Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/fIKJWpfXz1WzzsPOj4rc9eDkil0.roa
File: fIKJWpfXz1WzzsPOj4rc9eDkil0.roa (raw, json)
Hash identifier: f1GM/VRy11/vJXh3uHgTpbXcDI2HSqhgyVLfiY7R5Ug=
Subject key identifier: 7C:82:89:5A:97:D7:CF:55:B3:CE:C3:CE:8F:8A:DC:F5:E0:E4:8A:5D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0D0D
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fIKJWpfXz1WzzsPOj4rc9eDkil0.roa
Signing time: Sat 24 May 2025 11:38:34 +0000
ROA not before: Sat 24 May 2025 11:38:34 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3341 (0xd0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 11:38:34 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=7C82895A97D7CF55B3CEC3CE8F8ADCF5E0E48A5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c0:29:76:96:df:1a:a8:e7:20:a3:9a:db:49:
e5:0f:f0:79:cd:a6:11:35:ab:aa:f6:89:87:12:29:
2b:0c:e2:a2:92:73:16:a7:83:8e:4c:a3:c5:2a:94:
98:20:04:6d:7f:98:9e:7d:19:19:7a:d4:f3:ff:28:
98:62:bf:54:b0:cc:d4:a8:56:e9:6f:2c:00:f2:87:
d0:ed:3d:79:b3:d6:75:56:e1:31:ec:45:0f:5b:53:
3c:54:96:d7:e0:df:18:df:b4:e9:5f:aa:87:da:7f:
79:ac:b6:3b:1b:0f:52:ae:4a:e9:5f:03:f9:ad:18:
b1:72:ee:67:b8:2f:3e:40:d9:e3:7b:22:9c:41:41:
cf:32:70:53:f1:83:04:89:bf:ab:bb:bd:aa:5a:28:
bc:03:46:e8:05:15:4c:e8:38:c0:8d:db:48:eb:39:
6d:2e:26:8a:c2:1a:b7:c5:9e:1f:72:b8:14:66:b1:
5e:7e:d2:b7:16:5f:07:ff:8f:87:99:a5:38:0f:4d:
6c:9e:95:c8:2b:e7:6b:2c:06:c2:cd:f1:40:1d:56:
99:75:69:82:91:a8:12:33:fb:62:b4:f1:17:a5:99:
5e:42:0f:d7:ef:06:56:65:06:26:e9:f7:ff:0a:9b:
8c:7e:e2:45:8a:1a:84:f1:43:d9:b5:7c:14:cf:c3:
78:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:82:89:5A:97:D7:CF:55:B3:CE:C3:CE:8F:8A:DC:F5:E0:E4:8A:5D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/fIKJWpfXz1WzzsPOj4rc9eDkil0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:f4:64:e7:13:22:7d:2a:7f:29:d1:d9:59:1c:71:bd:d5:5b:
b8:c2:db:29:09:ef:30:0a:04:e6:82:9f:ef:e9:2b:97:7e:28:
bb:47:7c:9a:46:f2:7f:50:ca:b0:ef:71:d6:30:ae:23:bc:4c:
fa:9f:e5:5b:89:59:da:9e:58:61:d0:ac:f9:e6:4e:52:3d:fd:
9c:b9:2b:58:65:99:14:14:3b:22:f6:09:82:d6:12:4a:c8:29:
50:32:c9:c9:8e:e0:23:29:8a:0f:2c:37:d0:93:19:13:63:5e:
62:a6:c2:44:aa:d3:6c:29:4d:79:9a:b4:a8:bf:e0:80:51:c7:
7d:9d:45:6a:0d:5f:b6:a1:2b:bb:96:e3:75:04:6b:84:b7:03:
f1:be:55:5e:2a:70:73:6f:00:6c:8d:d7:9f:ca:82:de:4d:4f:
16:79:05:dd:1b:38:ab:a5:b7:52:4a:c1:d2:c7:ef:98:77:66:
0b:4c:da:55:1e:ce:56:6f:7b:13:2d:7a:cb:26:4c:de:23:d6:
24:e4:2e:98:4d:2c:3c:de:52:a5:57:f8:6f:54:b7:d9:af:a9:
8a:1d:4b:ed:49:c9:32:e6:41:d5:b4:76:0f:ed:48:ee:0b:71:
d6:ec:06:d3:5f:8f:e6:14:d4:fb:91:bc:a1:e1:a0:28:07:25:
44:07:17:66
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDQ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQx
MTM4MzRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDdDODI4OTVBOTdEN0NG
NTVCM0NFQzNDRThGOEFEQ0Y1RTBFNDhBNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLwCl2lt8aqOcgo5rbSeUP8HnNphE1q6r2iYcSKSsM4qKScxan
g45Mo8UqlJggBG1/mJ59GRl61PP/KJhiv1SwzNSoVulvLADyh9DtPXmz1nVW4THs
RQ9bUzxUltfg3xjftOlfqofaf3mstjsbD1KuSulfA/mtGLFy7me4Lz5A2eN7IpxB
Qc8ycFPxgwSJv6u7vapaKLwDRugFFUzoOMCN20jrOW0uJorCGrfFnh9yuBRmsV5+
0rcWXwf/j4eZpTgPTWyelcgr52ssBsLN8UAdVpl1aYKRqBIz+2K08RelmV5CD9fv
BlZlBibp9/8Km4x+4kWKGoTxQ9m1fBTPw3g1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUfIKJWpfXz1WzzsPOj4rc9eDkil0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9mSUtKV3BmWHoxV3p6c1BP
ajRyYzllRGtpbDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAL0ZOcTIn0qfynR2Vkccb3VW7jC2ykJ7zAK
BOaCn+/pK5d+KLtHfJpG8n9QyrDvcdYwriO8TPqf5VuJWdqeWGHQrPnmTlI9/Zy5
K1hlmRQUOyL2CYLWEkrIKVAyycmO4CMpig8sN9CTGRNjXmKmwkSq02wpTXmatKi/
4IBRx32dRWoNX7ahK7uW43UEa4S3A/G+VV4qcHNvAGyN15/Kgt5NTxZ5Bd0bOKul
t1JKwdLH75h3ZgtM2lUezlZvexMtessmTN4j1iTkLphNLDzeUqVX+G9Ut9mvqYod
S+1JyTLmQdW0dg/tSO4LcdbsBtNfj+YU1PuRvKHhoCgHJUQHF2Y=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:58:56 2025 by rpki-client