Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lcG4qUSOqSPJIrwg9Jmy_WJs30I.roa
File: lcG4qUSOqSPJIrwg9Jmy_WJs30I.roa (raw, json)
Hash identifier: 0/O7vhXw5FR8GOUPxCbcq2tFdcL8gyqpbqSxGZz6qIA=
Subject key identifier: 95:C1:B8:A9:44:8E:A9:23:C9:22:BC:20:F4:99:B2:FD:62:6C:DF:42
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0559
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lcG4qUSOqSPJIrwg9Jmy_WJs30I.roa
Signing time: Wed 14 May 2025 05:08:01 +0000
ROA not before: Wed 14 May 2025 05:08:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1369 (0x559)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 05:08:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=95C1B8A9448EA923C922BC20F499B2FD626CDF42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:07:71:08:70:24:30:bd:88:7b:b6:45:b4:80:
c8:c5:0d:ba:cb:30:38:cd:e3:97:dc:b4:c3:31:36:
38:f3:a0:35:93:8a:4d:a0:97:42:d6:89:38:a5:fa:
f4:57:b1:64:98:5c:90:29:52:02:79:26:2a:dc:d8:
f9:15:5f:27:dc:52:27:16:fb:e7:50:4a:a1:d7:2e:
af:9a:ed:84:a8:d7:6f:6b:d6:72:d7:ee:20:32:2d:
5e:4c:f7:15:3b:c9:b8:d7:9e:da:63:58:19:43:c3:
9e:45:ff:ea:82:f1:c4:e9:56:8b:59:ec:ec:c7:cd:
d6:39:de:2e:c1:bb:8f:d4:2b:e6:dd:74:4c:34:97:
d1:da:88:ac:59:ab:83:d0:e5:98:85:28:58:da:20:
fd:73:ec:7a:c6:72:69:15:86:a6:e1:29:a3:e7:17:
98:d8:d6:4a:56:e7:11:e9:df:b3:38:f5:32:24:33:
41:53:c0:cf:4b:7d:84:44:1d:b3:88:5e:f4:38:6b:
40:7c:02:f2:00:09:0e:59:94:67:9e:31:b9:2a:c5:
be:f6:c5:09:18:eb:2d:a9:59:e7:f3:e8:f6:85:21:
43:96:b0:78:b3:7e:47:b9:9c:ee:f4:36:b1:51:ea:
4e:fa:38:b1:1a:85:88:b2:27:f9:83:13:14:63:ae:
99:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C1:B8:A9:44:8E:A9:23:C9:22:BC:20:F4:99:B2:FD:62:6C:DF:42
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lcG4qUSOqSPJIrwg9Jmy_WJs30I.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
05:d1:4e:08:42:63:25:90:37:6d:25:5d:e3:57:d9:d1:52:fe:
ae:83:37:15:31:b3:38:a7:c3:81:a9:50:31:fd:cb:d0:68:53:
c0:c2:ff:04:37:92:5b:23:f6:7f:09:3f:b6:81:73:d5:e3:b1:
b7:cf:f8:06:f9:fb:f4:4b:1a:cf:d9:54:96:58:74:17:ce:80:
89:63:14:81:63:e5:6b:7a:c0:af:ef:70:db:6d:e6:bb:d0:f7:
61:6a:86:f4:a9:2e:41:54:43:48:cc:41:bc:13:94:69:73:4f:
11:13:56:32:2b:73:fb:e3:c8:66:07:c2:d2:9f:9d:51:39:96:
b9:9e:42:1d:bf:00:0f:33:be:cd:05:c0:39:4d:1f:27:e6:dc:
69:ab:77:a5:f9:c6:9c:ec:e8:57:e3:ea:67:28:ac:db:db:27:
59:e0:d6:e5:86:ab:14:75:84:1c:b1:cd:91:3f:01:aa:21:79:
3f:e5:6f:2f:6c:35:6f:64:5b:7d:35:55:45:18:e4:f5:d2:65:
16:91:44:03:3c:a4:67:c8:5c:7b:2d:05:22:f3:7f:39:e1:77:
a6:ef:8a:71:c3:e2:51:ee:8e:ba:89:00:84:6c:73:d0:97:26:
08:de:20:70:71:10:c3:5b:f8:cc:f2:ed:01:88:2e:d8:80:2d:
aa:8c:24:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBVkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
NTA4MDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1QzFCOEE5NDQ4RUE5
MjNDOTIyQkMyMEY0OTlCMkZENjI2Q0RGNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXB3EIcCQwvYh7tkW0gMjFDbrLMDjN45fctMMxNjjzoDWTik2g
l0LWiTil+vRXsWSYXJApUgJ5Jirc2PkVXyfcUicW++dQSqHXLq+a7YSo129r1nLX
7iAyLV5M9xU7ybjXntpjWBlDw55F/+qC8cTpVotZ7OzHzdY53i7Bu4/UK+bddEw0
l9HaiKxZq4PQ5ZiFKFjaIP1z7HrGcmkVhqbhKaPnF5jY1kpW5xHp37M49TIkM0FT
wM9LfYREHbOIXvQ4a0B8AvIACQ5ZlGeeMbkqxb72xQkY6y2pWefz6PaFIUOWsHiz
fke5nO70NrFR6k76OLEahYiyJ/mDExRjrpnJAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlcG4qUSOqSPJIrwg9Jmy/WJs30IwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sY0c0cVVTT3FTUEpJcndn
OUpteV9XSnMzMEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAXRTghCYyWQN20lXeNX2dFS/q6DNxUxszin
w4GpUDH9y9BoU8DC/wQ3klsj9n8JP7aBc9XjsbfP+Ab5+/RLGs/ZVJZYdBfOgIlj
FIFj5Wt6wK/vcNtt5rvQ92FqhvSpLkFUQ0jMQbwTlGlzTxETVjIrc/vjyGYHwtKf
nVE5lrmeQh2/AA8zvs0FwDlNHyfm3Gmrd6X5xpzs6Ffj6mcorNvbJ1ng1uWGqxR1
hByxzZE/AaoheT/lby9sNW9kW301VUUY5PXSZRaRRAM8pGfIXHstBSLzfznhd6bv
inHD4lHujrqJAIRsc9CXJgjeIHBxEMNb+Mzy7QGILtiALaqMJEI=
-----END CERTIFICATE-----
Generated at Sat May 17 19:42:08 2025 by rpki-client