Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/RoUHGL0TGNbc0NZnWtoENQ-R70Q.roa
File: RoUHGL0TGNbc0NZnWtoENQ-R70Q.roa (raw, json)
Hash identifier: TADCMAHGnRxSdBALM/3DQhrQKroEsmQID6FbL21svm8=
Subject key identifier: 46:85:07:18:BD:13:18:D6:DC:D0:D6:67:5A:DA:04:35:0F:91:EF:44
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C5D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RoUHGL0TGNbc0NZnWtoENQ-R70Q.roa
Signing time: Fri 23 May 2025 13:39:09 +0000
ROA not before: Fri 23 May 2025 13:39:09 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3165 (0xc5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 13:39:09 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=46850718BD1318D6DCD0D6675ADA04350F91EF44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:74:d7:fd:db:11:f4:66:c2:0c:b5:2b:6b:95:
7e:87:39:83:61:37:4d:83:08:98:12:95:ea:74:b6:
2c:83:89:d9:3e:78:1c:68:58:32:c4:9e:18:47:17:
02:85:b1:c5:76:a7:aa:77:ef:86:50:53:b2:d0:c3:
b3:bd:80:85:d6:6f:4f:b3:cc:f3:ec:6f:86:bb:e7:
13:51:9f:0d:b0:84:0a:4e:f6:bf:07:31:9d:94:2e:
b3:92:44:29:3b:0b:30:a8:54:81:dc:1a:7b:5e:c2:
d5:2f:fa:9f:d2:5f:ab:74:36:0d:23:b8:80:0b:00:
9c:32:cf:87:ef:57:c7:d4:80:b2:75:bd:16:f9:33:
0f:66:cd:a1:9f:4d:13:9d:2b:1b:83:7a:c4:36:16:
05:35:4e:4b:9a:21:42:f8:95:22:e9:14:dd:54:4d:
22:44:a8:7e:b4:76:3f:a6:31:63:8b:00:7f:04:8b:
50:4b:d2:79:32:a1:46:27:96:ee:8a:c1:c5:bc:32:
51:c5:94:a8:5e:d2:dc:48:15:ea:51:af:d6:3d:2a:
22:f9:e6:b9:09:93:ce:c9:b9:ac:7d:e3:e6:a1:a7:
38:ff:37:95:6a:5a:6c:a2:8d:79:db:cf:e4:92:36:
3e:02:37:54:0b:46:db:dd:f9:4a:5a:ff:0e:6d:c0:
b8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:85:07:18:BD:13:18:D6:DC:D0:D6:67:5A:DA:04:35:0F:91:EF:44
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/RoUHGL0TGNbc0NZnWtoENQ-R70Q.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:d7:ee:62:d1:c7:90:d5:54:cf:1a:6b:36:e5:7a:d7:0b:26:
20:57:11:3f:65:c9:9c:18:bc:8a:ab:d9:b6:e6:db:fe:55:cf:
be:f4:be:c3:ad:fd:86:e2:c9:19:1d:cf:c1:3f:88:ab:31:82:
e1:1d:10:eb:83:d9:e2:3a:2b:84:a0:0c:98:c6:42:dc:20:58:
cb:47:83:cb:5c:b5:38:19:1c:f7:55:b4:e7:3a:f7:44:77:4e:
98:36:04:6d:eb:a3:50:9a:a4:5f:61:64:95:0c:17:54:39:98:
34:6e:6b:d7:bc:4e:62:cf:e3:03:03:6e:e1:25:0f:b5:e1:99:
e0:81:07:96:6f:39:e0:2a:ae:c4:79:db:a9:f2:66:90:33:35:
81:86:ed:5c:5e:f7:da:53:30:26:3a:f0:15:cb:1b:8f:bd:18:
92:67:27:f2:47:1c:4f:b3:73:e9:2a:69:38:66:b5:7f:34:fd:
d8:a7:55:ea:d1:f9:6e:91:ec:00:14:f8:28:13:e9:a6:f6:c5:
6c:89:75:4d:9e:06:8b:e6:46:09:8a:94:98:66:18:19:91:bc:
eb:5d:41:81:82:95:e6:91:d4:9d:c4:23:ee:e4:e7:d1:0b:70:
00:d9:9e:84:c1:b0:8f:c3:e6:c3:9a:0d:17:f3:96:7a:13:f2:
f4:a6:1f:cd
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDF0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMx
MzM5MDlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDQ2ODUwNzE4QkQxMzE4
RDZEQ0QwRDY2NzVBREEwNDM1MEY5MUVGNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNdNf92xH0ZsIMtStrlX6HOYNhN02DCJgSlep0tiyDidk+eBxo
WDLEnhhHFwKFscV2p6p374ZQU7LQw7O9gIXWb0+zzPPsb4a75xNRnw2whApO9r8H
MZ2ULrOSRCk7CzCoVIHcGntewtUv+p/SX6t0Ng0juIALAJwyz4fvV8fUgLJ1vRb5
Mw9mzaGfTROdKxuDesQ2FgU1TkuaIUL4lSLpFN1UTSJEqH60dj+mMWOLAH8Ei1BL
0nkyoUYnlu6KwcW8MlHFlKhe0txIFepRr9Y9KiL55rkJk87Juax94+ahpzj/N5Vq
WmyijXnbz+SSNj4CN1QLRtvd+Upa/w5twLgdAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQURoUHGL0TGNbc0NZnWtoENQ+R70QwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9Sb1VIR0wwVEdOYmMwTlpu
V3RvRU5RLVI3MFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAGbX7mLRx5DVVM8aazbletcLJiBXET9lyZwY
vIqr2bbm2/5Vz770vsOt/YbiyRkdz8E/iKsxguEdEOuD2eI6K4SgDJjGQtwgWMtH
g8tctTgZHPdVtOc690R3Tpg2BG3ro1CapF9hZJUMF1Q5mDRua9e8TmLP4wMDbuEl
D7XhmeCBB5ZvOeAqrsR526nyZpAzNYGG7Vxe99pTMCY68BXLG4+9GJJnJ/JHHE+z
c+kqaThmtX80/dinVerR+W6R7AAU+CgT6ab2xWyJdU2eBovmRgmKlJhmGBmRvOtd
QYGCleaR1J3EI+7k59ELcADZnoTBsI/D5sOaDRfzlnoT8vSmH80=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:38:09 2025 by rpki-client