Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lcWaoT_31sXBMH4xe_NsyhYpQwI.roa
File: lcWaoT_31sXBMH4xe_NsyhYpQwI.roa (raw, json)
Hash identifier: XWciTqKNevF0eJT867nISGwyx9X/UN513HJnVGFvG8M=
Subject key identifier: 95:C5:9A:A1:3F:F7:D6:C5:C1:30:7E:31:7B:F3:6C:CA:16:29:43:02
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0541
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lcWaoT_31sXBMH4xe_NsyhYpQwI.roa
Signing time: Wed 14 May 2025 02:08:00 +0000
ROA not before: Wed 14 May 2025 02:08:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1345 (0x541)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 02:08:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=95C59AA13FF7D6C5C1307E317BF36CCA16294302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ba:66:8d:9f:fc:f6:93:2b:5b:a6:7e:49:b2:
4d:cc:cc:3e:d0:e7:49:17:b9:e2:76:e1:c4:d1:6e:
83:79:5d:fc:39:8f:d3:2d:30:b2:c1:df:fc:3f:e1:
ef:9f:c0:6f:49:04:df:6b:cc:b3:f9:ad:98:53:3c:
11:f5:8d:d5:89:f5:81:17:d7:46:52:9f:5e:f9:07:
55:54:77:3d:ac:4e:ae:ce:58:e1:9a:7a:56:47:8e:
5d:9c:4e:4a:52:dc:1f:f2:ee:e9:b5:a0:ee:91:09:
b1:06:6c:09:94:f9:0a:3c:99:ba:d3:11:89:91:6d:
c7:2a:7a:c6:71:1e:da:4a:a5:81:bd:a4:14:5d:64:
fc:a9:92:3e:bb:22:65:68:c5:31:be:59:5f:94:81:
65:f8:2b:76:25:d8:60:5b:b4:49:77:22:ab:52:09:
78:5f:1c:86:3f:2f:9e:e2:e7:31:2a:e2:5a:88:21:
77:e1:26:26:56:e4:ea:08:db:30:6b:9c:9e:6b:ad:
bd:ac:30:b0:b0:ae:84:78:1f:4c:79:a7:88:23:51:
6d:a5:47:80:a2:ef:2e:93:b6:fe:43:81:ff:cd:26:
df:55:5d:50:55:6b:fb:42:e9:9e:38:fd:54:5b:55:
7e:7f:77:1f:d4:3d:85:04:4f:c5:b5:22:fc:8e:1b:
d4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C5:9A:A1:3F:F7:D6:C5:C1:30:7E:31:7B:F3:6C:CA:16:29:43:02
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lcWaoT_31sXBMH4xe_NsyhYpQwI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:ec:0c:9a:c0:69:7f:ba:38:1b:33:d3:26:e9:e8:a9:f8:29:
d9:b5:2a:86:6b:72:0c:a8:2c:51:43:c7:4a:05:26:53:99:0d:
86:ba:92:09:e9:12:bc:82:64:fa:76:af:8b:01:95:f2:73:24:
be:59:c5:c8:6e:33:d0:f5:e8:b8:28:e0:58:5a:e7:0c:cb:27:
1e:2d:af:e6:9c:c1:3c:71:07:d3:23:6e:b1:f8:af:65:fc:51:
ad:9a:34:06:19:db:49:dd:cc:50:f3:94:e4:dc:31:4e:c0:ae:
f8:9f:4f:10:c2:17:34:55:56:0e:fe:f2:0f:4a:09:86:dc:db:
0c:b3:b1:e5:57:8e:41:d1:65:09:50:a3:3b:77:d0:fb:16:f5:
e4:0b:0d:90:13:fb:20:93:26:bb:d2:22:19:80:7b:7e:fc:c5:
b4:93:8a:5c:66:c0:ec:05:8b:72:63:1e:98:49:53:f4:e2:58:
71:ee:ea:1c:75:68:8d:d2:5f:81:fe:e2:1d:72:4e:f5:be:95:
08:6a:76:6b:77:7a:a1:f2:10:f4:da:15:97:66:11:cf:19:2b:
4c:7d:fd:a3:f5:3e:72:13:0a:9e:bf:5e:f9:40:69:85:99:dc:
99:85:16:a1:76:f1:5f:94:27:11:6d:57:ae:88:3e:eb:62:05:
7e:a2:52:2d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQw
MjA4MDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1QzU5QUExM0ZGN0Q2
QzVDMTMwN0UzMTdCRjM2Q0NBMTYyOTQzMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3umaNn/z2kytbpn5Jsk3MzD7Q50kXueJ24cTRboN5Xfw5j9Mt
MLLB3/w/4e+fwG9JBN9rzLP5rZhTPBH1jdWJ9YEX10ZSn175B1VUdz2sTq7OWOGa
elZHjl2cTkpS3B/y7um1oO6RCbEGbAmU+Qo8mbrTEYmRbccqesZxHtpKpYG9pBRd
ZPypkj67ImVoxTG+WV+UgWX4K3Yl2GBbtEl3IqtSCXhfHIY/L57i5zEq4lqIIXfh
JiZW5OoI2zBrnJ5rrb2sMLCwroR4H0x5p4gjUW2lR4Ci7y6Ttv5Dgf/NJt9VXVBV
a/tC6Z44/VRbVX5/dx/UPYUET8W1IvyOG9TBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlcWaoT/31sXBMH4xe/NsyhYpQwIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sY1dhb1RfMzFzWEJNSDR4
ZV9Oc3loWXBRd0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAIPsDJrAaX+6OBsz0ybp6Kn4Kdm1KoZrcgyo
LFFDx0oFJlOZDYa6kgnpEryCZPp2r4sBlfJzJL5ZxchuM9D16Lgo4Fha5wzLJx4t
r+acwTxxB9MjbrH4r2X8Ua2aNAYZ20ndzFDzlOTcMU7ArvifTxDCFzRVVg7+8g9K
CYbc2wyzseVXjkHRZQlQozt30PsW9eQLDZAT+yCTJrvSIhmAe378xbSTilxmwOwF
i3JjHphJU/TiWHHu6hx1aI3SX4H+4h1yTvW+lQhqdmt3eqHyEPTaFZdmEc8ZK0x9
/aP1PnITCp6/XvlAaYWZ3JmFFqF28V+UJxFtV66IPutiBX6iUi0=
-----END CERTIFICATE-----
Generated at Sun Jun 22 17:48:47 2025 by rpki-client