Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/izyCSbVkIcfIxG_7fR5tiN1RiHY.roa
File: izyCSbVkIcfIxG_7fR5tiN1RiHY.roa (raw, json)
Hash identifier: YSUlGoYwo/Btc4aerEHFSpdhjM1b+MTUW5pxI7+//eg=
Subject key identifier: 8B:3C:82:49:B5:64:21:C7:C8:C4:6F:FB:7D:1E:6D:88:DD:51:88:76
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0401
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/izyCSbVkIcfIxG_7fR5tiN1RiHY.roa
Signing time: Mon 12 May 2025 10:08:35 +0000
ROA not before: Mon 12 May 2025 10:08:35 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1025 (0x401)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 12 10:08:35 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8B3C8249B56421C7C8C46FFB7D1E6D88DD518876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:b4:9a:26:a5:1b:05:4b:9d:f7:5f:16:e6:
20:3d:6a:b9:c0:14:68:c7:b6:40:20:d9:1d:11:88:
6b:7a:3e:12:3d:58:d3:e5:18:86:60:d4:b1:55:4d:
2e:02:33:26:b4:24:33:06:08:63:76:ad:6d:bc:99:
b1:d5:f2:3c:27:e6:83:4e:b3:8c:56:74:f7:0b:03:
bb:03:af:38:67:47:f9:a1:d2:f9:4c:ae:19:c3:f5:
6d:18:10:1b:95:01:31:80:4b:60:4d:35:02:76:6d:
92:84:d7:5a:1d:be:30:ae:5f:48:69:3c:8e:fd:cf:
7d:70:81:57:10:b4:fb:6c:b6:01:30:cf:8f:54:7f:
8a:2f:b8:4b:ec:80:42:79:b7:46:4c:e8:82:c4:f7:
bf:ac:42:df:07:a8:4a:75:b4:97:03:c7:43:10:39:
7b:9f:ba:98:bd:71:c8:40:f3:37:bd:4f:fc:62:57:
c2:fa:89:96:11:ae:aa:f9:69:ce:10:2b:6b:12:19:
c0:c2:00:42:42:f9:9f:b5:94:c0:61:01:4e:e2:04:
3c:2d:2d:e8:5e:15:e4:3e:4a:33:1f:48:ef:e3:1c:
10:db:52:7a:7b:6f:78:81:49:61:a5:f6:99:3d:84:
39:b5:ab:65:37:b0:05:a6:51:af:19:37:3e:79:35:
bb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3C:82:49:B5:64:21:C7:C8:C4:6F:FB:7D:1E:6D:88:DD:51:88:76
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/izyCSbVkIcfIxG_7fR5tiN1RiHY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:42:85:27:11:9f:f8:60:9e:b5:70:ab:68:63:88:9f:85:d2:
b2:cd:12:82:e7:fa:4d:b7:76:23:0b:e5:3a:33:f3:32:97:60:
c4:25:1b:fe:f8:79:18:8c:78:3c:18:5d:b5:98:bf:ee:27:a9:
a5:cd:59:c1:00:fb:1a:5e:c6:93:c3:75:7b:3f:86:af:74:89:
1a:3e:8f:30:66:4e:33:75:3d:3c:a6:77:27:ef:1a:d0:bd:72:
04:74:70:d9:d7:44:13:19:49:2d:cd:29:02:57:f5:cf:90:ea:
e0:26:82:f1:c9:9d:61:94:0a:83:28:c9:98:06:74:02:eb:ef:
ff:dd:d9:3c:26:20:b4:e2:cc:a9:28:68:ba:aa:5b:d5:d1:7b:
02:42:69:19:c0:28:5a:b5:6a:a4:03:0a:e3:4a:7f:58:c7:3e:
ad:44:ef:ce:51:ed:5c:62:7a:09:a9:28:fa:18:a5:d9:5d:0a:
7e:bd:0f:b1:41:8a:b9:61:69:b2:f1:7d:6c:ac:cb:3a:8d:57:
cf:9e:5e:e7:43:78:8b:94:36:9e:e8:6a:09:64:e3:e0:39:68:
d4:68:06:3e:53:e5:e9:c4:b9:e6:fe:57:8c:ed:3a:1f:3e:c1:
f3:89:0f:64:2f:94:c9:2f:6c:3e:5e:77:94:05:43:b7:3c:cf:
61:96:b3:ec
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBAEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTIx
MDA4MzVaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhCM0M4MjQ5QjU2NDIx
QzdDOEM0NkZGQjdEMUU2RDg4REQ1MTg4NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl3bSaJqUbBUud918W5iA9arnAFGjHtkAg2R0RiGt6PhI9WNPl
GIZg1LFVTS4CMya0JDMGCGN2rW28mbHV8jwn5oNOs4xWdPcLA7sDrzhnR/mh0vlM
rhnD9W0YEBuVATGAS2BNNQJ2bZKE11odvjCuX0hpPI79z31wgVcQtPtstgEwz49U
f4ovuEvsgEJ5t0ZM6ILE97+sQt8HqEp1tJcDx0MQOXufupi9cchA8ze9T/xiV8L6
iZYRrqr5ac4QK2sSGcDCAEJC+Z+1lMBhAU7iBDwtLeheFeQ+SjMfSO/jHBDbUnp7
b3iBSWGl9pk9hDm1q2U3sAWmUa8ZNz55NbulAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUizyCSbVkIcfIxG/7fR5tiN1RiHYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9penlDU2JWa0ljZkl4R183
ZlI1dGlOMVJpSFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAFhChScRn/hgnrVwq2hjiJ+F0rLNEoLn+k23
diML5Toz8zKXYMQlG/74eRiMeDwYXbWYv+4nqaXNWcEA+xpexpPDdXs/hq90iRo+
jzBmTjN1PTymdyfvGtC9cgR0cNnXRBMZSS3NKQJX9c+Q6uAmgvHJnWGUCoMoyZgG
dALr7//d2TwmILTizKkoaLqqW9XRewJCaRnAKFq1aqQDCuNKf1jHPq1E785R7Vxi
egmpKPoYpdldCn69D7FBirlhabLxfWysyzqNV8+eXudDeIuUNp7oaglk4+A5aNRo
Bj5T5enEueb+V4ztOh8+wfOJD2QvlMkvbD5ed5QFQ7c8z2GWs+w=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:52:13 2025 by rpki-client