Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/bWSewHxr66h5aUSYowEVVclMfrI.roa
File: bWSewHxr66h5aUSYowEVVclMfrI.roa (raw, json)
Hash identifier: bGOU2N//qPkfj2EYMyu9YP5v4FLu4AX11NnIDIXlD1k=
Subject key identifier: 6D:64:9E:C0:7C:6B:EB:A8:79:69:44:98:A3:01:15:55:C9:4C:7E:B2
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 05BD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bWSewHxr66h5aUSYowEVVclMfrI.roa
Signing time: Wed 14 May 2025 17:38:00 +0000
ROA not before: Wed 14 May 2025 17:38:00 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1469 (0x5bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 14 17:38:00 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=6D649EC07C6BEBA879694498A3011555C94C7EB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:44:77:40:87:6b:7e:23:0f:fa:d2:a2:b9:
d0:e7:ff:9a:af:40:29:98:70:76:1e:37:e6:af:de:
01:0f:7e:4a:0e:68:37:00:56:92:92:8a:e8:07:bf:
93:88:08:e6:e6:b7:52:61:3d:8d:20:cd:51:07:33:
c3:da:cc:54:9f:b2:78:2e:85:18:63:a0:21:a9:88:
2d:5d:61:38:0e:9d:75:df:6e:da:64:2c:c1:59:3e:
35:15:45:98:5d:e4:97:2a:eb:3a:88:ab:80:a6:c3:
98:53:e8:ad:3b:1a:fc:59:72:ae:d0:a8:bd:2c:f2:
5b:f0:64:34:a6:3c:01:1e:e9:0c:d7:16:9b:4e:fe:
86:07:93:fe:c2:ef:74:27:34:4a:a8:fe:bd:2a:83:
92:78:57:b5:7f:c8:b5:0f:35:4b:9e:95:e1:65:88:
2b:7b:d0:e8:da:6b:fc:94:25:fa:c9:d5:42:54:d1:
29:85:ed:22:10:8b:14:3e:22:69:e3:89:07:39:00:
06:28:9d:f4:17:48:82:1c:e2:a6:53:b8:79:fc:5e:
c2:7f:9b:03:2e:a7:67:f4:54:9f:fa:bc:45:a5:4a:
05:d3:93:6e:02:89:ce:f1:53:ab:eb:77:a4:d1:66:
70:b3:49:dd:e0:d2:37:a1:50:22:56:c6:05:8d:10:
b6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:64:9E:C0:7C:6B:EB:A8:79:69:44:98:A3:01:15:55:C9:4C:7E:B2
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/bWSewHxr66h5aUSYowEVVclMfrI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:81:5d:92:19:ce:a8:61:e9:2e:94:45:b2:c6:7a:88:34:86:
f6:21:90:0e:f6:cd:49:0d:7e:3a:d8:9d:79:8a:a0:69:ef:f0:
2e:c0:e8:a6:d1:b1:b2:27:4e:38:19:cc:2c:46:06:15:e3:56:
fa:58:54:89:b1:a8:6e:24:19:de:cc:cc:2e:27:4b:b0:ee:d2:
46:da:65:96:5a:a3:7e:fc:93:78:99:8a:48:e4:6b:a1:c3:c6:
bd:65:30:9a:ee:ae:5c:36:65:8d:8d:1d:f0:71:af:2b:66:ab:
d1:7f:cc:37:5c:70:e9:f6:5b:a9:e9:c4:5f:0f:fa:45:46:4b:
09:0c:01:dd:e4:4d:38:b1:72:b8:6a:19:9c:1f:01:87:4d:8b:
7f:1d:28:29:a1:18:e3:f6:4f:21:2d:a5:93:9a:8b:d5:41:4e:
c7:22:51:2b:81:12:9c:d9:bb:2b:09:46:9a:f9:8c:6e:de:87:
04:d7:4b:d3:68:35:12:2d:d3:0f:b0:de:04:af:87:09:b7:3a:
3d:91:1d:a5:26:ef:49:31:b0:17:5b:0a:ea:3c:df:27:5c:54:
a2:8b:ca:8d:a9:d9:10:8a:ad:a9:bb:75:21:dd:e1:42:3f:52:
e6:86:75:52:0f:17:39:50:10:ee:70:aa:54:57:4c:7d:8a:7c:
f8:5a:1a:cc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTQx
NzM4MDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDZENjQ5RUMwN0M2QkVC
QTg3OTY5NDQ5OEEzMDExNTU1Qzk0QzdFQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEgkR3QIdrfiMP+tKiudDn/5qvQCmYcHYeN+av3gEPfkoOaDcA
VpKSiugHv5OICObmt1JhPY0gzVEHM8PazFSfsnguhRhjoCGpiC1dYTgOnXXfbtpk
LMFZPjUVRZhd5Jcq6zqIq4Cmw5hT6K07GvxZcq7QqL0s8lvwZDSmPAEe6QzXFptO
/oYHk/7C73QnNEqo/r0qg5J4V7V/yLUPNUueleFliCt70Ojaa/yUJfrJ1UJU0SmF
7SIQixQ+ImnjiQc5AAYonfQXSIIc4qZTuHn8XsJ/mwMup2f0VJ/6vEWlSgXTk24C
ic7xU6vrd6TRZnCzSd3g0jehUCJWxgWNELb7AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUbWSewHxr66h5aUSYowEVVclMfrIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9iV1Nld0h4cjY2aDVhVVNZ
b3dFVlZjbE1mckkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAKaBXZIZzqhh6S6URbLGeog0hvYhkA72zUkN
fjrYnXmKoGnv8C7A6KbRsbInTjgZzCxGBhXjVvpYVImxqG4kGd7MzC4nS7Du0kba
ZZZao378k3iZikjka6HDxr1lMJrurlw2ZY2NHfBxrytmq9F/zDdccOn2W6npxF8P
+kVGSwkMAd3kTTixcrhqGZwfAYdNi38dKCmhGOP2TyEtpZOai9VBTsciUSuBEpzZ
uysJRpr5jG7ehwTXS9NoNRIt0w+w3gSvhwm3Oj2RHaUm70kxsBdbCuo83ydcVKKL
yo2p2RCKram7dSHd4UI/UuaGdVIPFzlQEO5wqlRXTH2KfPhaGsw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:02:24 2025 by rpki-client