Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lV3SqZm-la5xJcZQGajdYSp9yJY.roa
File: lV3SqZm-la5xJcZQGajdYSp9yJY.roa (raw, json)
Hash identifier: vHg+FY7onP/XsXlyTeWE95OWhNXoYMq52eRsh4Ai/K8=
Subject key identifier: 95:5D:D2:A9:99:BE:95:AE:71:25:C6:50:19:A8:DD:61:2A:7D:C8:96
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 14A5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lV3SqZm-la5xJcZQGajdYSp9yJY.roa
Signing time: Tue 03 Jun 2025 14:39:15 +0000
ROA not before: Tue 03 Jun 2025 14:39:15 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5285 (0x14a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 3 14:39:15 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=955DD2A999BE95AE7125C65019A8DD612A7DC896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:96:fd:3b:91:9e:e7:d3:86:3e:f6:6c:06:f7:
2e:e2:17:25:97:74:2e:d4:3e:9c:9f:30:c4:38:82:
b9:6d:1b:2e:b2:ce:de:3f:75:96:de:a7:cd:86:da:
e1:20:7c:e7:aa:52:e8:5b:82:8f:88:9c:22:a2:22:
4d:9a:d9:25:21:e8:58:8d:2e:0e:43:04:99:8d:10:
43:c7:09:f0:ea:6e:5d:b9:8a:51:58:03:ef:a2:a6:
b4:5f:99:6a:12:91:cb:0d:e1:ee:e7:ff:c9:41:4e:
96:db:b1:59:82:2e:51:3d:1d:a3:2f:cd:6e:bf:68:
52:0c:44:a0:85:52:1c:f6:44:a2:61:75:07:32:5c:
71:52:69:a9:68:de:ca:e2:2a:b5:10:bd:0f:0e:74:
2a:6c:ef:80:14:fb:fe:b1:0a:c4:bc:89:26:c3:5a:
a1:ba:be:fa:e3:33:3c:a2:7a:6b:ca:8e:c1:c8:ac:
9b:6a:d8:65:d3:d8:78:f5:17:e2:b5:a7:e0:dd:21:
e7:cd:ae:ba:72:db:2e:0a:43:39:66:74:7d:dc:13:
b6:f3:38:7b:92:27:6a:d4:18:c4:47:92:17:f8:19:
0a:3f:35:0e:24:63:b1:12:c9:30:ea:6e:9b:1c:2f:
d4:4d:2f:79:d5:0e:2a:66:0c:ce:93:8a:24:9f:a4:
56:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:5D:D2:A9:99:BE:95:AE:71:25:C6:50:19:A8:DD:61:2A:7D:C8:96
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lV3SqZm-la5xJcZQGajdYSp9yJY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:aa:be:03:e4:5c:f3:6e:97:50:60:a1:8c:45:6c:f4:5d:6a:
3e:f0:15:37:d7:5c:41:02:d8:05:44:19:00:4d:0c:e1:2f:7c:
c1:70:f6:e5:5c:2d:e8:1a:8d:78:6d:c5:7b:9e:b4:a7:58:fb:
3d:60:20:8d:6a:a7:6e:cb:b9:cd:4b:35:cd:e8:84:3d:05:e1:
0b:ee:c1:17:3d:dd:92:3b:c7:9c:3c:1e:a0:ce:0a:58:57:a5:
bb:c1:0d:4c:f8:13:18:60:63:1e:be:b8:c9:6b:e0:34:76:f1:
c0:fb:20:46:2a:25:87:54:bf:af:c8:11:78:cf:aa:dd:a1:4d:
f5:01:71:9a:20:ee:17:bf:c7:15:2c:2d:64:80:03:05:87:80:
97:2c:ce:93:9b:22:d2:f6:ab:5a:8c:40:e5:07:23:34:e0:f8:
49:72:83:b9:da:6b:1a:aa:08:d1:ba:30:cc:af:c7:79:53:e2:
33:a1:a3:01:57:9f:09:a3:7a:e3:30:7c:d9:60:74:6a:18:09:
9d:55:22:1b:39:8d:7c:38:c0:83:0c:50:8c:11:08:d9:15:2b:
3f:12:81:e7:ba:79:0d:6d:06:8f:13:9c:37:ad:27:2f:b3:51:
1e:fd:fd:24:e3:cc:a3:c9:40:09:09:d6:d1:76:8e:49:a9:a9:
e9:f9:82:9b
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICFKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDMx
NDM5MTVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1NUREMkE5OTlCRTk1
QUU3MTI1QzY1MDE5QThERDYxMkE3REM4OTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtlv07kZ7n04Y+9mwG9y7iFyWXdC7UPpyfMMQ4grltGy6yzt4/
dZbep82G2uEgfOeqUuhbgo+InCKiIk2a2SUh6FiNLg5DBJmNEEPHCfDqbl25ilFY
A++iprRfmWoSkcsN4e7n/8lBTpbbsVmCLlE9HaMvzW6/aFIMRKCFUhz2RKJhdQcy
XHFSaalo3sriKrUQvQ8OdCps74AU+/6xCsS8iSbDWqG6vvrjMzyiemvKjsHIrJtq
2GXT2Hj1F+K1p+DdIefNrrpy2y4KQzlmdH3cE7bzOHuSJ2rUGMRHkhf4GQo/NQ4k
Y7ESyTDqbpscL9RNL3nVDipmDM6TiiSfpFY9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlV3SqZm+la5xJcZQGajdYSp9yJYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sVjNTcVptLWxhNXhKY1pR
R2FqZFlTcDl5Slkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAaqvgPkXPNul1BgoYxFbPRdaj7wFTfXXEEC
2AVEGQBNDOEvfMFw9uVcLegajXhtxXuetKdY+z1gII1qp27Luc1LNc3ohD0F4Qvu
wRc93ZI7x5w8HqDOClhXpbvBDUz4ExhgYx6+uMlr4DR28cD7IEYqJYdUv6/IEXjP
qt2hTfUBcZog7he/xxUsLWSAAwWHgJcszpObItL2q1qMQOUHIzTg+Elyg7naaxqq
CNG6MMyvx3lT4jOhowFXnwmjeuMwfNlgdGoYCZ1VIhs5jXw4wIMMUIwRCNkVKz8S
gee6eQ1tBo8TnDetJy+zUR79/STjzKPJQAkJ1tF2jkmpqen5gps=
-----END CERTIFICATE-----
Generated at Sun Jun 22 03:58:25 2025 by rpki-client