Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/KMGO9hg-CuOOqUOOvNDVbTvz04o.roa
File: KMGO9hg-CuOOqUOOvNDVbTvz04o.roa (raw, json)
Hash identifier: ZsuiVXBq376UiSN8BiNxQca92HjgPa/1bs1hSdluBBk=
Subject key identifier: 28:C1:8E:F6:18:3E:0A:E3:8E:A9:43:8E:BC:D0:D5:6D:3B:F3:D3:8A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0109
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KMGO9hg-CuOOqUOOvNDVbTvz04o.roa
Signing time: Thu 08 May 2025 11:07:44 +0000
ROA not before: Thu 08 May 2025 11:07:44 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265 (0x109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 11:07:44 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=28C18EF6183E0AE38EA9438EBCD0D56D3BF3D38A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:66:ed:81:88:9c:5f:b6:30:3b:fc:b6:c4:7b:
fb:61:9e:33:dd:21:2c:eb:51:f4:9a:76:0d:23:25:
20:d6:3b:0d:98:f4:98:57:c0:21:98:2a:aa:85:99:
50:94:14:a8:94:83:ba:2a:44:99:2f:67:47:d2:5c:
c4:74:5e:8f:01:b6:f0:62:5c:67:4a:25:61:41:ec:
fa:b7:be:15:04:b6:9b:d8:eb:b4:6c:c1:21:5d:cc:
35:23:c8:a2:43:3b:ba:44:16:c3:83:e6:20:e8:01:
a5:75:da:96:cc:a3:2f:5e:c9:c1:ed:b3:66:11:aa:
71:8d:d6:52:3b:c1:8a:aa:23:82:6a:7f:93:8b:24:
1a:00:41:2d:60:fc:65:3f:21:b9:85:12:5e:31:a9:
30:d9:91:7b:5a:28:d5:43:42:f8:eb:be:65:00:39:
a1:07:be:2a:8b:4e:7a:3f:81:2d:d8:d5:82:22:80:
e2:d6:f0:60:e2:6c:a5:41:fb:86:64:9c:71:80:c2:
06:97:91:ba:82:0c:44:66:a8:f1:b2:f4:e7:a0:d3:
4b:a4:06:42:b9:cd:58:fc:23:5e:4c:60:24:07:b9:
1a:8f:cb:1e:5e:30:5a:41:e8:18:d5:a0:fd:1c:16:
17:aa:bf:2e:1a:58:a3:aa:90:20:fc:89:3d:a2:54:
48:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C1:8E:F6:18:3E:0A:E3:8E:A9:43:8E:BC:D0:D5:6D:3B:F3:D3:8A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/KMGO9hg-CuOOqUOOvNDVbTvz04o.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:f8:7c:2b:e1:df:4e:84:28:80:7a:2f:f8:df:86:ff:78:9c:
a0:ae:44:71:51:0a:f9:3d:ff:26:15:92:e1:bf:14:92:b2:7f:
1a:c7:77:ff:e6:83:78:d3:53:b8:8b:a8:8b:f2:a7:eb:3d:03:
ed:86:ce:fd:7a:7b:6b:93:b9:e2:fe:44:6a:02:1d:6a:97:4e:
d3:f7:cb:84:ea:ac:92:3a:30:c3:a4:d3:85:dc:3e:58:13:32:
f9:31:9c:92:a3:30:35:97:c9:d8:d6:81:7c:a6:43:de:4f:e4:
bf:1a:3e:c8:c3:42:83:05:14:b4:21:aa:f2:f1:88:7b:3f:ad:
e6:7a:05:18:29:6f:fb:72:b7:5f:8c:e7:f7:fd:3f:7a:c7:9e:
90:8c:4a:31:ce:d0:d8:c9:cf:aa:4e:c4:5c:a7:7e:9b:58:c3:
61:49:8c:87:d8:56:8f:3c:bd:29:b1:ab:76:6b:89:73:9c:e0:
76:cf:6d:3f:17:93:39:c8:c7:ac:7d:5f:a9:33:4d:32:04:2a:
57:81:06:7f:73:0b:1e:1b:82:d4:df:35:f5:56:88:e2:f0:32:
e1:37:d9:f8:4b:bc:ca:f7:93:54:86:14:d2:ae:20:b1:64:0e:
01:49:3e:57:87:cc:98:37:80:fe:9f:a0:91:8f:5b:46:96:81:
aa:5a:de:3e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
MTA3NDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDI4QzE4RUY2MTgzRTBB
RTM4RUE5NDM4RUJDRDBENTZEM0JGM0QzOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMZu2BiJxftjA7/LbEe/thnjPdISzrUfSadg0jJSDWOw2Y9JhX
wCGYKqqFmVCUFKiUg7oqRJkvZ0fSXMR0Xo8BtvBiXGdKJWFB7Pq3vhUEtpvY67Rs
wSFdzDUjyKJDO7pEFsOD5iDoAaV12pbMoy9eycHts2YRqnGN1lI7wYqqI4Jqf5OL
JBoAQS1g/GU/IbmFEl4xqTDZkXtaKNVDQvjrvmUAOaEHviqLTno/gS3Y1YIigOLW
8GDibKVB+4ZknHGAwgaXkbqCDERmqPGy9Oeg00ukBkK5zVj8I15MYCQHuRqPyx5e
MFpB6BjVoP0cFheqvy4aWKOqkCD8iT2iVEgfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKMGO9hg+CuOOqUOOvNDVbTvz04owHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9LTUdPOWhnLUN1T09xVU9P
dk5EVmJUdnowNG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACT4fCvh306EKIB6L/jfhv94nKCuRHFRCvk9
/yYVkuG/FJKyfxrHd//mg3jTU7iLqIvyp+s9A+2Gzv16e2uTueL+RGoCHWqXTtP3
y4TqrJI6MMOk04XcPlgTMvkxnJKjMDWXydjWgXymQ95P5L8aPsjDQoMFFLQhqvLx
iHs/reZ6BRgpb/tyt1+M5/f9P3rHnpCMSjHO0NjJz6pOxFynfptYw2FJjIfYVo88
vSmxq3ZriXOc4HbPbT8XkznIx6x9X6kzTTIEKleBBn9zCx4bgtTfNfVWiOLwMuE3
2fhLvMr3k1SGFNKuILFkDgFJPleHzJg3gP6foJGPW0aWgapa3j4=
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:09:14 2025 by rpki-client