Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/2VcL9SplHpzgSaPdp6SuXD92JpU.roa
File: 2VcL9SplHpzgSaPdp6SuXD92JpU.roa (raw, json)
Hash identifier: yDui3o3hOJ2X0doGMu5lsXWRQPdMLFbyi9sbxWcfMeE=
Subject key identifier: D9:57:0B:F5:2A:65:1E:9C:E0:49:A3:DD:A7:A4:AE:5C:3F:76:26:95
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0A15
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2VcL9SplHpzgSaPdp6SuXD92JpU.roa
Signing time: Tue 20 May 2025 12:38:23 +0000
ROA not before: Tue 20 May 2025 12:38:23 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2581 (0xa15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 12:38:23 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=D9570BF52A651E9CE049A3DDA7A4AE5C3F762695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:07:b5:fd:09:a7:da:69:49:07:40:8e:2b:29:
71:47:ec:04:95:5c:2e:c4:69:43:cd:c4:4b:48:d5:
ea:41:88:0c:b6:58:db:0b:d1:b0:39:4e:bf:e3:c5:
2c:80:0e:e2:83:31:56:f7:9c:98:9d:e3:7f:54:e5:
cb:ae:c5:af:72:ed:b8:07:ce:48:91:5f:3b:06:74:
6b:60:d0:8a:bd:7c:db:7a:20:3a:83:2d:a0:8f:7b:
ce:d7:06:ca:9e:fd:04:ee:c3:50:07:f2:e0:34:6a:
09:21:29:b3:82:fb:c1:6f:58:f6:0c:5b:62:9c:11:
f7:68:4f:61:9b:69:09:e9:7b:fc:a0:95:04:6b:00:
8c:0b:21:3e:cc:e1:66:ab:08:de:ad:e8:0d:99:a2:
8a:87:df:e5:85:f7:e9:ec:d0:d1:24:cc:75:ff:1a:
b0:df:f2:66:48:00:f9:0a:43:3b:46:49:b9:ef:0f:
db:12:fc:13:f2:51:81:45:9a:73:25:72:c2:dc:f5:
1a:1c:6b:eb:02:2f:21:84:d9:b2:88:c5:c3:2a:c0:
8d:08:40:67:05:b0:f0:c6:3c:7d:44:62:96:25:b9:
8c:64:04:53:65:50:ff:d0:58:fd:2f:b2:cd:0a:6e:
f2:92:1a:bf:9b:b3:58:91:cc:06:a1:e0:b1:e7:31:
eb:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:57:0B:F5:2A:65:1E:9C:E0:49:A3:DD:A7:A4:AE:5C:3F:76:26:95
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/2VcL9SplHpzgSaPdp6SuXD92JpU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:6c:00:56:99:39:be:79:7a:2e:6c:dd:a4:30:ec:f0:4c:72:
c5:e5:f8:2d:38:e6:ef:82:06:00:39:a2:46:bc:28:77:40:95:
42:71:8e:da:5a:d8:2c:81:59:bd:1c:3d:f9:86:e0:08:22:12:
4a:2d:12:e9:68:bb:85:21:dc:2e:7b:11:9b:c0:90:83:e8:1e:
57:27:8c:4c:f3:c9:3c:fa:89:a0:30:66:16:97:0a:59:b3:f5:
47:64:ff:76:fd:c3:ca:24:74:11:cf:46:00:b6:f1:d2:30:6d:
08:ca:de:e6:c4:fa:68:26:c2:6e:a9:b3:24:d5:22:5e:88:e7:
fe:c3:b9:3d:a4:82:ae:6a:85:12:e1:4c:56:a7:b5:f0:e6:e5:
48:f8:cc:62:97:7d:00:13:3d:c1:f9:a3:98:e4:7f:41:63:f3:
8d:5b:8e:13:04:79:18:3c:fd:a5:c3:5a:4f:f3:8c:0a:43:e7:
4d:c1:69:f5:71:5b:9f:45:35:75:b6:7f:71:a3:af:22:68:e1:
18:df:44:9d:4e:2e:ff:bb:6d:f6:84:af:7c:59:00:d8:75:df:
98:75:b3:7d:8c:14:0d:38:86:91:1a:8e:af:ca:31:41:5c:f6:
fb:37:0a:32:69:c4:99:71:c2:9e:d0:90:9c:ea:8d:ff:bf:3c:
07:02:72:1d
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICChUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAx
MjM4MjNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEQ5NTcwQkY1MkE2NTFF
OUNFMDQ5QTNEREE3QTRBRTVDM0Y3NjI2OTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8B7X9CafaaUkHQI4rKXFH7ASVXC7EaUPNxEtI1epBiAy2WNsL
0bA5Tr/jxSyADuKDMVb3nJid439U5cuuxa9y7bgHzkiRXzsGdGtg0Iq9fNt6IDqD
LaCPe87XBsqe/QTuw1AH8uA0agkhKbOC+8FvWPYMW2KcEfdoT2GbaQnpe/yglQRr
AIwLIT7M4WarCN6t6A2ZooqH3+WF9+ns0NEkzHX/GrDf8mZIAPkKQztGSbnvD9sS
/BPyUYFFmnMlcsLc9Roca+sCLyGE2bKIxcMqwI0IQGcFsPDGPH1EYpYluYxkBFNl
UP/QWP0vss0KbvKSGr+bs1iRzAah4LHnMet1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU2VcL9SplHpzgSaPdp6SuXD92JpUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni8yVmNMOVNwbEhwemdTYVBk
cDZTdVhEOTJKcFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABlsAFaZOb55ei5s3aQw7PBMcsXl+C045u+C
BgA5oka8KHdAlUJxjtpa2CyBWb0cPfmG4AgiEkotEulou4Uh3C57EZvAkIPoHlcn
jEzzyTz6iaAwZhaXClmz9Udk/3b9w8okdBHPRgC28dIwbQjK3ubE+mgmwm6psyTV
Il6I5/7DuT2kgq5qhRLhTFantfDm5Uj4zGKXfQATPcH5o5jkf0Fj841bjhMEeRg8
/aXDWk/zjApD503BafVxW59FNXW2f3GjryJo4RjfRJ1OLv+7bfaEr3xZANh135h1
s32MFA04hpEajq/KMUFc9vs3CjJpxJlxwp7QkJzqjf+/PAcCch0=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:04:03 2025 by rpki-client