Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lkZPALxfSk2JpykHlM6YGihWa74.roa
File: lkZPALxfSk2JpykHlM6YGihWa74.roa (raw, json)
Hash identifier: m6oQFtLxRwKRamxVJtLWB2Oi9CBdoxI3Y58N/n/drhs=
Subject key identifier: 96:46:4F:00:BC:5F:4A:4D:89:A7:29:07:94:CE:98:1A:28:56:6B:BE
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0285
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lkZPALxfSk2JpykHlM6YGihWa74.roa
Signing time: Sat 10 May 2025 10:37:49 +0000
ROA not before: Sat 10 May 2025 10:37:49 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 645 (0x285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 10:37:49 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=96464F00BC5F4A4D89A7290794CE981A28566BBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ee:5d:62:db:62:83:7b:c6:88:7b:b3:48:fa:
91:b1:dd:26:9f:ab:7f:26:88:49:a6:6d:b5:b8:af:
e4:78:dd:f8:6c:b4:b2:96:c2:8c:e4:f6:81:37:19:
6e:27:5c:eb:cd:96:94:e2:71:62:f5:8f:7b:31:b7:
2d:07:02:b6:d4:5a:2e:4d:8f:4d:3a:39:0c:c4:06:
38:7c:94:4f:41:55:5f:b8:17:e4:f7:9a:66:84:43:
53:22:7e:1c:d9:83:f5:6b:2b:3a:98:ae:9a:4b:1d:
cb:03:74:2e:ee:47:b9:c1:71:2a:9b:b2:8d:7b:32:
86:65:2d:23:7d:b9:6c:ce:bb:da:40:f1:1f:6a:fc:
74:28:eb:83:03:26:54:ef:16:8e:09:a6:e9:3a:65:
43:ad:1d:38:a1:0a:03:64:38:5f:1b:63:d4:f1:50:
fa:a0:d4:d7:b7:41:61:d6:19:dd:b2:e5:63:81:dc:
90:4e:34:e8:f7:3e:68:82:a4:ec:61:ad:12:97:a3:
88:45:5f:be:3a:19:0e:0e:e4:af:3b:45:d0:5c:ad:
18:b1:f5:92:1a:6a:81:ce:02:0f:98:d6:09:39:4f:
ae:7f:7a:00:08:f3:6a:16:bf:63:5d:c1:32:23:5a:
91:0f:45:eb:df:ee:b8:9d:d8:08:c0:82:1c:19:ce:
43:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:46:4F:00:BC:5F:4A:4D:89:A7:29:07:94:CE:98:1A:28:56:6B:BE
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lkZPALxfSk2JpykHlM6YGihWa74.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3b:b7:a0:8a:cc:1a:73:6d:ff:51:94:8d:b6:fc:8b:5d:ce:d6:
15:8a:b8:78:1c:7f:18:1a:a5:74:92:1f:58:e7:ed:49:b8:e2:
1b:ce:6a:ff:dd:23:d6:84:59:f1:c3:ee:01:30:3e:21:f4:ab:
af:5a:78:8f:88:de:da:ea:0c:b2:cc:a5:cc:96:8f:06:24:f1:
12:41:ad:27:8d:5f:d4:e6:07:b0:e3:9e:c8:5c:fa:51:cb:0d:
bf:cf:8f:be:60:81:5d:63:cc:24:ad:9b:a6:2b:c7:e0:a3:a9:
f6:34:7f:aa:da:d5:b5:91:fc:ac:2d:08:d5:ae:c3:02:0e:01:
34:83:5a:66:e5:e5:77:b3:69:68:51:a0:42:5c:7a:20:ff:42:
e2:8f:63:fe:3b:30:23:40:c5:be:a0:54:32:44:61:8d:7d:a3:
af:cf:1d:b1:5d:e0:f4:70:52:ee:15:d7:92:1b:ac:ff:52:d0:
11:97:ae:15:a7:bf:8a:cc:e3:e1:bc:1d:2e:04:89:9b:8c:1c:
4d:a7:ec:88:9a:ea:b3:63:72:14:f9:bb:8d:2e:35:3f:a0:79:
29:92:22:a8:1d:1c:98:19:5e:6d:f4:ea:d7:44:39:d1:2e:73:
9b:ff:1b:f2:09:fd:0b:17:8b:cd:b2:b5:0c:1e:ec:fa:b0:e3:
75:17:24:73
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAoUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
MDM3NDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk2NDY0RjAwQkM1RjRB
NEQ4OUE3MjkwNzk0Q0U5ODFBMjg1NjZCQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX7l1i22KDe8aIe7NI+pGx3Safq38miEmmbbW4r+R43fhstLKW
wozk9oE3GW4nXOvNlpTicWL1j3sxty0HArbUWi5Nj006OQzEBjh8lE9BVV+4F+T3
mmaEQ1MifhzZg/VrKzqYrppLHcsDdC7uR7nBcSqbso17MoZlLSN9uWzOu9pA8R9q
/HQo64MDJlTvFo4Jpuk6ZUOtHTihCgNkOF8bY9TxUPqg1Ne3QWHWGd2y5WOB3JBO
NOj3PmiCpOxhrRKXo4hFX746GQ4O5K87RdBcrRix9ZIaaoHOAg+Y1gk5T65/egAI
82oWv2NdwTIjWpEPRevf7rid2AjAghwZzkNfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlkZPALxfSk2JpykHlM6YGihWa74wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sa1pQQUx4ZlNrMkpweWtI
bE02WUdpaFdhNzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADu3oIrMGnNt/1GUjbb8i13O1hWKuHgcfxga
pXSSH1jn7Um44hvOav/dI9aEWfHD7gEwPiH0q69aeI+I3trqDLLMpcyWjwYk8RJB
rSeNX9TmB7Djnshc+lHLDb/Pj75ggV1jzCStm6Yrx+CjqfY0f6ra1bWR/KwtCNWu
wwIOATSDWmbl5XezaWhRoEJceiD/QuKPY/47MCNAxb6gVDJEYY19o6/PHbFd4PRw
Uu4V15IbrP9S0BGXrhWnv4rM4+G8HS4EiZuMHE2n7Iia6rNjchT5u40uNT+geSmS
IqgdHJgZXm306tdEOdEuc5v/G/IJ/QsXi82ytQwe7Pqw43UXJHM=
-----END CERTIFICATE-----
Generated at Sun May 18 03:59:49 2025 by rpki-client