Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/jQ33AM0g7oXNFBqJtMkQx3SA_Ss.roa
File: jQ33AM0g7oXNFBqJtMkQx3SA_Ss.roa (raw, json)
Hash identifier: 9ZH6eBwqLPRb3GAwANRwKJzP21wETW6veseW9IXF3Ws=
Subject key identifier: 8D:0D:F7:00:CD:20:EE:85:CD:14:1A:89:B4:C9:10:C7:74:80:FD:2B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 09BD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jQ33AM0g7oXNFBqJtMkQx3SA_Ss.roa
Signing time: Tue 20 May 2025 01:38:17 +0000
ROA not before: Tue 20 May 2025 01:38:17 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2493 (0x9bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 20 01:38:17 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=8D0DF700CD20EE85CD141A89B4C910C77480FD2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9b:2d:17:cf:f4:c7:3d:b6:35:0c:b4:51:07:
12:65:3e:59:cc:76:79:b9:fd:ca:27:63:d4:29:0b:
aa:0f:00:05:ca:3d:1e:ce:fc:5d:91:d5:c2:30:93:
6b:6e:b2:86:38:88:94:f8:4d:ec:2d:be:7d:a6:a5:
7c:0b:9d:ce:d6:56:7a:0f:f2:b3:e3:41:04:d6:c1:
14:fa:92:95:46:b4:ea:c8:a2:35:d2:f4:05:fb:e3:
aa:50:05:55:d8:bb:9d:fa:73:f3:76:71:a4:23:81:
3a:43:71:f3:a2:b0:ae:ee:6c:86:b5:d8:8b:41:ee:
a4:86:d4:c7:34:90:83:cc:74:67:83:95:e0:e6:d6:
1b:0c:3c:a6:6a:78:ac:12:c2:24:dd:20:46:8d:2c:
71:22:d2:c3:2b:e8:eb:ae:29:26:43:a6:cc:c1:d8:
a9:18:6c:2b:07:24:9f:5d:25:a8:74:62:eb:84:3d:
59:6c:93:6f:4c:59:3b:f6:e2:72:dd:72:72:34:d8:
57:52:1f:68:ff:7b:23:af:35:f7:86:8e:e2:ee:a3:
e7:eb:8f:45:71:54:a6:e6:80:47:cc:c0:22:96:b2:
73:4b:a0:30:3e:3c:62:dc:de:10:bb:d7:24:d1:21:
58:d2:0a:82:39:41:40:bb:a2:98:01:20:bc:6c:bf:
e5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0D:F7:00:CD:20:EE:85:CD:14:1A:89:B4:C9:10:C7:74:80:FD:2B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/jQ33AM0g7oXNFBqJtMkQx3SA_Ss.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4e:4c:76:93:64:d8:21:c8:ce:68:76:fe:a5:bd:be:23:ba:d4:
34:e3:88:e8:14:8a:62:c4:50:03:a3:46:d8:54:ee:cb:af:be:
26:36:ac:4b:10:6e:5a:bc:16:d4:df:04:44:2a:62:8e:e6:cd:
94:af:3e:29:23:b6:50:91:40:de:59:c6:35:5d:23:d9:5f:8c:
da:e7:da:9e:e4:23:3f:20:c0:8c:2b:32:eb:e3:63:db:e8:97:
a3:99:25:f7:1b:ea:5a:0f:07:18:83:b2:b5:d4:51:fb:58:8c:
54:35:08:42:1c:13:84:20:32:08:41:2c:59:06:0d:2e:ca:10:
0c:d6:75:e3:39:ba:8a:a3:00:f8:a3:a2:bc:56:e2:92:42:30:
d7:1d:14:11:31:92:d0:df:c4:1f:c0:a2:e5:1c:c4:f5:f2:f9:
dd:ec:a5:2a:36:e9:25:19:9f:49:3b:06:18:c4:2f:9e:b2:c4:
1a:91:0f:b9:40:7b:f4:24:0c:d3:ab:b5:e4:85:ad:27:71:1d:
aa:eb:cd:aa:46:eb:59:53:bb:80:f0:79:70:53:8a:c3:7e:ce:
ec:0b:24:3a:3c:ad:af:c6:75:55:95:de:ff:c3:46:79:47:96:
a1:bb:7b:1f:d0:15:3a:2b:22:d3:14:d8:9e:7e:58:19:c8:9e:
56:ad:9c:91
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCb0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjAw
MTM4MTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDhEMERGNzAwQ0QyMEVF
ODVDRDE0MUE4OUI0QzkxMEM3NzQ4MEZEMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvmy0Xz/THPbY1DLRRBxJlPlnMdnm5/conY9QpC6oPAAXKPR7O
/F2R1cIwk2tusoY4iJT4Tewtvn2mpXwLnc7WVnoP8rPjQQTWwRT6kpVGtOrIojXS
9AX746pQBVXYu536c/N2caQjgTpDcfOisK7ubIa12ItB7qSG1Mc0kIPMdGeDleDm
1hsMPKZqeKwSwiTdIEaNLHEi0sMr6OuuKSZDpszB2KkYbCsHJJ9dJah0YuuEPVls
k29MWTv24nLdcnI02FdSH2j/eyOvNfeGjuLuo+frj0VxVKbmgEfMwCKWsnNLoDA+
PGLc3hC71yTRIVjSCoI5QUC7opgBILxsv+XTAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUjQ33AM0g7oXNFBqJtMkQx3SA/SswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9qUTMzQU0wZzdvWE5GQnFK
dE1rUXgzU0FfU3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAE5MdpNk2CHIzmh2/qW9viO61DTjiOgUimLE
UAOjRthU7suvviY2rEsQblq8FtTfBEQqYo7mzZSvPikjtlCRQN5ZxjVdI9lfjNrn
2p7kIz8gwIwrMuvjY9vol6OZJfcb6loPBxiDsrXUUftYjFQ1CEIcE4QgMghBLFkG
DS7KEAzWdeM5uoqjAPijorxW4pJCMNcdFBExktDfxB/AouUcxPXy+d3spSo26SUZ
n0k7BhjEL56yxBqRD7lAe/QkDNOrteSFrSdxHarrzapG61lTu4DweXBTisN+zuwL
JDo8ra/GdVWV3v/DRnlHlqG7ex/QFTorItMU2J5+WBnInlatnJE=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:06:19 2025 by rpki-client