Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/M8oidqixcAweNGrNoUS4SiIWqHk.roa
File: M8oidqixcAweNGrNoUS4SiIWqHk.roa (raw, json)
Hash identifier: mPFpQ2sQsYcHCvJKVaEgQYwmj5b91XYfP8uUNIo4Lok=
Subject key identifier: 33:CA:22:76:A8:B1:70:0C:1E:34:6A:CD:A1:44:B8:4A:22:16:A8:79
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0E45
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M8oidqixcAweNGrNoUS4SiIWqHk.roa
Signing time: Mon 26 May 2025 02:38:39 +0000
ROA not before: Mon 26 May 2025 02:38:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3653 (0xe45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 26 02:38:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=33CA2276A8B1700C1E346ACDA144B84A2216A879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:68:7a:8e:46:4d:5b:fc:d6:b9:20:c0:d0:e2:
85:5e:47:15:cd:ac:f3:0f:c4:a0:6c:eb:59:9c:38:
ec:6c:1e:29:73:fe:32:b5:4a:41:59:20:c3:76:83:
7c:b8:76:28:59:c9:3f:a1:40:d3:82:ab:27:ff:2f:
b5:f7:c1:b2:3d:d8:da:32:9b:0f:5e:d1:85:dd:68:
97:dc:38:e1:a9:19:24:b4:0a:85:31:f8:f2:b8:4f:
69:26:1a:93:7f:8f:47:38:7b:ce:ab:1b:60:84:32:
1c:00:8f:69:12:f8:e7:8b:86:ef:9b:bd:fd:f6:12:
83:50:bd:f9:44:48:d4:dd:2d:0c:a9:22:c6:cb:fa:
7b:84:0f:28:58:af:6f:af:87:e2:d1:16:19:3e:13:
c7:b1:80:46:80:8f:c1:ee:05:aa:56:95:46:3a:f6:
20:19:a1:16:dd:87:b7:08:ab:c6:b7:26:78:e7:4d:
3a:80:d6:01:af:81:ed:f2:24:7d:02:25:3a:c1:df:
fd:6a:29:6d:d3:40:44:f1:67:c2:e8:e1:c3:ef:d4:
e5:14:c0:c8:10:2e:49:b9:bf:4e:f5:c6:05:54:87:
dc:24:a7:4a:19:0b:07:79:7b:58:c2:5c:b5:57:12:
b3:3e:90:ff:64:06:4c:76:12:b2:85:f0:f6:32:2d:
4d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:CA:22:76:A8:B1:70:0C:1E:34:6A:CD:A1:44:B8:4A:22:16:A8:79
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/M8oidqixcAweNGrNoUS4SiIWqHk.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:47:c7:8f:6b:f5:6d:c3:32:bc:4d:b2:55:6e:c6:4c:ca:f2:
af:c0:cf:2f:84:b8:1b:84:bc:e6:8f:87:6c:cb:a2:f4:93:66:
80:86:28:c5:61:e0:3e:40:4d:31:cc:77:3f:87:24:8f:3d:47:
8c:d7:aa:0d:09:10:09:25:0c:19:cd:89:19:af:ba:2d:a1:9e:
0a:0b:a2:5b:1e:44:c1:4e:47:f8:8b:e4:c4:82:73:73:19:91:
a7:b4:b2:c8:9e:cf:d3:14:89:71:10:6e:14:8d:dd:ad:f5:6d:
fa:ea:67:5e:86:47:29:99:7c:5f:7e:ee:e4:6a:e9:bd:28:cb:
87:63:d8:0f:c7:3d:31:01:1f:9d:1c:1c:68:ed:92:9d:1c:ff:
82:55:22:7d:3c:ac:35:42:f8:6f:6a:80:7a:5f:b8:e0:f0:4a:
db:af:61:9c:34:18:2e:58:27:62:ff:83:b2:ca:9d:69:01:6d:
6a:3b:31:03:19:4e:30:e2:6d:4a:ce:38:45:c7:5b:bb:69:85:
85:5b:28:83:7e:f6:77:09:c8:e3:bf:65:60:37:1c:b1:b0:69:
2a:7e:5e:db:f5:d3:98:ea:26:c3:d4:0b:43:8c:01:1f:5e:02:
f1:f0:68:c2:06:66:1c:40:1e:51:1a:10:49:1b:a3:ba:54:09:
8f:96:b4:93
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjYw
MjM4MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMzQ0EyMjc2QThCMTcw
MEMxRTM0NkFDREExNDRCODRBMjIxNkE4NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3aHqORk1b/Na5IMDQ4oVeRxXNrPMPxKBs61mcOOxsHilz/jK1
SkFZIMN2g3y4dihZyT+hQNOCqyf/L7X3wbI92Noymw9e0YXdaJfcOOGpGSS0CoUx
+PK4T2kmGpN/j0c4e86rG2CEMhwAj2kS+OeLhu+bvf32EoNQvflESNTdLQypIsbL
+nuEDyhYr2+vh+LRFhk+E8exgEaAj8HuBapWlUY69iAZoRbdh7cIq8a3JnjnTTqA
1gGvge3yJH0CJTrB3/1qKW3TQETxZ8Lo4cPv1OUUwMgQLkm5v071xgVUh9wkp0oZ
Cwd5e1jCXLVXErM+kP9kBkx2ErKF8PYyLU0vAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUM8oidqixcAweNGrNoUS4SiIWqHkwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NOG9pZHFpeGNBd2VOR3JO
b1VTNFNpSVdxSGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKRHx49r9W3DMrxNslVuxkzK8q/Azy+EuBuE
vOaPh2zLovSTZoCGKMVh4D5ATTHMdz+HJI89R4zXqg0JEAklDBnNiRmvui2hngoL
olseRMFOR/iL5MSCc3MZkae0ssiez9MUiXEQbhSN3a31bfrqZ16GRymZfF9+7uRq
6b0oy4dj2A/HPTEBH50cHGjtkp0c/4JVIn08rDVC+G9qgHpfuODwStuvYZw0GC5Y
J2L/g7LKnWkBbWo7MQMZTjDibUrOOEXHW7tphYVbKIN+9ncJyOO/ZWA3HLGwaSp+
Xtv105jqJsPUC0OMAR9eAvHwaMIGZhxAHlEaEEkbo7pUCY+WtJM=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:13:53 2025 by rpki-client