Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/Ldpv9I1xbP1seJRF0RpMD7jAsRA.roa
File: Ldpv9I1xbP1seJRF0RpMD7jAsRA.roa (raw, json)
Hash identifier: SDuCFvXB33i9dWhxtDInivD11WSy+syPKConBJ7OwmA=
Subject key identifier: 2D:DA:6F:F4:8D:71:6C:FD:6C:78:94:45:D1:1A:4C:0F:B8:C0:B1:10
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1A39
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ldpv9I1xbP1seJRF0RpMD7jAsRA.roa
Signing time: Wed 11 Jun 2025 01:09:53 +0000
ROA not before: Wed 11 Jun 2025 01:09:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6713 (0x1a39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 11 01:09:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=2DDA6FF48D716CFD6C789445D11A4C0FB8C0B110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:87:a8:de:43:7f:c3:07:36:22:93:78:f6:3d:
52:b7:fd:9b:ab:6a:3a:63:5a:0b:32:3e:24:22:e1:
66:f4:0a:eb:81:f3:10:05:ef:97:41:ca:4c:59:3d:
4d:2f:52:bc:e3:a8:79:74:32:14:34:81:ac:7e:93:
4f:eb:4b:0c:c1:73:e8:ce:22:9d:14:0a:fc:68:24:
d4:a3:63:c3:08:ec:f7:9c:f7:1b:b1:14:4d:95:1a:
e6:65:db:7b:15:db:1c:26:30:a5:25:04:4b:fd:69:
d4:b9:17:3c:c9:45:57:fa:15:5c:c4:96:2b:86:98:
16:5a:f6:89:ed:06:53:cc:cc:fe:1b:bd:10:de:52:
44:f0:c4:8b:72:0c:48:61:61:d9:4e:d1:84:83:b7:
37:c9:a4:5e:10:df:e2:44:c4:29:d1:1b:fa:0c:a0:
bb:41:e8:e3:3b:20:45:90:d3:2a:21:a6:e4:86:41:
a5:08:6f:b2:9c:67:b4:a3:96:c4:d3:d9:08:a9:ca:
38:c8:fc:d0:ff:7c:f7:8d:4e:dc:3c:fc:e7:0e:74:
52:0c:c2:32:0a:f0:7c:88:62:d5:f4:4c:cc:17:73:
30:10:a1:a5:99:40:d9:98:16:3f:3d:a0:38:c7:48:
89:55:0f:a3:3b:5c:b7:df:ca:3a:e5:90:c1:cb:5d:
b9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DA:6F:F4:8D:71:6C:FD:6C:78:94:45:D1:1A:4C:0F:B8:C0:B1:10
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/Ldpv9I1xbP1seJRF0RpMD7jAsRA.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:cb:55:e6:36:25:a9:30:04:03:19:73:87:42:8d:71:52:3c:
21:28:5b:8e:d7:54:27:d0:bf:b6:28:fc:07:74:00:e2:c2:54:
79:4c:bc:fe:86:bd:c5:8a:30:38:c6:8d:8d:81:9a:90:65:db:
cb:0f:48:b2:a4:2c:63:03:e1:bf:0f:89:8f:22:ce:08:a3:69:
3c:01:85:c8:be:f7:7f:8d:d0:50:42:45:00:58:b8:f8:96:42:
8c:87:84:47:b5:c4:55:f8:f3:05:70:60:aa:8d:0a:f9:9f:d5:
78:e2:4e:d1:31:d2:59:bc:7d:47:06:be:d4:c2:7d:78:f8:eb:
1a:5e:6a:1a:6c:f4:0a:de:53:c8:a8:9a:af:37:e1:d5:4b:3d:
81:fc:45:06:5c:3a:58:94:ad:04:11:7f:82:08:a0:8e:e2:05:
9a:0d:a8:1f:64:b9:9e:e9:77:9f:47:4a:07:99:e2:57:bb:8c:
dd:f0:b8:a9:be:33:48:90:4f:15:1f:2c:31:7c:56:e4:5c:d6:
20:fb:a9:a1:20:e4:15:8e:de:fa:22:04:83:82:3f:11:66:12:
7b:53:28:58:51:92:c5:0e:94:8f:6c:46:09:56:58:1f:43:70:
ec:45:9a:d6:3e:b9:5c:cf:25:5d:0b:4e:8b:07:20:e3:18:eb:
5b:38:84:ca
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICGjkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTEw
MTA5NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDJEREE2RkY0OEQ3MTZD
RkQ2Qzc4OTQ0NUQxMUE0QzBGQjhDMEIxMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKh6jeQ3/DBzYik3j2PVK3/ZurajpjWgsyPiQi4Wb0CuuB8xAF
75dBykxZPU0vUrzjqHl0MhQ0gax+k0/rSwzBc+jOIp0UCvxoJNSjY8MI7Pec9xux
FE2VGuZl23sV2xwmMKUlBEv9adS5FzzJRVf6FVzEliuGmBZa9ontBlPMzP4bvRDe
UkTwxItyDEhhYdlO0YSDtzfJpF4Q3+JExCnRG/oMoLtB6OM7IEWQ0yohpuSGQaUI
b7KcZ7SjlsTT2QipyjjI/ND/fPeNTtw8/OcOdFIMwjIK8HyIYtX0TMwXczAQoaWZ
QNmYFj89oDjHSIlVD6M7XLffyjrlkMHLXbnLAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQULdpv9I1xbP1seJRF0RpMD7jAsRAwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9MZHB2OUkxeGJQMXNlSlJG
MFJwTUQ3akFzUkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJnLVeY2JakwBAMZc4dCjXFSPCEoW47XVCfQ
v7Yo/Ad0AOLCVHlMvP6GvcWKMDjGjY2BmpBl28sPSLKkLGMD4b8PiY8izgijaTwB
hci+93+N0FBCRQBYuPiWQoyHhEe1xFX48wVwYKqNCvmf1XjiTtEx0lm8fUcGvtTC
fXj46xpeahps9AreU8iomq834dVLPYH8RQZcOliUrQQRf4IIoI7iBZoNqB9kuZ7p
d59HSgeZ4le7jN3wuKm+M0iQTxUfLDF8VuRc1iD7qaEg5BWO3voiBIOCPxFmEntT
KFhRksUOlI9sRglWWB9DcOxFmtY+uVzPJV0LTosHIOMY61s4hMo=
-----END CERTIFICATE-----
Generated at Sun Jun 22 06:27:32 2025 by rpki-client