Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/-QnvAAgQ0ecqzVS-XVAc6U4m3d8.roa
File: -QnvAAgQ0ecqzVS-XVAc6U4m3d8.roa (raw, json)
Hash identifier: zXMDztXFXX1Fut145QrR0rgCg4Se4hIrYV8LhOXB9Sg=
Subject key identifier: F9:09:EF:00:08:10:D1:E7:2A:CD:54:BE:5D:50:1C:E9:4E:26:DD:DF
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0291
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-QnvAAgQ0ecqzVS-XVAc6U4m3d8.roa
Signing time: Sat 10 May 2025 12:07:52 +0000
ROA not before: Sat 10 May 2025 12:07:52 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 657 (0x291)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 10 12:07:52 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=F909EF000810D1E72ACD54BE5D501CE94E26DDDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a5:fd:6a:8a:ec:d1:96:90:96:a1:2d:0b:2a:
ee:26:70:09:ab:ca:31:48:91:dc:7d:62:73:a8:61:
10:20:36:d1:8c:02:a3:81:62:80:3d:de:4f:1a:e7:
52:62:62:4f:27:4f:4a:db:f0:60:3b:46:de:44:2d:
e2:b3:d7:b6:52:79:7c:6f:33:13:06:f4:23:1b:fd:
1d:29:01:56:bf:f6:08:1c:44:02:c5:ea:9b:1a:4e:
3a:89:3f:34:63:ca:e7:51:f3:42:4c:c0:52:d2:dc:
f2:78:63:a2:c9:2b:7a:19:e4:31:b0:e6:8a:b5:c6:
83:fb:cf:4f:4a:d5:5f:80:c8:3f:35:2b:e0:59:8f:
06:80:06:ed:dc:7a:63:48:6b:d9:09:16:20:fd:63:
7c:3e:5b:5e:a8:31:b8:7d:ce:21:a8:e8:bb:e0:0b:
8e:41:66:36:2c:6c:5d:e9:14:c4:7d:24:be:37:33:
a6:2b:9b:d5:07:9a:52:9d:01:bd:a0:d2:87:0c:5b:
0a:2e:ac:70:7d:8d:7d:b7:3b:98:04:a0:8c:82:6f:
4d:1a:1d:f3:3e:35:53:88:b5:09:a6:2c:22:a9:43:
2f:dc:eb:27:e0:8a:74:48:d0:27:a1:58:d8:74:7a:
ee:6c:24:4e:77:13:5f:2d:98:9b:2b:b5:10:6a:f7:
24:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:09:EF:00:08:10:D1:E7:2A:CD:54:BE:5D:50:1C:E9:4E:26:DD:DF
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/-QnvAAgQ0ecqzVS-XVAc6U4m3d8.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:5e:2f:06:76:57:db:98:8d:6c:fb:04:eb:6d:de:47:16:0d:
92:06:9a:1c:16:23:41:88:a4:03:46:cb:93:93:af:b7:c9:43:
0d:7a:21:c0:74:ee:d0:38:c8:82:20:1f:de:a8:07:a4:41:d8:
32:f6:be:b3:95:5c:99:5d:76:bc:52:93:83:3f:27:ef:9d:c5:
ac:9c:d7:d5:44:c4:71:e0:8a:48:4e:c0:fd:c6:13:21:ae:6b:
aa:df:55:3e:0c:32:cc:96:51:6c:31:ff:9c:cf:5f:04:a3:f9:
fd:e3:6a:c8:86:6f:65:ed:87:89:c9:50:63:cf:34:f3:87:91:
cf:aa:d5:11:9d:ba:c0:45:72:4b:d7:a5:3e:a9:62:69:b6:7b:
ee:70:09:aa:62:eb:a9:e9:a0:6e:b1:f4:51:4a:81:b7:30:61:
e8:62:a2:4f:23:6a:c9:c2:13:f5:e5:5b:de:d6:1b:c8:44:62:
fa:20:66:b7:75:fd:97:fd:44:e9:d4:51:73:88:35:00:ef:8c:
92:2e:76:f2:f8:70:21:6c:ca:4c:f7:b8:45:88:23:32:ea:79:
80:a9:ae:4a:9e:5f:cb:27:6a:20:5f:08:cc:bc:7e:01:66:c4:
ee:9d:fa:4a:ce:6f:4f:a9:cc:6b:c9:75:33:fc:a7:f3:1a:73:
e4:f7:25:a8
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICApEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTAx
MjA3NTJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEY5MDlFRjAwMDgxMEQx
RTcyQUNENTRCRTVENTAxQ0U5NEUyNkREREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGpf1qiuzRlpCWoS0LKu4mcAmryjFIkdx9YnOoYRAgNtGMAqOB
YoA93k8a51JiYk8nT0rb8GA7Rt5ELeKz17ZSeXxvMxMG9CMb/R0pAVa/9ggcRALF
6psaTjqJPzRjyudR80JMwFLS3PJ4Y6LJK3oZ5DGw5oq1xoP7z09K1V+AyD81K+BZ
jwaABu3cemNIa9kJFiD9Y3w+W16oMbh9ziGo6LvgC45BZjYsbF3pFMR9JL43M6Yr
m9UHmlKdAb2g0ocMWwourHB9jX23O5gEoIyCb00aHfM+NVOItQmmLCKpQy/c6yfg
inRI0CehWNh0eu5sJE53E18tmJsrtRBq9yQjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU+QnvAAgQ0ecqzVS+XVAc6U4m3d8wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8tUW52QUFnUTBlY3F6VlMt
WFZBYzZVNG0zZDgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEpeLwZ2V9uYjWz7BOtt3kcWDZIGmhwWI0GI
pANGy5OTr7fJQw16IcB07tA4yIIgH96oB6RB2DL2vrOVXJlddrxSk4M/J++dxayc
19VExHHgikhOwP3GEyGua6rfVT4MMsyWUWwx/5zPXwSj+f3jasiGb2Xth4nJUGPP
NPOHkc+q1RGdusBFckvXpT6pYmm2e+5wCapi66npoG6x9FFKgbcwYehiok8jasnC
E/XlW97WG8hEYvogZrd1/Zf9ROnUUXOINQDvjJIudvL4cCFsykz3uEWIIzLqeYCp
rkqeX8snaiBfCMy8fgFmxO6d+krOb0+pzGvJdTP8p/Mac+T3Jag=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:01:46 2025 by rpki-client