Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/HyIhvUA7ygx3ZAUDLDXNHLCjK8Q.roa
File: HyIhvUA7ygx3ZAUDLDXNHLCjK8Q.roa (raw, json)
Hash identifier: PlrlhjhECbhwyeQ+jvCgfNrlB+J70ccx8Kmv+BAOsfo=
Subject key identifier: 1F:22:21:BD:40:3B:CA:0C:77:64:05:03:2C:35:CD:1C:B0:A3:2B:C4
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 01F5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HyIhvUA7ygx3ZAUDLDXNHLCjK8Q.roa
Signing time: Fri 09 May 2025 16:37:45 +0000
ROA not before: Fri 09 May 2025 16:37:45 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 501 (0x1f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 9 16:37:45 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=1F2221BD403BCA0C776405032C35CD1CB0A32BC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:18:99:cb:75:5b:16:47:c0:cd:1a:14:93:4a:
99:a3:90:f9:dd:d5:86:93:30:46:9b:01:03:78:3b:
4d:04:b3:42:1e:ae:55:84:12:64:30:e0:f2:92:5d:
5e:5a:7a:d3:f8:aa:52:4b:1f:ae:64:4e:e6:02:c7:
13:f0:0e:15:16:2d:57:0c:c3:da:56:b6:98:97:ce:
a2:f3:ff:6e:49:96:e6:d1:ec:8c:7d:d0:b2:37:47:
53:d1:b1:81:d2:1e:85:51:06:98:a8:67:cc:75:de:
e5:16:80:cf:bb:94:4b:f4:c4:b7:70:b2:a5:93:f1:
3d:ae:82:d7:16:80:a4:21:9c:af:b7:79:dc:b1:a8:
37:52:50:46:91:54:8f:f6:81:69:a9:33:0f:8c:6f:
29:fa:64:f9:15:b3:25:c7:38:f1:76:75:04:8a:27:
d9:3c:47:27:22:19:26:76:78:db:18:31:fc:f7:01:
1a:31:65:56:0e:ec:d6:4d:a3:61:26:4e:c6:3f:a7:
52:04:ed:28:d6:f7:7b:80:06:63:65:a8:2d:1d:7c:
96:49:71:76:3d:9e:98:17:64:a6:0f:0c:2d:cc:0c:
79:a6:72:df:d7:9b:ab:b3:7e:03:85:66:55:8c:54:
00:bc:89:d7:08:27:ef:66:6a:43:69:b4:e3:4a:2e:
0e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:22:21:BD:40:3B:CA:0C:77:64:05:03:2C:35:CD:1C:B0:A3:2B:C4
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/HyIhvUA7ygx3ZAUDLDXNHLCjK8Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:ce:01:61:ab:f7:0d:e6:1d:60:0d:21:d9:3d:e2:7b:04:01:
56:c9:35:4e:fe:1e:2e:65:5a:b2:e0:0b:98:cc:10:78:a0:76:
cf:44:53:70:a6:1f:43:fd:de:8c:1c:2e:51:c5:c5:65:93:38:
b9:1e:8f:ee:6a:0d:13:b4:8c:c1:42:01:71:2c:31:df:9a:7a:
16:c7:71:a9:69:87:60:db:dd:1d:68:1e:df:86:76:64:aa:56:
d6:1c:97:0b:c2:2e:ab:c0:2b:e8:e2:49:5b:cd:75:bb:05:b8:
d1:19:b9:a4:ca:bb:22:96:19:77:00:a8:92:b7:eb:18:45:55:
d2:c1:34:ca:8f:8a:f2:25:d1:ef:1a:b9:18:fd:d8:26:25:fe:
df:1e:09:97:83:c4:ab:f5:53:ae:16:d5:e1:1a:e4:7a:b6:33:
39:00:f5:57:f2:bc:2d:2f:9c:57:dd:4d:49:56:93:a0:f8:b3:
b9:f3:c4:a6:06:8c:3b:28:e3:d3:92:50:8c:c9:20:b3:12:41:
ba:df:2a:ca:83:fa:23:72:09:d0:8d:ae:ce:23:31:c1:20:68:
ae:cb:83:3e:af:75:50:91:7a:d2:cb:ee:33:b0:3f:44:4f:49:
0f:0e:b9:7c:9b:0c:1a:9c:79:ee:ae:51:a9:5e:a2:63:c8:fb:
29:cf:9e:e9
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDkx
NjM3NDVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDFGMjIyMUJENDAzQkNB
MEM3NzY0MDUwMzJDMzVDRDFDQjBBMzJCQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2GJnLdVsWR8DNGhSTSpmjkPnd1YaTMEabAQN4O00Es0IerlWE
EmQw4PKSXV5aetP4qlJLH65kTuYCxxPwDhUWLVcMw9pWtpiXzqLz/25JlubR7Ix9
0LI3R1PRsYHSHoVRBpioZ8x13uUWgM+7lEv0xLdwsqWT8T2ugtcWgKQhnK+3edyx
qDdSUEaRVI/2gWmpMw+Mbyn6ZPkVsyXHOPF2dQSKJ9k8RyciGSZ2eNsYMfz3ARox
ZVYO7NZNo2EmTsY/p1IE7SjW93uABmNlqC0dfJZJcXY9npgXZKYPDC3MDHmmct/X
m6uzfgOFZlWMVAC8idcIJ+9makNptONKLg5tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUHyIhvUA7ygx3ZAUDLDXNHLCjK8QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9IeUlodlVBN3lneDNaQVVE
TERYTkhMQ2pLOFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKPOAWGr9w3mHWANIdk94nsEAVbJNU7+Hi5l
WrLgC5jMEHigds9EU3CmH0P93owcLlHFxWWTOLkej+5qDRO0jMFCAXEsMd+aehbH
calph2Db3R1oHt+GdmSqVtYclwvCLqvAK+jiSVvNdbsFuNEZuaTKuyKWGXcAqJK3
6xhFVdLBNMqPivIl0e8auRj92CYl/t8eCZeDxKv1U64W1eEa5Hq2MzkA9VfyvC0v
nFfdTUlWk6D4s7nzxKYGjDso49OSUIzJILMSQbrfKsqD+iNyCdCNrs4jMcEgaK7L
gz6vdVCRetLL7jOwP0RPSQ8OuXybDBqcee6uUaleomPI+ynPnuk=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:08:54 2025 by rpki-client