Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/hlmbsqQ5JMAhpSHmup1du_o6OFM.roa
File: hlmbsqQ5JMAhpSHmup1du_o6OFM.roa (raw, json)
Hash identifier: 1Hkho3Sp4WmFnMcIJepvtPShFg64mvBVilfEV1ptj8E=
Subject key identifier: 86:59:9B:B2:A4:39:24:C0:21:A5:21:E6:BA:9D:5D:BB:FA:3A:38:53
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0AF5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hlmbsqQ5JMAhpSHmup1du_o6OFM.roa
Signing time: Wed 21 May 2025 16:38:30 +0000
ROA not before: Wed 21 May 2025 16:38:30 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2805 (0xaf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 21 16:38:30 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=86599BB2A43924C021A521E6BA9D5DBBFA3A3853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:97:7d:c7:05:1d:c5:98:72:50:73:19:cd:09:
4c:ec:bf:3e:cd:f8:a3:9d:42:c4:1a:84:ec:4b:ba:
74:25:d7:4d:b1:cf:48:2a:f9:cf:f1:7b:ff:a8:1c:
87:09:c2:4a:f1:85:8f:7f:d6:d9:e7:3f:03:da:aa:
a6:f6:b1:ea:f2:79:97:6c:00:81:7f:6d:39:72:42:
bb:99:e0:86:34:4f:a4:8f:e3:fc:78:43:38:45:e7:
57:12:fb:69:15:d9:32:2a:71:13:53:6a:c4:14:27:
2f:a6:2b:db:a1:cc:56:7b:a0:81:79:44:1e:a8:76:
0c:a1:43:5e:b3:d4:84:06:6d:a1:85:e9:60:66:b6:
a2:eb:08:7c:78:85:2f:d0:af:88:5c:6e:89:dd:0d:
43:c9:64:d8:15:56:27:8d:d2:81:3a:19:ed:80:47:
5e:f5:fd:61:f8:46:19:e8:c9:09:53:13:90:2d:7a:
45:76:36:8a:f9:b6:78:af:af:87:ba:53:42:e9:c0:
1c:ee:cb:8f:1c:ea:18:1a:12:52:72:27:c8:2d:25:
fb:7a:6c:08:5a:f2:42:1c:40:f0:7a:81:6f:b9:f9:
b0:5b:49:3c:35:d8:6e:57:d2:5b:35:9d:8e:f3:cf:
f7:d8:07:bb:d4:47:82:42:8a:55:4e:19:05:29:25:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:9B:B2:A4:39:24:C0:21:A5:21:E6:BA:9D:5D:BB:FA:3A:38:53
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/hlmbsqQ5JMAhpSHmup1du_o6OFM.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:be:9f:c1:d0:e4:a2:41:c8:22:38:d3:60:e5:4c:9f:fc:81:
2f:91:8f:65:a4:85:3b:07:bc:2d:bc:fb:43:d0:b7:75:06:cf:
49:58:d4:b5:94:a5:60:95:dc:ab:23:a2:71:cf:45:21:98:9d:
63:22:f1:92:e1:36:ec:a5:8b:6d:f7:77:f8:a3:b4:e8:66:f1:
5e:d4:5f:23:cd:16:61:1d:88:1c:9e:fa:5f:3e:70:67:be:d5:
ca:d4:88:08:92:e8:ab:1b:ff:f5:fe:a5:02:2d:2f:e0:58:b8:
15:5c:99:86:b2:72:78:4d:2a:02:df:25:85:63:f5:c4:a7:bf:
56:05:c8:aa:de:9c:8c:6b:6a:90:f7:e4:5e:50:b1:53:b5:24:
11:3e:8f:b3:38:53:bb:b4:af:7f:11:22:67:ff:0d:35:94:c9:
20:c1:d2:97:18:10:b8:25:f4:86:51:5e:93:87:80:55:e2:45:
10:e3:2e:17:e2:e5:ed:2e:56:71:64:27:14:fa:07:7b:99:26:
14:7b:c1:d0:59:d8:76:1a:e8:80:ab:7c:93:50:a2:63:14:f1:
ea:09:8e:7b:43:a5:87:22:2f:d1:51:9f:a3:38:98:d1:2e:5a:
47:7d:8c:14:39:b9:ba:6a:31:87:0f:46:e8:6d:07:48:de:96:
4c:5c:d3:fa
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCvUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjEx
NjM4MzBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDg2NTk5QkIyQTQzOTI0
QzAyMUE1MjFFNkJBOUQ1REJCRkEzQTM4NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDql33HBR3FmHJQcxnNCUzsvz7N+KOdQsQahOxLunQl102xz0gq
+c/xe/+oHIcJwkrxhY9/1tnnPwPaqqb2seryeZdsAIF/bTlyQruZ4IY0T6SP4/x4
QzhF51cS+2kV2TIqcRNTasQUJy+mK9uhzFZ7oIF5RB6odgyhQ16z1IQGbaGF6WBm
tqLrCHx4hS/Qr4hcbondDUPJZNgVVieN0oE6Ge2AR171/WH4RhnoyQlTE5AtekV2
Nor5tnivr4e6U0LpwBzuy48c6hgaElJyJ8gtJft6bAha8kIcQPB6gW+5+bBbSTw1
2G5X0ls1nY7zz/fYB7vUR4JCilVOGQUpJd+PAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhlmbsqQ5JMAhpSHmup1du/o6OFMwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9obG1ic3FRNUpNQWhwU0ht
dXAxZHVfbzZPRk0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACW+n8HQ5KJByCI402DlTJ/8gS+Rj2WkhTsH
vC28+0PQt3UGz0lY1LWUpWCV3KsjonHPRSGYnWMi8ZLhNuyli233d/ijtOhm8V7U
XyPNFmEdiBye+l8+cGe+1crUiAiS6Ksb//X+pQItL+BYuBVcmYaycnhNKgLfJYVj
9cSnv1YFyKrenIxrapD35F5QsVO1JBE+j7M4U7u0r38RImf/DTWUySDB0pcYELgl
9IZRXpOHgFXiRRDjLhfi5e0uVnFkJxT6B3uZJhR7wdBZ2HYa6ICrfJNQomMU8eoJ
jntDpYciL9FRn6M4mNEuWkd9jBQ5ubpqMYcPRuhtB0jelkxc0/o=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:57:43 2025 by rpki-client