Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/0CVdkQn1nPh0HiAgZUYfuU5DEko.roa
File: 0CVdkQn1nPh0HiAgZUYfuU5DEko.roa (raw, json)
Hash identifier: Idmlag9GgYjH8nV201crQXPsSAvpaiogaHk3Nh9hEO8=
Subject key identifier: D0:25:5D:91:09:F5:9C:F8:74:1E:20:20:65:46:1F:B9:4E:43:12:4A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0691
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0CVdkQn1nPh0HiAgZUYfuU5DEko.roa
Signing time: Thu 15 May 2025 20:08:02 +0000
ROA not before: Thu 15 May 2025 20:08:02 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1681 (0x691)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 15 20:08:02 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D0255D9109F59CF8741E202065461FB94E43124A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:6b:4c:18:41:de:51:5e:33:c4:85:ae:70:71:
88:9a:ef:bb:27:2b:fb:ed:2d:8f:c2:39:2e:07:c5:
9d:e8:4d:18:1f:26:60:03:e1:15:e1:6d:74:98:b1:
2d:f8:8f:e3:22:66:66:5f:05:4b:8f:e8:e2:bc:a0:
89:db:17:60:32:4a:6b:cc:f3:13:18:2e:45:8b:0a:
31:8c:f8:24:c5:2e:96:a8:95:3a:f1:44:1b:c3:8c:
9a:2e:3e:1f:c9:c2:7d:9e:4e:0a:37:6a:4d:65:e5:
65:a2:fc:99:e4:da:0f:6d:d3:ac:40:4f:c5:a2:3a:
f0:14:c2:ef:ab:eb:fb:20:6d:36:95:f7:e7:e2:11:
78:7d:9c:80:0d:09:e2:83:a8:95:83:3d:57:93:fb:
2f:c4:0a:14:ce:bf:b9:38:4c:a9:4c:4f:e2:11:6f:
2a:bf:94:13:3b:f1:de:5f:a1:1b:f5:f5:13:5e:60:
0a:7b:b3:4a:87:89:46:3c:0a:d8:69:81:af:f7:b6:
45:f3:ba:62:a9:4d:71:6f:e7:e9:1d:ce:12:2e:1f:
f9:a7:1e:76:d9:bd:62:bb:9e:76:dd:62:a5:07:38:
97:32:75:c2:33:1c:b0:dc:ff:e3:e6:e1:7a:da:17:
c4:a7:39:89:db:a3:e0:41:14:c1:f8:3a:0a:5e:3c:
1d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:25:5D:91:09:F5:9C:F8:74:1E:20:20:65:46:1F:B9:4E:43:12:4A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/0CVdkQn1nPh0HiAgZUYfuU5DEko.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:b5:1e:fd:8b:05:c0:31:1e:93:86:84:d4:2a:62:ab:62:11:
55:f9:cf:97:09:dd:5c:c6:46:91:8e:b6:27:ae:1c:79:2a:5e:
00:bf:4f:98:8d:3b:73:d7:b9:2a:a4:17:9a:76:57:64:06:69:
a5:e9:d1:ba:19:4b:5a:26:0e:4d:66:2f:f9:81:b7:89:b2:35:
02:42:21:5d:07:6c:21:a1:9a:bb:74:c9:98:1c:12:aa:50:41:
2b:d8:62:ad:a6:05:7e:2a:c2:fc:c3:9f:5e:a5:5d:24:62:ea:
b9:6f:ea:23:c3:9c:e1:66:04:44:7d:9d:34:53:04:c0:0d:e9:
78:93:b9:6e:f1:db:3e:9e:eb:fb:8b:be:1f:79:b6:fc:64:92:
86:b6:b3:24:2b:c5:a1:75:32:6e:8d:e3:33:76:c7:10:c9:fe:
9f:3b:5f:c4:0b:af:19:e6:05:50:f9:52:2c:5e:6f:c9:53:36:
10:fe:10:1e:b9:d2:48:18:cb:49:21:06:95:85:43:4c:7b:ec:
cd:07:5c:23:04:15:1d:e3:20:36:bd:bb:5c:1a:16:17:bb:34:
54:4b:86:a8:05:ec:3b:b7:b5:6f:d8:cd:7e:5a:21:79:3d:5a:
52:b9:b0:3e:3f:0d:41:c3:6d:13:87:36:a0:84:c9:43:20:42:
20:03:e1:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBpEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTUy
MDA4MDJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQwMjU1RDkxMDlGNTlD
Rjg3NDFFMjAyMDY1NDYxRkI5NEU0MzEyNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGa0wYQd5RXjPEha5wcYia77snK/vtLY/COS4HxZ3oTRgfJmAD
4RXhbXSYsS34j+MiZmZfBUuP6OK8oInbF2AySmvM8xMYLkWLCjGM+CTFLpaolTrx
RBvDjJouPh/Jwn2eTgo3ak1l5WWi/Jnk2g9t06xAT8WiOvAUwu+r6/sgbTaV9+fi
EXh9nIANCeKDqJWDPVeT+y/EChTOv7k4TKlMT+IRbyq/lBM78d5foRv19RNeYAp7
s0qHiUY8Cthpga/3tkXzumKpTXFv5+kdzhIuH/mnHnbZvWK7nnbdYqUHOJcydcIz
HLDc/+Pm4XraF8SnOYnbo+BBFMH4OgpePB1PAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU0CVdkQn1nPh0HiAgZUYfuU5DEkowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8wQ1Zka1FuMW5QaDBIaUFn
WlVZZnVVNURFa28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEK1Hv2LBcAxHpOGhNQqYqtiEVX5z5cJ3VzG
RpGOtieuHHkqXgC/T5iNO3PXuSqkF5p2V2QGaaXp0boZS1omDk1mL/mBt4myNQJC
IV0HbCGhmrt0yZgcEqpQQSvYYq2mBX4qwvzDn16lXSRi6rlv6iPDnOFmBER9nTRT
BMAN6XiTuW7x2z6e6/uLvh95tvxkkoa2syQrxaF1Mm6N4zN2xxDJ/p87X8QLrxnm
BVD5Uixeb8lTNhD+EB650kgYy0khBpWFQ0x77M0HXCMEFR3jIDa9u1waFhe7NFRL
hqgF7Du3tW/YzX5aIXk9WlK5sD4/DUHDbROHNqCEyUMgQiAD4Uc=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:08:19 2025 by rpki-client