Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/MutKJME-BXZZyRulNLe5KHQJUBQ.roa
File: MutKJME-BXZZyRulNLe5KHQJUBQ.roa (raw, json)
Hash identifier: 2Da//QUt/tqihqBfAMTyDti5xqhprL6KbmfWS+xBrPA=
Subject key identifier: 32:EB:4A:24:C1:3E:05:76:59:C9:1B:A5:34:B7:B9:28:74:09:50:14
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0851
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MutKJME-BXZZyRulNLe5KHQJUBQ.roa
Signing time: Sun 18 May 2025 04:08:07 +0000
ROA not before: Sun 18 May 2025 04:08:07 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2129 (0x851)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 18 04:08:07 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=32EB4A24C13E057659C91BA534B7B92874095014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5f:db:22:d9:ff:5d:b0:c0:7e:b6:70:31:f0:
6e:68:54:f8:e7:53:aa:73:d0:26:95:1c:0f:39:31:
2f:20:f7:0f:66:4d:12:f8:5d:72:55:05:9b:b0:d1:
5b:8d:cf:8a:b7:83:75:84:52:17:4a:63:7c:68:76:
70:f5:ba:21:80:0d:43:f2:9b:4a:e6:40:4e:18:c3:
21:6d:4e:a5:4c:dd:a8:85:dd:1a:d2:a8:cf:d4:33:
8b:60:a8:e4:b2:16:e5:c6:ce:b8:79:42:dc:75:50:
1c:05:5f:94:e9:0d:ab:73:e7:a7:42:cc:6e:be:7d:
e4:a9:b3:f2:27:17:be:93:c3:cd:d7:33:da:52:74:
14:1b:8c:57:43:3e:35:17:2c:cc:c9:68:00:f6:06:
b7:eb:52:0d:db:ce:e6:70:32:6e:f8:26:8c:7e:27:
48:9b:85:eb:25:45:5b:a4:dc:78:9a:e3:e9:35:9e:
5a:03:f8:3d:65:29:47:e4:16:98:9c:a5:9c:05:00:
40:75:88:4e:31:1f:b9:17:0f:99:95:1d:4d:26:7f:
2b:34:9c:a8:ea:0d:d5:95:9e:22:1b:d7:a0:51:79:
62:06:e8:c2:97:cc:de:b2:8f:92:88:c2:c6:06:e7:
8e:b9:0d:34:fb:a9:49:43:05:fa:2f:fd:b5:b1:3e:
2d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EB:4A:24:C1:3E:05:76:59:C9:1B:A5:34:B7:B9:28:74:09:50:14
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/MutKJME-BXZZyRulNLe5KHQJUBQ.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
50:c9:6c:59:70:b9:5e:3e:d4:9d:0b:78:af:5b:54:85:87:fa:
37:56:b4:46:63:24:d3:9b:95:65:76:7c:ec:57:de:65:7e:14:
5b:ea:86:98:e4:76:ca:2f:ee:e5:fb:6c:e1:e4:68:56:1d:24:
be:36:a6:47:85:e2:82:af:40:b4:4e:e5:15:1f:4e:8c:b8:37:
5e:3a:cf:8f:08:43:ff:01:09:02:0e:0f:14:78:c5:2c:eb:4f:
dc:73:5d:b0:79:9c:18:a1:70:99:f7:43:d5:90:1a:05:8f:e7:
21:ec:7f:fe:98:0d:d8:cd:3d:12:05:b2:5e:52:92:2d:cd:7a:
95:eb:7b:45:63:47:40:ca:2d:52:25:c6:1a:ef:ab:49:2d:09:
7c:5b:a8:a9:14:95:1e:86:f1:2c:77:cc:52:65:68:7f:46:df:
f0:61:f9:aa:60:2d:cf:2a:45:1d:c9:26:7a:e2:95:95:f1:9f:
6b:09:af:a3:55:37:19:df:7f:c5:d1:5b:80:57:47:48:41:c8:
d4:3f:5f:88:62:72:16:06:6c:cd:a0:78:9b:53:ed:8b:94:61:
8f:c9:92:5f:60:11:c1:37:41:7b:84:99:cd:2e:bf:5b:5d:17:
9b:3a:6a:1e:be:5a:00:f8:7a:dc:c8:1d:21:86:e0:03:87:69:
3d:54:45:d5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCFEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTgw
NDA4MDdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDMyRUI0QTI0QzEzRTA1
NzY1OUM5MUJBNTM0QjdCOTI4NzQwOTUwMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaX9si2f9dsMB+tnAx8G5oVPjnU6pz0CaVHA85MS8g9w9mTRL4
XXJVBZuw0VuNz4q3g3WEUhdKY3xodnD1uiGADUPym0rmQE4YwyFtTqVM3aiF3RrS
qM/UM4tgqOSyFuXGzrh5Qtx1UBwFX5TpDatz56dCzG6+feSps/InF76Tw83XM9pS
dBQbjFdDPjUXLMzJaAD2BrfrUg3bzuZwMm74Jox+J0ibheslRVuk3Hia4+k1nloD
+D1lKUfkFpicpZwFAEB1iE4xH7kXD5mVHU0mfys0nKjqDdWVniIb16BReWIG6MKX
zN6yj5KIwsYG5465DTT7qUlDBfov/bWxPi2VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUMutKJME+BXZZyRulNLe5KHQJUBQwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9NdXRLSk1FLUJYWlp5UnVs
TkxlNUtIUUpVQlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFDJbFlwuV4+1J0LeK9bVIWH+jdWtEZjJNOb
lWV2fOxX3mV+FFvqhpjkdsov7uX7bOHkaFYdJL42pkeF4oKvQLRO5RUfToy4N146
z48IQ/8BCQIODxR4xSzrT9xzXbB5nBihcJn3Q9WQGgWP5yHsf/6YDdjNPRIFsl5S
ki3NepXre0VjR0DKLVIlxhrvq0ktCXxbqKkUlR6G8Sx3zFJlaH9G3/Bh+apgLc8q
RR3JJnrilZXxn2sJr6NVNxnff8XRW4BXR0hByNQ/X4hichYGbM2geJtT7YuUYY/J
kl9gEcE3QXuEmc0uv1tdF5s6ah6+WgD4etzIHSGG4AOHaT1URdU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:28:27 2025 by rpki-client