Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lNzDnapAunmTrIw-9rHnJ5IE5j4.roa
File: lNzDnapAunmTrIw-9rHnJ5IE5j4.roa (raw, json)
Hash identifier: 5NL8TU82v5pgD5Qd32lVRUAcQts2vUSTohlFEF+PCKk=
Subject key identifier: 94:DC:C3:9D:AA:40:BA:79:93:AC:8C:3E:F6:B1:E7:27:92:04:E6:3E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 066D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lNzDnapAunmTrIw-9rHnJ5IE5j4.roa
Signing time: Thu 15 May 2025 15:38:09 +0000
ROA not before: Thu 15 May 2025 15:38:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1645 (0x66d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 15:38:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=94DCC39DAA40BA7993AC8C3EF6B1E7279204E63E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:71:5f:0e:a6:0e:68:57:4e:ad:19:ca:b8:4a:
ac:ca:31:02:8d:37:a7:32:7e:f5:ba:fc:66:bd:0c:
ae:90:59:2d:1c:c9:17:59:37:9b:a0:ba:ae:fb:3c:
55:9b:c1:2d:6d:b6:8c:42:20:bd:0b:3f:55:50:5f:
7d:f4:ad:f2:f0:03:1d:24:e8:a5:e7:21:30:b9:20:
45:eb:20:cf:30:7b:11:ea:55:62:ff:9f:1d:cc:b4:
ed:62:86:3d:6d:ec:df:1d:f1:e5:2c:7f:9f:86:a2:
c6:f9:26:4d:d9:ea:e6:2e:a9:88:5f:12:04:24:d8:
dc:6a:cf:40:17:63:af:07:ed:b2:98:31:c2:c5:b5:
e3:39:cc:7c:95:08:0b:6e:c1:b1:cf:59:c9:52:d2:
0a:2e:36:e0:dd:67:8a:f0:9b:7a:d5:c6:a1:6d:ab:
06:fc:59:f3:55:b3:cc:59:20:54:bb:98:f1:a5:11:
4c:73:a8:91:fa:eb:3b:39:b7:ec:22:84:a4:42:03:
70:70:eb:50:2d:e3:d0:4c:50:6c:07:5d:22:d8:6c:
8e:c6:10:a9:5b:f4:bf:69:ed:1f:8f:60:20:72:9d:
1b:0f:a1:1c:bb:cf:50:47:be:09:70:d6:9d:d6:e7:
ad:51:b5:bd:a6:ef:14:fc:48:c5:c0:fb:c5:4d:28:
f4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DC:C3:9D:AA:40:BA:79:93:AC:8C:3E:F6:B1:E7:27:92:04:E6:3E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lNzDnapAunmTrIw-9rHnJ5IE5j4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a5:5f:2a:a0:61:50:28:f8:25:20:ed:ca:4e:1e:f2:af:e0:90:
51:f3:d7:b0:5a:93:9e:fb:5f:1d:ed:5c:10:54:65:66:a8:f3:
fe:b4:2c:7f:f4:cf:f2:3d:8d:77:4a:a6:d7:85:64:64:9e:fe:
f6:30:35:80:bd:da:d5:7e:09:57:99:ee:04:2f:36:ad:1a:64:
87:fa:48:77:c9:f3:37:78:96:40:35:a6:4f:be:39:9a:6e:88:
81:41:09:5e:1b:c5:16:9b:90:67:1f:e6:13:70:0a:1f:6b:aa:
a1:21:b1:1a:51:c3:2c:4c:cc:b6:e3:71:79:9c:4e:3a:4b:ed:
05:35:f3:1f:8d:80:28:4d:cc:bb:59:23:aa:19:5d:68:12:58:
a7:96:db:c8:74:aa:a4:5f:4d:69:78:2c:a1:c7:40:0a:f3:a5:
06:f7:39:3f:db:e5:ba:96:8b:80:2d:ed:74:e0:a7:83:2f:62:
4f:2d:98:fa:b4:2c:9a:fd:91:8c:bd:04:dd:b6:6e:bf:1b:a6:
fe:a6:d7:d2:fe:d0:04:b2:95:00:d5:7d:0b:53:11:3d:47:d8:
ac:1a:30:ed:b4:dc:0d:d0:6e:d9:3f:e2:f0:28:a7:1e:b1:19:
e5:ab:0c:8b:35:3f:cb:3d:be:3e:4a:d8:78:1d:e7:d9:4a:a6:
ee:6e:c2:66
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUx
NTM4MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk0RENDMzlEQUE0MEJB
Nzk5M0FDOEMzRUY2QjFFNzI3OTIwNEU2M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzcV8Opg5oV06tGcq4SqzKMQKNN6cyfvW6/Ga9DK6QWS0cyRdZ
N5uguq77PFWbwS1ttoxCIL0LP1VQX330rfLwAx0k6KXnITC5IEXrIM8wexHqVWL/
nx3MtO1ihj1t7N8d8eUsf5+Gosb5Jk3Z6uYuqYhfEgQk2Nxqz0AXY68H7bKYMcLF
teM5zHyVCAtuwbHPWclS0gouNuDdZ4rwm3rVxqFtqwb8WfNVs8xZIFS7mPGlEUxz
qJH66zs5t+wihKRCA3Bw61At49BMUGwHXSLYbI7GEKlb9L9p7R+PYCBynRsPoRy7
z1BHvglw1p3W561Rtb2m7xT8SMXA+8VNKPSHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlNzDnapAunmTrIw+9rHnJ5IE5j4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sTnpEbmFwQXVubVRySXct
OXJIbko1SUU1ajQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKVfKqBhUCj4JSDtyk4e8q/gkFHz17Bak577
Xx3tXBBUZWao8/60LH/0z/I9jXdKpteFZGSe/vYwNYC92tV+CVeZ7gQvNq0aZIf6
SHfJ8zd4lkA1pk++OZpuiIFBCV4bxRabkGcf5hNwCh9rqqEhsRpRwyxMzLbjcXmc
TjpL7QU18x+NgChNzLtZI6oZXWgSWKeW28h0qqRfTWl4LKHHQArzpQb3OT/b5bqW
i4At7XTgp4MvYk8tmPq0LJr9kYy9BN22br8bpv6m19L+0ASylQDVfQtTET1H2Kwa
MO203A3Qbtk/4vAopx6xGeWrDIs1P8s9vj5K2Hgd59lKpu5uwmY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:17:46 2025 by rpki-client