Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/BM8vUsss1HfzC5haUu7GGzTjQao.roa
File: BM8vUsss1HfzC5haUu7GGzTjQao.roa (raw, json)
Hash identifier: 3RYFLE8RpNYC1JoTy8csSB9/V109gQiYjADIiVHc75E=
Subject key identifier: 04:CF:2F:52:CB:2C:D4:77:F3:0B:98:5A:52:EE:C6:1B:34:E3:41:AA
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D85
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BM8vUsss1HfzC5haUu7GGzTjQao.roa
Signing time: Sun 25 May 2025 02:38:35 +0000
ROA not before: Sun 25 May 2025 02:38:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3461 (0xd85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 25 02:38:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=04CF2F52CB2CD477F30B985A52EEC61B34E341AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:55:08:e9:2f:06:20:df:33:ea:73:60:40:31:
0e:0b:8f:7b:40:d6:25:af:dd:91:0c:96:60:79:73:
15:09:a9:ee:84:3a:5f:bd:b5:e8:93:59:88:3e:12:
23:da:58:c9:e8:85:d9:af:0f:85:fa:ad:04:f8:0c:
b9:05:be:46:7c:3d:3a:bf:e2:03:69:cf:93:60:07:
9e:c4:b5:67:56:66:f0:e7:f0:b5:c2:0c:8c:51:84:
4f:b2:35:c6:0d:98:42:85:e1:93:1c:63:b1:2a:10:
c0:6f:d0:fa:b5:47:52:ac:bd:75:e4:ce:1f:f4:53:
c9:79:eb:0e:ab:8f:79:7b:fe:5f:a9:15:9c:86:1c:
ae:c5:f6:4e:d9:bf:f0:48:f6:b7:3a:5b:f5:dd:ab:
f2:a6:0f:70:c7:0f:e1:3d:c3:fc:ef:a4:a5:d7:c2:
55:95:e9:e0:f5:07:0a:96:fc:07:44:49:62:19:c8:
65:8e:a4:98:09:3b:30:b8:e7:7a:b6:bd:f4:c8:28:
a6:63:60:2f:5c:50:e7:91:df:00:3d:8a:20:40:bf:
0a:89:95:49:b4:d7:cf:1c:38:d3:b4:2d:3f:18:8c:
a9:58:af:17:97:70:ff:06:2d:9a:40:43:bb:a3:8f:
a8:78:03:b3:ae:71:c7:c5:14:97:49:89:bb:24:f8:
29:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:CF:2F:52:CB:2C:D4:77:F3:0B:98:5A:52:EE:C6:1B:34:E3:41:AA
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/BM8vUsss1HfzC5haUu7GGzTjQao.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:28:3b:eb:9a:2e:9f:f6:9e:4d:f0:e8:39:25:06:62:a4:ef:
e8:84:42:9a:6d:a4:1d:45:fa:e4:9b:34:b5:51:36:36:43:f7:
74:0e:7b:da:f9:23:c3:9c:c6:d7:1b:fc:71:cc:33:0d:fd:03:
d4:1d:09:af:c4:9f:52:5a:23:61:2f:ae:d9:3d:8d:89:0d:2e:
97:75:55:50:5b:56:00:05:f4:ba:f7:62:d2:a4:d4:5b:5f:e8:
91:d7:33:b8:0a:69:6d:75:8e:96:2a:f0:ff:7f:cf:1a:16:80:
f7:56:98:a9:ae:3a:7e:69:6e:c4:bd:7b:c4:b6:e0:c1:76:ca:
ce:11:ba:ac:1b:c5:61:63:eb:2b:65:be:44:59:1d:58:09:17:
4b:74:15:ca:0e:eb:5f:c9:e4:cd:4d:e9:ba:e2:7d:6d:70:65:
da:13:24:21:ec:d5:de:d5:89:26:8c:4e:1f:42:d7:ee:a1:5f:
85:89:24:46:56:0d:ce:87:ec:0d:35:0a:96:7d:97:93:19:d8:
a9:bd:c3:99:b6:53:79:35:e2:9b:2c:74:bf:af:2d:3a:82:ba:
0b:30:46:0e:31:7e:69:69:45:06:45:56:26:87:0f:8a:e7:de:
a5:45:01:c1:b6:0a:64:a6:03:96:0a:a5:3a:65:f9:d7:b5:00:
28:02:93:a0
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDYUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjUw
MjM4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDA0Q0YyRjUyQ0IyQ0Q0
NzdGMzBCOTg1QTUyRUVDNjFCMzRFMzQxQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3VQjpLwYg3zPqc2BAMQ4Lj3tA1iWv3ZEMlmB5cxUJqe6EOl+9
teiTWYg+EiPaWMnohdmvD4X6rQT4DLkFvkZ8PTq/4gNpz5NgB57EtWdWZvDn8LXC
DIxRhE+yNcYNmEKF4ZMcY7EqEMBv0Pq1R1KsvXXkzh/0U8l56w6rj3l7/l+pFZyG
HK7F9k7Zv/BI9rc6W/Xdq/KmD3DHD+E9w/zvpKXXwlWV6eD1BwqW/AdESWIZyGWO
pJgJOzC453q2vfTIKKZjYC9cUOeR3wA9iiBAvwqJlUm0188cONO0LT8YjKlYrxeX
cP8GLZpAQ7ujj6h4A7OuccfFFJdJibsk+CnrAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUBM8vUsss1HfzC5haUu7GGzTjQaowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9CTTh2VXNzczFIZnpDNWhh
VXU3R0d6VGpRYW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFEoO+uaLp/2nk3w6DklBmKk7+iEQpptpB1F
+uSbNLVRNjZD93QOe9r5I8Ocxtcb/HHMMw39A9QdCa/En1JaI2Evrtk9jYkNLpd1
VVBbVgAF9Lr3YtKk1Ftf6JHXM7gKaW11jpYq8P9/zxoWgPdWmKmuOn5pbsS9e8S2
4MF2ys4RuqwbxWFj6ytlvkRZHVgJF0t0FcoO61/J5M1N6brifW1wZdoTJCHs1d7V
iSaMTh9C1+6hX4WJJEZWDc6H7A01CpZ9l5MZ2Km9w5m2U3k14pssdL+vLTqCugsw
Rg4xfmlpRQZFViaHD4rn3qVFAcG2CmSmA5YKpTpl+de1ACgCk6A=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:38:12 2025 by rpki-client