Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lbcTLBHeh4yAWdCHNYLh0jyyhHY.roa
File: lbcTLBHeh4yAWdCHNYLh0jyyhHY.roa (raw, json)
Hash identifier: 4qy47fhWlP7v0Smxqayj+sLPsIg/EuiKC/n8gGxSkQk=
Subject key identifier: 95:B7:13:2C:11:DE:87:8C:80:59:D0:87:35:82:E1:D2:3C:B2:84:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 021D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lbcTLBHeh4yAWdCHNYLh0jyyhHY.roa
Signing time: Fri 09 May 2025 21:37:47 +0000
ROA not before: Fri 09 May 2025 21:37:47 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 541 (0x21d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 21:37:47 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=95B7132C11DE878C8059D0873582E1D23CB28476
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c2:f4:e8:79:38:1b:f3:a4:f9:95:34:17:a4:
47:34:1f:bb:ad:01:43:77:14:1e:b0:2c:31:86:1e:
df:a3:48:0c:f3:d3:18:58:ad:8c:9b:4e:d4:38:06:
34:24:37:8b:37:ba:d6:8d:8b:d9:29:d3:5f:24:fa:
ac:f3:a8:e9:2a:36:5d:8a:e9:85:db:eb:58:b1:b7:
d9:c8:9f:1f:38:a8:e5:1e:c5:19:55:a4:0d:5f:3b:
c2:c7:1e:12:b5:83:65:38:f1:31:3c:bc:59:38:05:
25:32:2a:60:3b:85:60:e5:9c:e4:69:56:86:19:d8:
95:24:cd:2f:17:b8:8a:81:d1:09:84:57:b3:97:55:
ac:fd:55:b2:14:41:46:e6:0b:4c:0b:c1:a0:1b:8b:
f2:92:88:21:03:6c:4b:6b:ab:3d:38:2b:db:ab:e9:
da:37:7a:28:5e:35:d6:9a:e5:4d:1c:a4:01:e7:aa:
32:62:f0:e9:a6:52:b5:46:e6:bd:d8:46:70:48:2a:
f0:66:bd:62:27:f5:8c:d4:a9:7a:78:b5:79:d9:a6:
f2:4d:e2:b0:3d:6b:18:f8:a8:9c:db:b6:1e:8f:8b:
67:c0:ab:58:3e:c0:6d:ce:17:76:95:69:da:2c:3c:
75:d6:d7:55:e1:08:1b:43:b6:de:3d:0d:18:55:7f:
b0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B7:13:2C:11:DE:87:8C:80:59:D0:87:35:82:E1:D2:3C:B2:84:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lbcTLBHeh4yAWdCHNYLh0jyyhHY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9d:b5:c4:cc:ab:29:52:fa:a3:0d:72:4a:24:54:29:43:0d:ad:
5b:42:1a:84:83:6a:67:50:c0:22:3a:38:6e:da:6b:6e:3b:d5:
23:86:8a:e7:6e:fb:6c:9b:84:a5:bc:21:c5:de:3f:1c:06:ae:
9f:a4:0c:0b:f2:0e:07:41:d8:d1:d1:33:40:00:9a:de:0a:97:
46:b2:8a:b3:d6:4c:a1:68:c8:40:08:12:80:76:d8:21:3e:bd:
39:27:7a:55:0d:95:1d:95:32:13:b1:bc:31:8e:cb:ac:f7:6d:
f2:ba:d0:f1:39:1b:42:35:2f:07:f5:7b:03:23:6b:77:ca:76:
09:d5:ad:28:8e:81:4a:a7:94:cf:16:b2:1a:d8:9f:4d:31:ba:
16:ee:17:c3:4f:ec:9f:28:92:34:2d:a6:2d:10:69:8e:be:ec:
ad:fe:9e:5a:94:97:0e:1f:ba:a6:1a:b2:33:f2:d7:71:ca:73:
e8:33:b9:6f:94:16:21:69:37:ee:bc:ee:a7:f2:4c:a9:46:5e:
d4:1c:dc:41:9e:e2:57:31:46:f7:b2:e3:78:92:fe:62:f5:69:
ff:43:5e:12:86:f5:29:e8:c3:3e:8d:fc:8f:9e:2b:db:71:0c:
69:d2:97:b2:a9:a5:a5:6f:95:e2:f9:e1:da:a5:5f:7d:ff:3f:
48:b8:d3:0a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDky
MTM3NDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1QjcxMzJDMTFERTg3
OEM4MDU5RDA4NzM1ODJFMUQyM0NCMjg0NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFwvToeTgb86T5lTQXpEc0H7utAUN3FB6wLDGGHt+jSAzz0xhY
rYybTtQ4BjQkN4s3utaNi9kp018k+qzzqOkqNl2K6YXb61ixt9nInx84qOUexRlV
pA1fO8LHHhK1g2U48TE8vFk4BSUyKmA7hWDlnORpVoYZ2JUkzS8XuIqB0QmEV7OX
Vaz9VbIUQUbmC0wLwaAbi/KSiCEDbEtrqz04K9ur6do3eiheNdaa5U0cpAHnqjJi
8OmmUrVG5r3YRnBIKvBmvWIn9YzUqXp4tXnZpvJN4rA9axj4qJzbth6Pi2fAq1g+
wG3OF3aVadosPHXW11XhCBtDtt49DRhVf7BfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlbcTLBHeh4yAWdCHNYLh0jyyhHYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sYmNUTEJIZWg0eUFXZENI
TllMaDBqeXloSFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJ21xMyrKVL6ow1ySiRUKUMNrVtCGoSDamdQ
wCI6OG7aa2471SOGiudu+2ybhKW8IcXePxwGrp+kDAvyDgdB2NHRM0AAmt4Kl0ay
irPWTKFoyEAIEoB22CE+vTknelUNlR2VMhOxvDGOy6z3bfK60PE5G0I1Lwf1ewMj
a3fKdgnVrSiOgUqnlM8WshrYn00xuhbuF8NP7J8okjQtpi0QaY6+7K3+nlqUlw4f
uqYasjPy13HKc+gzuW+UFiFpN+687qfyTKlGXtQc3EGe4lcxRvey43iS/mL1af9D
XhKG9Snowz6N/I+eK9txDGnSl7KppaVvleL54dqlX33/P0i40wo=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:32:36 2025 by rpki-client