Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/1Lq_I3ZuA27NET9xX_wFBOtdKIo.roa
File: 1Lq_I3ZuA27NET9xX_wFBOtdKIo.roa (raw, json)
Hash identifier: 35SG7C42kBpygT7kt/zrFvmU02ndGa8/XGRGxXpxsqs=
Subject key identifier: D4:BA:BF:23:76:6E:03:6E:CD:11:3F:71:5F:FC:05:04:EB:5D:28:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0AFD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1Lq_I3ZuA27NET9xX_wFBOtdKIo.roa
Signing time: Wed 21 May 2025 17:38:19 +0000
ROA not before: Wed 21 May 2025 17:38:19 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2813 (0xafd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 17:38:19 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D4BABF23766E036ECD113F715FFC0504EB5D288A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1b:ec:dc:4d:39:66:08:9b:95:a3:b8:6d:11:
5d:73:52:ae:f9:84:40:78:04:55:d5:04:63:c7:25:
3b:f3:6e:b3:52:9d:8c:c5:15:13:ab:d7:31:ec:82:
2b:43:d2:2a:9e:08:a1:5d:8e:fa:08:ac:bb:e8:6b:
2d:27:36:f6:0d:19:ca:39:ae:15:81:65:0c:dd:25:
db:15:94:da:4e:66:a8:f5:47:5f:15:7b:5d:af:d9:
34:7e:75:ab:38:22:08:9f:cd:6a:37:3c:ed:be:38:
99:bf:23:17:62:bc:f7:04:3d:2c:60:a4:a8:69:53:
10:db:a3:88:bf:8a:eb:05:aa:63:df:1e:01:c9:28:
83:d8:01:84:c9:f7:42:7e:c8:f7:79:fa:45:8d:5c:
59:07:39:9f:f7:eb:7a:f8:77:5e:5f:c0:32:74:6f:
76:15:41:54:fe:54:43:09:55:5b:62:37:9e:f7:fc:
cf:e6:76:a1:f2:14:74:d4:c3:e1:64:95:dd:fa:6f:
65:08:a1:00:45:93:ae:c8:08:66:39:36:71:0b:52:
ce:16:cb:21:2c:5d:dd:ff:20:4f:e9:80:6b:7a:95:
74:45:d0:68:88:ff:8c:62:b5:4d:de:ef:26:18:24:
ae:f4:7c:52:e3:29:bd:3c:1d:08:53:76:2a:a8:4b:
60:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:BA:BF:23:76:6E:03:6E:CD:11:3F:71:5F:FC:05:04:EB:5D:28:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/1Lq_I3ZuA27NET9xX_wFBOtdKIo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:2b:dd:e4:33:41:b8:46:38:4f:98:2b:bb:54:c7:82:94:ce:
74:fe:36:f9:90:3c:a9:d0:c9:ec:5e:74:79:5a:0c:a6:ca:cd:
ab:74:af:47:76:9d:bb:a1:4e:a5:ee:bc:34:1b:a8:83:6e:e6:
da:3c:95:90:4d:c3:12:03:19:d8:44:65:df:20:a9:3b:52:58:
73:31:32:32:a8:c5:40:b8:fd:04:54:35:f0:a9:76:86:03:5b:
07:50:bc:64:df:08:a3:46:6c:43:a1:11:7d:56:ef:fc:59:9e:
b4:cb:df:96:ac:82:ea:34:0b:c4:35:d5:86:35:f6:fe:e9:67:
15:2a:6f:13:4d:a5:9c:29:7d:26:11:c1:3f:1e:3b:fe:29:7e:
cd:87:40:f4:b6:f2:84:44:b6:3b:2c:f6:ee:28:75:2d:d5:78:
60:06:fe:28:2f:ad:b3:ff:15:cf:89:ec:a1:7b:aa:48:2d:28:
cd:7e:25:15:36:6f:bc:8e:00:a7:70:75:5d:1f:1a:c1:6c:df:
e0:af:2d:ee:f0:dc:d7:8c:08:28:73:a2:f7:0f:f7:10:8c:e7:
3a:03:0d:c9:67:f3:f2:3b:f7:df:22:a1:8d:41:79:ac:6c:d6:
01:d0:42:6c:62:07:2e:f2:05:c8:3b:61:00:dd:85:20:c4:40:
5b:fb:96:90
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEx
NzM4MTlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ0QkFCRjIzNzY2RTAz
NkVDRDExM0Y3MTVGRkMwNTA0RUI1RDI4OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7G+zcTTlmCJuVo7htEV1zUq75hEB4BFXVBGPHJTvzbrNSnYzF
FROr1zHsgitD0iqeCKFdjvoIrLvoay0nNvYNGco5rhWBZQzdJdsVlNpOZqj1R18V
e12v2TR+das4IgifzWo3PO2+OJm/IxdivPcEPSxgpKhpUxDbo4i/iusFqmPfHgHJ
KIPYAYTJ90J+yPd5+kWNXFkHOZ/363r4d15fwDJ0b3YVQVT+VEMJVVtiN573/M/m
dqHyFHTUw+Fkld36b2UIoQBFk67ICGY5NnELUs4WyyEsXd3/IE/pgGt6lXRF0GiI
/4xitU3e7yYYJK70fFLjKb08HQhTdiqoS2ChAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU1Lq/I3ZuA27NET9xX/wFBOtdKIowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8xTHFfSTNadUEyN05FVDl4
WF93RkJPdGRLSW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBADgr3eQzQbhGOE+YK7tUx4KUznT+NvmQPKnQ
yexedHlaDKbKzat0r0d2nbuhTqXuvDQbqINu5to8lZBNwxIDGdhEZd8gqTtSWHMx
MjKoxUC4/QRUNfCpdoYDWwdQvGTfCKNGbEOhEX1W7/xZnrTL35asguo0C8Q11YY1
9v7pZxUqbxNNpZwpfSYRwT8eO/4pfs2HQPS28oREtjss9u4odS3VeGAG/igvrbP/
Fc+J7KF7qkgtKM1+JRU2b7yOAKdwdV0fGsFs3+CvLe7w3NeMCChzovcP9xCM5zoD
Dcln8/I7998ioY1Beaxs1gHQQmxiBy7yBcg7YQDdhSDEQFv7lpA=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:15:02 2025 by rpki-client