Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/lYMhtHSikAp6BDp5wtPJtx2SLTs.roa
File: lYMhtHSikAp6BDp5wtPJtx2SLTs.roa (raw, json)
Hash identifier: oeY+m+LCXCE4yCHcxMvOoMAMV+nMVhvJtw2RIQHfv0A=
Subject key identifier: 95:83:21:B4:74:A2:90:0A:7A:04:3A:79:C2:D3:C9:B7:1D:92:2D:3B
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1F71
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lYMhtHSikAp6BDp5wtPJtx2SLTs.roa
Signing time: Wed 18 Jun 2025 00:10:04 +0000
ROA not before: Wed 18 Jun 2025 00:10:04 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8049 (0x1f71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 18 00:10:04 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=958321B474A2900A7A043A79C2D3C9B71D922D3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4f:66:1c:d2:57:18:27:a3:58:bb:6b:53:9b:
45:d0:32:55:17:10:bc:21:1d:02:bd:1e:c3:91:53:
06:5a:65:d4:51:f8:68:75:e3:72:b2:4e:34:30:eb:
bf:0c:45:be:5e:f1:ee:70:92:a8:84:15:11:fe:d5:
a6:8e:15:80:05:ca:97:a1:46:f3:b3:cc:e2:8e:6d:
e6:bc:75:be:85:01:0f:2a:63:68:cf:eb:55:d0:d4:
e5:85:45:b4:44:d1:82:86:87:ad:dd:b6:64:76:4a:
a8:00:1a:bc:65:a3:ad:e1:e6:c7:c7:bd:4a:10:e6:
90:cf:8c:8f:b5:e5:b5:87:f5:d8:a1:4d:a0:88:d8:
83:a1:cd:10:85:44:9a:6d:be:70:a0:36:38:a5:a2:
99:58:63:3c:ef:f5:aa:87:60:0a:ff:f3:8b:b1:e3:
65:51:42:e5:40:8a:f4:28:5c:f6:dc:3e:bb:cd:bf:
d8:d9:51:ae:23:7a:5f:0e:0b:3c:51:a2:5c:51:d1:
ce:69:e6:73:15:7f:f2:af:dd:d0:13:70:56:ac:c1:
4c:ff:f3:65:2e:6a:a8:40:7b:7e:e0:f8:90:87:15:
02:07:b8:fb:45:73:0e:9c:fa:94:c1:d3:5a:11:b7:
a5:0b:db:ed:3a:7a:5a:92:c7:9c:cb:a3:73:3f:ae:
5f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:83:21:B4:74:A2:90:0A:7A:04:3A:79:C2:D3:C9:B7:1D:92:2D:3B
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/lYMhtHSikAp6BDp5wtPJtx2SLTs.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
49:eb:55:3d:05:52:0c:04:51:10:83:cf:5d:dc:45:ce:61:a6:
cd:6a:7b:6a:5a:21:ab:b0:0c:85:df:b7:6e:4b:0a:dc:40:ae:
db:c6:fd:e7:aa:0a:ad:15:5c:9a:90:42:32:24:61:aa:6d:f1:
d5:96:20:c3:60:c3:ab:c9:a8:df:81:43:c3:20:38:7a:c6:1d:
84:8c:df:4a:d1:ea:6c:c3:7b:c7:03:6b:98:54:f4:80:c1:9d:
7c:d5:2f:39:21:3c:92:f5:65:8b:77:22:ed:27:ae:8d:f6:e8:
eb:91:0e:8d:de:f5:1f:b9:81:cf:55:e8:34:37:d0:fb:88:b7:
10:1d:52:e6:97:12:9f:9d:25:9d:6c:b8:6f:a5:c4:a9:e5:65:
c1:bb:be:8f:09:29:70:27:30:d6:96:29:c7:ae:36:5e:91:3d:
43:cc:6d:63:bd:cf:0c:da:54:94:20:4c:05:34:2a:fe:e0:f7:
2d:dc:3a:9c:6f:b8:ee:cd:0f:ca:ca:6e:46:b6:7c:4e:bd:53:
52:ae:b2:b5:54:78:da:14:1a:b2:dc:43:02:c2:87:ef:6f:16:
5b:e0:f4:5a:56:80:f2:d4:96:4d:a8:e9:03:f4:9e:3c:da:20:
0e:60:79:da:dc:31:19:3e:e3:92:58:a2:1e:97:02:06:8e:71:
d8:93:c7:3a
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICH3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MTgw
MDEwMDRaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk1ODMyMUI0NzRBMjkw
MEE3QTA0M0E3OUMyRDNDOUI3MUQ5MjJEM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZT2Yc0lcYJ6NYu2tTm0XQMlUXELwhHQK9HsORUwZaZdRR+Gh1
43KyTjQw678MRb5e8e5wkqiEFRH+1aaOFYAFypehRvOzzOKObea8db6FAQ8qY2jP
61XQ1OWFRbRE0YKGh63dtmR2SqgAGrxlo63h5sfHvUoQ5pDPjI+15bWH9dihTaCI
2IOhzRCFRJptvnCgNjiloplYYzzv9aqHYAr/84ux42VRQuVAivQoXPbcPrvNv9jZ
Ua4jel8OCzxRolxR0c5p5nMVf/Kv3dATcFaswUz/82UuaqhAe37g+JCHFQIHuPtF
cw6c+pTB01oRt6UL2+06elqSx5zLo3M/rl/DAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUlYMhtHSikAp6BDp5wtPJtx2SLTswHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9sWU1odEhTaWtBcDZCRHA1
d3RQSnR4MlNMVHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEnrVT0FUgwEURCDz13cRc5hps1qe2paIauw
DIXft25LCtxArtvG/eeqCq0VXJqQQjIkYapt8dWWIMNgw6vJqN+BQ8MgOHrGHYSM
30rR6mzDe8cDa5hU9IDBnXzVLzkhPJL1ZYt3Iu0nro326OuRDo3e9R+5gc9V6DQ3
0PuItxAdUuaXEp+dJZ1suG+lxKnlZcG7vo8JKXAnMNaWKceuNl6RPUPMbWO9zwza
VJQgTAU0Kv7g9y3cOpxvuO7ND8rKbka2fE69U1KusrVUeNoUGrLcQwLCh+9vFlvg
9FpWgPLUlk2o6QP0njzaIA5gedrcMRk+45JYoh6XAgaOcdiTxzo=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:33:48 2025 by rpki-client