Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lcWR7D2IgoW3LguhPXuCzlP_4tE.roa
File: lcWR7D2IgoW3LguhPXuCzlP_4tE.roa (raw, json)
Hash identifier: PHM++qjpOyJthPMR5/Ohc1S6eW/u/zZEu81ymF1QAsA=
Subject key identifier: 95:C5:91:EC:3D:88:82:85:B7:2E:0B:A1:3D:7B:82:CE:53:FF:E2:D1
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 22A5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lcWR7D2IgoW3LguhPXuCzlP_4tE.roa
Signing time: Sun 22 Jun 2025 18:12:01 +0000
ROA not before: Sun 22 Jun 2025 18:12:01 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8869 (0x22a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 22 18:12:01 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=95C591EC3D888285B72E0BA13D7B82CE53FFE2D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ec:87:83:5b:83:4d:ae:97:9e:07:c9:6f:88:
df:31:13:c1:35:97:3e:7d:a5:db:69:90:85:de:3f:
14:ce:87:12:d4:f7:0e:78:8b:31:10:34:c5:28:2f:
9d:6d:ed:bb:19:30:a6:8c:bf:54:cd:e3:91:19:44:
f1:f5:34:da:c9:fc:b6:e7:ff:f9:10:72:00:a1:91:
40:38:9f:a5:45:69:8b:c3:77:47:77:e7:9e:de:7b:
5e:f7:ad:b3:5a:66:eb:d0:a4:6c:15:d5:08:23:9a:
d5:c4:3b:ad:ec:5b:f3:38:fc:05:59:d2:51:fb:d6:
8e:11:bc:05:f6:d2:c1:85:40:27:03:7d:fa:c6:e2:
d3:08:b1:0f:3d:87:e3:bb:3d:86:f9:f4:c3:5a:43:
97:f4:45:ed:e9:cb:06:8b:dc:67:8d:90:7c:3c:27:
ad:6a:fd:d7:12:bf:18:ba:68:50:8d:1c:46:d0:3a:
73:16:1f:e7:86:62:b2:37:7a:66:22:b9:f1:dd:dd:
d3:73:01:9d:3d:4d:8d:20:e0:6c:d4:32:f8:dd:97:
6e:f4:93:92:00:02:8c:12:4f:e3:8e:cc:84:f8:d9:
39:ec:1e:2f:82:9a:af:61:2c:dd:0e:1b:9f:72:58:
04:87:2b:bd:f9:3d:42:05:68:62:f0:8c:a9:57:7c:
c3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C5:91:EC:3D:88:82:85:B7:2E:0B:A1:3D:7B:82:CE:53:FF:E2:D1
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lcWR7D2IgoW3LguhPXuCzlP_4tE.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:bf:f6:3a:28:99:e2:22:06:c0:52:23:d0:85:f8:48:d5:90:
9e:87:0a:28:36:19:66:cb:d5:65:f5:2e:a8:11:a1:9b:4a:da:
be:6c:93:1b:6c:3e:c7:7e:12:82:2e:e9:e1:cc:75:65:64:9a:
3c:ed:a9:61:d0:18:31:8c:51:af:83:ce:e6:5f:04:86:40:d7:
07:b8:71:40:56:31:ae:9a:bd:41:8b:12:5e:a8:31:34:4f:95:
27:8f:20:76:a7:f3:b9:21:38:2a:ae:cc:9d:15:cc:cf:b0:e2:
4b:2c:73:9c:ea:42:9a:28:3b:38:58:d9:7c:9d:fb:b6:0f:5a:
12:4d:dd:0f:a0:f7:f2:6a:93:99:c6:1f:1e:a4:57:f2:b5:ca:
08:7b:7c:72:3e:9c:df:f7:0b:04:95:d6:d5:35:32:24:30:56:
9a:9e:77:66:01:76:70:b8:29:55:2e:61:2a:7a:9d:3a:a7:dc:
b1:82:5a:b8:15:bf:61:8c:80:b4:a4:aa:80:60:d9:4e:a1:c9:
1e:fe:b6:ec:44:59:58:c1:15:69:f9:37:69:4e:15:42:83:bf:
10:2e:b3:6f:ba:21:d4:37:3c:38:e7:14:c3:6f:58:c0:78:32:
22:75:67:e6:f9:19:44:f3:bd:65:8a:54:b4:d1:fa:2a:ab:7e:
9c:1c:82:db
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIqUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjIx
ODEyMDFaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1QzU5MUVDM0Q4ODgy
ODVCNzJFMEJBMTNEN0I4MkNFNTNGRkUyRDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT7IeDW4NNrpeeB8lviN8xE8E1lz59pdtpkIXePxTOhxLU9w54
izEQNMUoL51t7bsZMKaMv1TN45EZRPH1NNrJ/Lbn//kQcgChkUA4n6VFaYvDd0d3
557ee173rbNaZuvQpGwV1QgjmtXEO63sW/M4/AVZ0lH71o4RvAX20sGFQCcDffrG
4tMIsQ89h+O7PYb59MNaQ5f0Re3pywaL3GeNkHw8J61q/dcSvxi6aFCNHEbQOnMW
H+eGYrI3emYiufHd3dNzAZ09TY0g4GzUMvjdl270k5IAAowST+OOzIT42TnsHi+C
mq9hLN0OG59yWASHK735PUIFaGLwjKlXfMPHAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlcWR7D2IgoW3LguhPXuCzlP/4tEwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sY1dSN0QySWdvVzNMZ3Vo
UFh1Q3psUF80dEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABO/9joomeIiBsBSI9CF+EjVkJ6HCig2GWbL
1WX1LqgRoZtK2r5skxtsPsd+EoIu6eHMdWVkmjztqWHQGDGMUa+DzuZfBIZA1we4
cUBWMa6avUGLEl6oMTRPlSePIHan87khOCquzJ0VzM+w4kssc5zqQpooOzhY2Xyd
+7YPWhJN3Q+g9/Jqk5nGHx6kV/K1ygh7fHI+nN/3CwSV1tU1MiQwVpqed2YBdnC4
KVUuYSp6nTqn3LGCWrgVv2GMgLSkqoBg2U6hyR7+tuxEWVjBFWn5N2lOFUKDvxAu
s2+6IdQ3PDjnFMNvWMB4MiJ1Z+b5GUTzvWWKVLTR+iqrfpwcgts=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:44:22 2025 by rpki-client