Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lIo7RnZ_ml4MXkgKiUF4vj1a2DY.roa
File: lIo7RnZ_ml4MXkgKiUF4vj1a2DY.roa (raw, json)
Hash identifier: ZlvrJmlUjg+vDEdLPCvq4oz+3avPilcy2vSKphC587Y=
Subject key identifier: 94:8A:3B:46:76:7F:9A:5E:0C:5E:48:0A:89:41:78:BE:3D:5A:D8:36
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 07A1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lIo7RnZ_ml4MXkgKiUF4vj1a2DY.roa
Signing time: Sat 17 May 2025 06:08:08 +0000
ROA not before: Sat 17 May 2025 06:08:08 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1953 (0x7a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 17 06:08:08 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=948A3B46767F9A5E0C5E480A894178BE3D5AD836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:af:61:b6:e6:23:9a:9d:b5:df:fa:a7:82:
f0:62:55:96:84:f2:bf:fc:7a:06:66:85:9e:de:ff:
00:d0:1b:24:aa:e4:38:20:aa:e0:57:8f:fa:29:5c:
fc:fc:14:86:22:d4:bb:70:4e:f6:a8:ff:45:6c:9a:
5c:2d:1f:12:fc:7a:87:55:a4:fa:c6:cf:75:9f:5e:
c8:2f:e4:de:4b:36:67:52:c5:d5:96:8d:24:6a:de:
0e:85:3f:2f:50:93:ef:95:b6:91:17:d2:42:cb:a6:
1f:3c:0e:61:5e:93:be:bb:48:bf:19:1b:69:c5:5c:
e3:59:b1:24:9f:75:89:19:da:f4:ff:f9:26:88:d0:
34:4f:dd:f3:cf:3b:86:d3:73:33:db:f2:b9:ab:4e:
45:67:f5:cb:0c:23:ca:4a:07:fa:2c:4a:19:1a:f3:
9d:67:d8:dd:a9:b3:83:c2:2d:11:dd:a8:91:00:6a:
5b:94:5f:23:f7:e1:1b:4e:08:cb:82:a8:1a:14:a7:
21:43:3d:e7:8a:d5:24:ab:20:14:5c:d2:a0:86:ad:
0a:e1:bd:ce:53:21:cc:24:f6:c2:ae:11:18:99:d6:
93:6b:d5:a9:00:ba:a8:54:7a:63:d5:d3:13:16:48:
e3:6e:55:8f:6d:5d:d4:50:1a:65:61:79:e8:10:c3:
df:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:8A:3B:46:76:7F:9A:5E:0C:5E:48:0A:89:41:78:BE:3D:5A:D8:36
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lIo7RnZ_ml4MXkgKiUF4vj1a2DY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:86:ab:fe:07:87:ff:e8:2e:d4:98:c3:ec:bf:d5:8a:ba:b0:
d1:d5:3b:c7:14:06:46:dd:3e:99:d7:70:ed:1b:a0:de:14:af:
cb:15:cb:44:12:53:f3:b5:a9:13:fd:92:61:b8:4b:bb:5b:c8:
6a:e2:11:f6:9f:b8:1e:e6:25:8a:c3:ed:d0:ee:bb:41:51:94:
44:e3:a4:8f:17:73:1d:3f:c4:37:55:d1:63:da:35:80:d0:48:
7b:db:7c:e4:47:23:23:03:a2:9e:25:90:1e:9d:71:32:f0:ef:
5c:a0:f5:ed:b7:91:5b:30:fc:3a:75:61:96:9e:4a:b2:dc:d7:
5d:a5:74:1c:b8:0c:82:ab:bd:19:f6:5d:68:ac:dc:16:b8:2f:
88:58:50:c2:e2:84:21:ea:3d:eb:08:44:c2:9b:7e:25:41:4a:
15:d7:5a:db:c2:28:0e:44:a6:53:93:9d:f2:3d:61:27:a1:91:
38:22:98:cc:04:e3:79:55:2f:ec:ee:7f:74:f4:55:bb:5a:64:
e8:eb:34:c2:90:9d:70:38:de:2e:d0:89:f0:fc:e0:01:6e:b1:
47:c5:8c:bc:50:36:86:09:b9:c1:d8:0e:b8:5f:92:8d:5f:2b:
c1:d9:68:57:ea:58:b4:99:e8:e9:38:8b:a9:18:6a:e6:4d:5d:
e1:82:ad:76
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICB6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTcw
NjA4MDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk0OEEzQjQ2NzY3RjlB
NUUwQzVFNDgwQTg5NDE3OEJFM0Q1QUQ4MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Ba9htuYjmp213/qngvBiVZaE8r/8egZmhZ7e/wDQGySq5Dgg
quBXj/opXPz8FIYi1LtwTvao/0VsmlwtHxL8eodVpPrGz3WfXsgv5N5LNmdSxdWW
jSRq3g6FPy9Qk++VtpEX0kLLph88DmFek767SL8ZG2nFXONZsSSfdYkZ2vT/+SaI
0DRP3fPPO4bTczPb8rmrTkVn9csMI8pKB/osShka851n2N2ps4PCLRHdqJEAaluU
XyP34RtOCMuCqBoUpyFDPeeK1SSrIBRc0qCGrQrhvc5TIcwk9sKuERiZ1pNr1akA
uqhUemPV0xMWSONuVY9tXdRQGmVheegQw9/dAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlIo7RnZ/ml4MXkgKiUF4vj1a2DYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sSW83Um5aX21sNE1Ya2dL
aVVGNHZqMWEyRFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIaGq/4Hh//oLtSYw+y/1Yq6sNHVO8cUBkbd
PpnXcO0boN4Ur8sVy0QSU/O1qRP9kmG4S7tbyGriEfafuB7mJYrD7dDuu0FRlETj
pI8Xcx0/xDdV0WPaNYDQSHvbfORHIyMDop4lkB6dcTLw71yg9e23kVsw/Dp1YZae
SrLc112ldBy4DIKrvRn2XWis3Ba4L4hYUMLihCHqPesIRMKbfiVBShXXWtvCKA5E
plOTnfI9YSehkTgimMwE43lVL+zuf3T0VbtaZOjrNMKQnXA43i7QifD84AFusUfF
jLxQNoYJucHYDrhfko1fK8HZaFfqWLSZ6Ok4i6kYauZNXeGCrXY=
-----END CERTIFICATE-----
Generated at Sun May 18 09:11:32 2025 by rpki-client