Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/E5QyrURSugFGNlFtCMouNHTD34s.roa
File: E5QyrURSugFGNlFtCMouNHTD34s.roa (raw, json)
Hash identifier: HSG+DiPibRrRgRm6rNJaOfsLPXvEOt3K28iVr3Y8qaM=
Subject key identifier: 13:94:32:AD:44:52:BA:01:46:36:51:6D:08:CA:2E:34:74:C3:DF:8B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0999
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E5QyrURSugFGNlFtCMouNHTD34s.roa
Signing time: Mon 19 May 2025 21:08:13 +0000
ROA not before: Mon 19 May 2025 21:08:13 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2457 (0x999)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 19 21:08:13 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=139432AD4452BA014636516D08CA2E3474C3DF8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:02:38:b3:84:51:af:26:01:3d:d2:df:89:
e1:1b:a9:f1:e5:e8:c8:62:fa:ba:69:9a:e4:23:76:
12:d8:b1:eb:27:01:44:c7:c7:90:48:f6:d1:89:99:
99:06:fb:51:5b:27:b5:2a:18:59:68:01:b9:e9:67:
e8:03:86:e9:e3:02:8f:74:f6:54:34:cd:29:47:8f:
36:69:3e:8c:17:59:03:0d:9f:d6:ed:75:6d:d0:a4:
81:cd:f5:d7:82:fe:42:4e:d9:b8:5c:4b:4f:21:01:
79:d8:e8:b6:1b:58:f5:fb:64:17:21:b3:ac:54:94:
07:be:8f:fc:0f:59:57:22:f7:10:b7:bb:7d:a9:f8:
0a:eb:86:10:ca:ec:34:0e:5f:0e:ad:36:f8:ef:e8:
bb:53:09:4d:65:0d:de:76:9c:e6:9f:9b:32:bc:e4:
8f:e1:51:31:78:4a:6b:0c:70:23:60:19:d5:64:15:
0a:aa:9e:39:14:1d:01:2a:01:25:52:a3:17:5b:d9:
c4:d2:a4:db:48:91:99:7f:5a:0e:ac:07:ff:f6:35:
0d:b9:15:c2:5d:ce:42:b1:e5:60:3c:1d:da:f1:ec:
9d:da:02:de:d2:fe:42:e5:8a:21:1f:d4:cc:be:91:
a7:e4:3a:08:91:8f:99:3a:07:9f:55:02:fb:29:08:
7a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:94:32:AD:44:52:BA:01:46:36:51:6D:08:CA:2E:34:74:C3:DF:8B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/E5QyrURSugFGNlFtCMouNHTD34s.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:8e:66:6a:b6:fb:fe:4d:b8:d4:e1:ba:68:2b:fc:ec:64:63:
a1:fa:68:14:e2:9f:7b:cc:59:cb:93:45:b2:e0:f5:3d:2a:75:
b0:83:4a:4b:f5:33:7f:2c:53:91:fa:81:9d:4f:2b:a5:20:53:
01:4d:98:7c:9e:09:31:a5:e5:a3:47:66:29:e2:c4:19:bf:d7:
2b:52:ca:28:9c:38:59:42:62:d3:50:af:bf:8c:a2:df:e8:24:
75:d1:06:0f:06:7b:33:f1:c9:c9:ba:60:93:b1:d2:90:dc:83:
09:2a:78:c5:9a:3b:20:b5:51:9f:17:91:f2:28:de:0a:aa:c8:
c9:86:1b:b4:60:04:0d:e6:c7:66:94:0e:bf:c7:a2:95:63:21:
88:9e:24:fb:3a:59:e6:c8:f8:ac:7a:69:ee:7b:76:e9:cd:b2:
24:89:73:7f:fa:12:26:7d:99:b3:28:72:d7:e0:b0:82:8c:7f:
46:5c:92:fd:64:fb:77:ea:61:e5:f6:1d:a7:33:08:bf:8d:7d:
f5:41:ed:8e:1b:9d:89:fe:a0:ef:90:c2:48:bb:ea:16:d5:b5:
30:c8:2a:bf:a2:ce:d0:54:d8:c3:b0:87:ce:a4:db:02:26:38:
f2:27:9a:68:df:8c:6d:26:d6:91:eb:37:ee:c0:af:db:3c:d8:
f7:0b:7d:e6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTky
MTA4MTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDEzOTQzMkFENDQ1MkJB
MDE0NjM2NTE2RDA4Q0EyRTM0NzRDM0RGOEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCtwI4s4RRryYBPdLfieEbqfHl6Mhi+rppmuQjdhLYsesnAUTH
x5BI9tGJmZkG+1FbJ7UqGFloAbnpZ+gDhunjAo909lQ0zSlHjzZpPowXWQMNn9bt
dW3QpIHN9deC/kJO2bhcS08hAXnY6LYbWPX7ZBchs6xUlAe+j/wPWVci9xC3u32p
+ArrhhDK7DQOXw6tNvjv6LtTCU1lDd52nOafmzK85I/hUTF4SmsMcCNgGdVkFQqq
njkUHQEqASVSoxdb2cTSpNtIkZl/Wg6sB//2NQ25FcJdzkKx5WA8Hdrx7J3aAt7S
/kLliiEf1My+kafkOgiRj5k6B59VAvspCHr5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUE5QyrURSugFGNlFtCMouNHTD34swHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9FNVF5clVSU3VnRkdObEZ0
Q01vdU5IVEQzNHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAGOZmq2+/5NuNThumgr/OxkY6H6aBTin3vM
WcuTRbLg9T0qdbCDSkv1M38sU5H6gZ1PK6UgUwFNmHyeCTGl5aNHZinixBm/1ytS
yiicOFlCYtNQr7+Mot/oJHXRBg8GezPxycm6YJOx0pDcgwkqeMWaOyC1UZ8XkfIo
3gqqyMmGG7RgBA3mx2aUDr/HopVjIYieJPs6WebI+Kx6ae57dunNsiSJc3/6EiZ9
mbMoctfgsIKMf0Zckv1k+3fqYeX2HaczCL+NffVB7Y4bnYn+oO+Qwki76hbVtTDI
Kr+iztBU2MOwh86k2wImOPInmmjfjG0m1pHrN+7Ar9s82PcLfeY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:02:12 2025 by rpki-client