Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/P5sTdNJfoslEOrZXkiwGBFV_hKw.roa
File: P5sTdNJfoslEOrZXkiwGBFV_hKw.roa (raw, json)
Hash identifier: bHYyTyaf+XC+OSi6OS+Wm51d+UKwVLw0QasaucYlhrI=
Subject key identifier: 3F:9B:13:74:D2:5F:A2:C9:44:3A:B6:57:92:2C:06:04:55:7F:84:AC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0AB1
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/P5sTdNJfoslEOrZXkiwGBFV_hKw.roa
Signing time: Wed 21 May 2025 08:08:17 +0000
ROA not before: Wed 21 May 2025 08:08:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2737 (0xab1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 08:08:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=3F9B1374D25FA2C9443AB657922C0604557F84AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:19:14:86:11:65:35:e5:f2:da:cf:76:7f:14:
f9:1b:17:43:83:f2:d1:58:0f:28:1c:d7:32:47:5e:
76:1b:50:d9:ce:d9:2f:50:2c:d4:c7:84:41:75:5f:
1d:e9:58:a1:6e:5c:1f:d9:5e:f2:c5:2d:fe:7c:e2:
a3:44:98:56:f8:51:fb:67:fe:2e:b2:59:74:47:a0:
bb:b4:3d:0a:19:09:c3:3f:54:09:e1:db:ee:d5:72:
f6:5b:08:ff:e0:00:e1:ee:67:9d:0f:30:49:50:fc:
58:6f:9c:a4:c7:1f:5a:91:2b:66:48:ee:03:7d:7d:
2b:05:b8:3f:93:b6:64:8e:52:dc:2d:9e:ba:ae:47:
9f:15:83:79:c3:fb:1f:6d:27:55:09:4f:72:e2:7c:
f3:84:81:e0:95:84:b3:2e:03:5e:95:97:45:e0:fe:
10:77:b1:93:62:af:a2:f3:cf:22:8a:22:f0:95:88:
2e:7f:8c:04:90:7f:e3:ba:7e:0c:f3:de:17:92:17:
0a:ff:3d:c5:46:37:1b:ff:19:cb:e7:33:5e:b4:b2:
18:49:31:f1:46:d9:db:0c:88:9c:e0:77:98:ce:ae:
c0:6e:c7:3d:d2:70:dd:aa:3f:10:35:34:30:9d:07:
81:0a:59:f8:d1:ba:25:d2:86:49:d4:1c:1f:17:dd:
07:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:9B:13:74:D2:5F:A2:C9:44:3A:B6:57:92:2C:06:04:55:7F:84:AC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/P5sTdNJfoslEOrZXkiwGBFV_hKw.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
94:5a:70:f9:ba:d5:6a:4b:6b:41:2c:e6:6c:c8:36:dc:f7:aa:
5f:de:fe:d7:f0:12:15:f8:de:d4:8c:78:fb:43:87:a5:a6:d7:
3e:5c:d8:db:c5:e7:c6:e8:30:33:16:21:0c:ed:41:3c:7a:5e:
a3:90:a8:24:07:79:68:c0:55:86:53:26:7f:30:45:48:0a:f5:
27:15:82:36:c3:4a:26:1f:2e:c8:ab:4c:a7:a4:f3:ea:05:3c:
09:06:2b:30:7a:43:39:e3:dd:bb:90:cb:fd:8d:36:35:44:29:
d8:e6:41:08:5c:4f:db:75:08:f5:03:01:59:9f:be:db:41:db:
c9:d2:e6:6d:47:2f:e9:61:c3:51:1e:3a:4b:19:68:6f:7f:c8:
37:f6:61:b2:eb:df:29:81:8b:41:a0:56:88:80:16:2b:1b:30:
d2:25:79:56:5b:dd:2a:4b:95:6e:44:41:ef:a0:ca:12:55:0f:
fa:94:0a:90:a0:46:e7:73:0c:af:32:62:a1:17:5f:5b:a6:8c:
20:bf:a3:aa:54:91:5e:1d:dc:f1:3b:2d:d0:d6:d6:e1:5d:01:
1a:f5:fa:bd:84:4e:09:80:dc:59:f6:bf:3e:5a:dc:cb:fd:45:
f9:ef:7c:35:ee:f3:b0:b6:dc:b5:33:a5:0b:7e:90:c5:c8:05:
2d:c3:74:8a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEw
ODA4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDNGOUIxMzc0RDI1RkEy
Qzk0NDNBQjY1NzkyMkMwNjA0NTU3Rjg0QUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrGRSGEWU15fLaz3Z/FPkbF0OD8tFYDygc1zJHXnYbUNnO2S9Q
LNTHhEF1Xx3pWKFuXB/ZXvLFLf584qNEmFb4Uftn/i6yWXRHoLu0PQoZCcM/VAnh
2+7VcvZbCP/gAOHuZ50PMElQ/FhvnKTHH1qRK2ZI7gN9fSsFuD+TtmSOUtwtnrqu
R58Vg3nD+x9tJ1UJT3LifPOEgeCVhLMuA16Vl0Xg/hB3sZNir6LzzyKKIvCViC5/
jASQf+O6fgzz3heSFwr/PcVGNxv/GcvnM160shhJMfFG2dsMiJzgd5jOrsBuxz3S
cN2qPxA1NDCdB4EKWfjRuiXShknUHB8X3Qd9AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUP5sTdNJfoslEOrZXkiwGBFV/hKwwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9QNXNUZE5KZm9zbEVPclpY
a2l3R0JGVl9oS3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJRacPm61WpLa0Es5mzINtz3ql/e/tfwEhX4
3tSMePtDh6Wm1z5c2NvF58boMDMWIQztQTx6XqOQqCQHeWjAVYZTJn8wRUgK9ScV
gjbDSiYfLsirTKek8+oFPAkGKzB6Qznj3buQy/2NNjVEKdjmQQhcT9t1CPUDAVmf
vttB28nS5m1HL+lhw1EeOksZaG9/yDf2YbLr3ymBi0GgVoiAFisbMNIleVZb3SpL
lW5EQe+gyhJVD/qUCpCgRudzDK8yYqEXX1umjCC/o6pUkV4d3PE7LdDW1uFdARr1
+r2ETgmA3Fn2vz5a3Mv9RfnvfDXu87C23LUzpQt+kMXIBS3DdIo=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:17:37 2025 by rpki-client