c:d4:21:
fd:88:e9:22:3e:5b:bd:6d:55:ff:c4:06:60:7d:97:
cc:00:13:1f:bc:74:42:9e:67:4a:77:51:6c:61:c4:
81:7c:3e:5a:ca:17:44:49:43:5a:c2:43:bb:e6:8b:
39:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:26:9F:8C:47:6D:DA:9B:C7:AE:DA:32:E1:B3:95:BA:13:49:4C:17
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lCafjEdt2pvHrtoy4bOVuhNJTBc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:2a:07:bc:3e:5d:38:d1:2f:55:a9:7f:9c:eb:98:7d:96:10:
ac:f0:81:20:b8:e1:28:02:3e:0c:3a:2e:4f:ff:ff:92:4a:d5:
08:c2:38:5f:8b:e0:e6:55:66:1f:1a:16:76:a8:ed:8f:28:c9:
2d:96:16:a0:3b:e7:d3:7d:9c:bf:4c:a2:ac:47:d6:20:22:48:
a2:3f:b1:2f:d5:fe:e5:b4:9c:d9:a2:07:65:80:69:ab:ea:8a:
d1:cc:ef:dd:f3:15:fb:86:c5:20:9b:30:f5:7b:bd:b8:4c:e3:
c9:a9:55:7b:09:60:63:f2:7d:41:38:bf:70:fd:e8:69:3f:cb:
fa:37:5d:43:b5:2a:5d:a2:e3:e6:81:2d:30:bf:50:a9:83:7a:
47:f0:b8:01:3c:e0:17:c6:9b:6c:6c:06:b4:d7:43:a2:47:96:
fa:84:93:46:97:78:fb:e0:d4:a0:6e:f2:e9:e8:cd:ea:12:84:
57:04:4d:c2:51:23:02:db:5f:30:a8:a2:dc:a7:84:7f:22:35:
e6:6b:e1:22:62:7c:1b:c3:b7:3a:88:a9:dd:ad:e4:93:26:a0:
62:a6:a0:7a:0e:03:44:51:c8:47:4d:85:db:fa:9b:5f:ca:62:
ae:36:a3:3b:61:64:28:1b:3f:75:f3:fd:ff:67:c7:54:7e:34:
bb:a3:3e:56
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQy
MjA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk0MjY5RjhDNDc2RERB
OUJDN0FFREEzMkUxQjM5NUJBMTM0OTRDMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDvymwPNsGARKxLxieiBMCwuWrmbkrM2ZR3IC0mnHrDg6W5XgDU
e4IlulLkoslFOMPYE94JJuyBf/Tn7et1NphHGnGXG6xeN2r/icme+h1wxqlK9PBz
VqFOFOaLgjapdR3IvLqCOVoePbwJSsD5lrWX2c5RvAoTKZurMLCUP4LrZdYflxq5
SwuKtVqEL14ZwWxm1m7+z7QGG2juurDUFZXuihx4Ez8CZ8qxnnYQ04T5DAwk2E65
H1YI2WShwVNHKb0fP4L8MPzMp2oxqvXM9XzUIf2I6SI+W71tVf/EBmB9l8wAEx+8
dEKeZ0p3UWxhxIF8PlrKF0RJQ1rCQ7vmizmvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlCafjEdt2pvHrtoy4bOVuhNJTBcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sQ2FmakVkdDJwdkhydG95
NGJPVnVoTkpUQmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEkqB7w+XTjRL1Wpf5zrmH2WEKzwgSC44SgC
Pgw6Lk///5JK1QjCOF+L4OZVZh8aFnao7Y8oyS2WFqA759N9nL9MoqxH1iAiSKI/
sS/V/uW0nNmiB2WAaavqitHM793zFfuGxSCbMPV7vbhM48mpVXsJYGPyfUE4v3D9
6Gk/y/o3XUO1Kl2i4+aBLTC/UKmDekfwuAE84BfGm2xsBrTXQ6JHlvqEk0aXePvg
1KBu8unozeoShFcETcJRIwLbXzCootynhH8iNeZr4SJifBvDtzqIqd2t5JMmoGKm
oHoOA0RRyEdNhdv6m1/KYq42ozthZCgbP3Xz/f9nx1R+NLujPlY=
-----END CERTIFICATE-----
Generated at Sat May 17 19:37:45 2025 by rpki-client