Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RfW1lTLSsiXA78p7rmd0BS8nm-w.roa
File: RfW1lTLSsiXA78p7rmd0BS8nm-w.roa (raw, json)
Hash identifier: yzGOeNaNbuJnDJVXAzPE6Av0QoyAjUrvkxp3GnQJjHQ=
Subject key identifier: 45:F5:B5:95:32:D2:B2:25:C0:EF:CA:7B:AE:67:74:05:2F:27:9B:EC
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D01
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RfW1lTLSsiXA78p7rmd0BS8nm-w.roa
Signing time: Sat 24 May 2025 10:08:30 +0000
ROA not before: Sat 24 May 2025 10:08:30 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3329 (0xd01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 10:08:30 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=45F5B59532D2B225C0EFCA7BAE6774052F279BEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:71:8f:59:26:7d:97:e5:fb:47:ec:69:59:d0:
91:d4:31:e3:3f:06:9f:50:cf:29:11:86:2b:f6:8f:
19:51:88:2e:0e:4b:f9:f4:c4:ec:a2:05:7e:a4:70:
0f:fb:a0:78:c8:a6:71:7a:36:c5:bb:f5:ff:95:3f:
95:1a:8d:b4:f2:98:34:7c:c7:54:cc:73:19:fa:cd:
d2:14:28:11:24:95:de:90:80:85:47:bb:1d:66:ab:
c0:43:82:9e:8b:37:9b:4f:0b:64:ed:cd:40:24:85:
4d:07:96:bd:e3:4a:3e:e7:c5:b3:be:2f:be:74:64:
23:ba:e6:51:4f:47:ab:d2:a4:75:ff:98:78:9c:7c:
8e:a0:12:dd:63:c0:de:8a:83:82:4a:44:58:8f:a4:
3f:e9:18:60:91:f1:f2:ef:53:97:15:73:64:52:6c:
9e:4e:f6:94:44:f5:3a:3a:68:75:91:a0:35:a6:56:
a8:1e:b3:4f:cb:01:33:16:80:f8:db:a2:33:c9:b7:
8d:8d:83:9f:ee:1e:39:5e:00:38:58:19:4d:bc:aa:
9c:14:d8:33:09:6e:4a:ad:07:c1:c6:87:a3:9d:f7:
60:8c:e7:2f:0f:0e:b7:2c:79:f8:6e:8c:e7:0d:5e:
91:6c:fa:02:ac:8e:0b:1f:29:a0:f2:19:d5:36:ac:
9b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F5:B5:95:32:D2:B2:25:C0:EF:CA:7B:AE:67:74:05:2F:27:9B:EC
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RfW1lTLSsiXA78p7rmd0BS8nm-w.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:86:30:e0:93:0a:c1:1e:70:8b:39:76:54:ae:63:57:70:65:
64:99:4e:7d:e7:68:4f:f6:c8:8a:03:7c:50:8c:07:30:19:c6:
7f:53:49:60:70:7e:36:75:0d:5c:c3:12:40:5e:9f:ce:0d:cb:
7d:3f:36:ed:5d:ea:de:c8:ca:9d:c0:d7:fd:65:f9:3f:47:31:
1e:73:f2:1b:23:48:d6:71:25:09:d2:ed:31:ce:e8:fd:2b:be:
0e:bd:86:de:8b:66:0f:da:41:e5:cd:93:58:27:ae:8e:d6:81:
e4:4e:e3:bc:b2:c9:d2:c5:fa:14:d6:e1:fe:1f:b1:1c:7b:40:
fd:11:50:7f:fb:d8:21:8b:a9:cc:bf:ca:93:7d:8e:2c:10:27:
cb:16:4e:c3:0b:12:84:bb:1e:0a:21:5f:a8:ba:fd:4b:f7:d4:
db:5b:90:a2:11:95:27:01:be:6d:b6:0e:d3:b9:61:f9:e9:35:
88:ff:76:79:bf:d9:a5:2e:18:32:ab:eb:9c:40:ec:fd:46:46:
39:85:6a:19:68:a0:34:e1:17:2e:04:f1:4d:62:46:16:fb:11:
c7:da:20:43:ac:f5:89:0d:91:8a:46:bc:d7:1e:eb:20:26:8a:
e7:a5:76:32:c7:68:f4:44:da:c6:40:a5:1c:96:99:38:74:fd:
e2:60:46:f6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
MDA4MzBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ1RjVCNTk1MzJEMkIy
MjVDMEVGQ0E3QkFFNjc3NDA1MkYyNzlCRUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPcY9ZJn2X5ftH7GlZ0JHUMeM/Bp9QzykRhiv2jxlRiC4OS/n0
xOyiBX6kcA/7oHjIpnF6NsW79f+VP5UajbTymDR8x1TMcxn6zdIUKBEkld6QgIVH
ux1mq8BDgp6LN5tPC2TtzUAkhU0Hlr3jSj7nxbO+L750ZCO65lFPR6vSpHX/mHic
fI6gEt1jwN6Kg4JKRFiPpD/pGGCR8fLvU5cVc2RSbJ5O9pRE9To6aHWRoDWmVqge
s0/LATMWgPjbojPJt42Ng5/uHjleADhYGU28qpwU2DMJbkqtB8HGh6Od92CM5y8P
DrcsefhujOcNXpFs+gKsjgsfKaDyGdU2rJt5AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURfW1lTLSsiXA78p7rmd0BS8nm+wwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9SZlcxbFRMU3NpWEE3OHA3
cm1kMEJTOG5tLXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAHiGMOCTCsEecIs5dlSuY1dwZWSZTn3naE/2
yIoDfFCMBzAZxn9TSWBwfjZ1DVzDEkBen84Ny30/Nu1d6t7Iyp3A1/1l+T9HMR5z
8hsjSNZxJQnS7THO6P0rvg69ht6LZg/aQeXNk1gnro7WgeRO47yyydLF+hTW4f4f
sRx7QP0RUH/72CGLqcy/ypN9jiwQJ8sWTsMLEoS7HgohX6i6/Uv31NtbkKIRlScB
vm22DtO5YfnpNYj/dnm/2aUuGDKr65xA7P1GRjmFahlooDThFy4E8U1iRhb7Ecfa
IEOs9YkNkYpGvNce6yAmiueldjLHaPRE2sZApRyWmTh0/eJgRvY=
-----END CERTIFICATE-----
Generated at Wed Jun 4 03:07:56 2025 by rpki-client