Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/mcVbftu3kurmCU1tb4zhJ1jz07g.roa
File: mcVbftu3kurmCU1tb4zhJ1jz07g.roa (raw, json)
Hash identifier: Uc5LjoXt/u/jQMlazvV2pUJm4vGZ2yn6w/jdg7oDyxQ=
Subject key identifier: 99:C5:5B:7E:DB:B7:92:EA:E6:09:4D:6D:6F:8C:E1:27:58:F3:D3:B8
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CDD
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mcVbftu3kurmCU1tb4zhJ1jz07g.roa
Signing time: Sat 24 May 2025 05:38:30 +0000
ROA not before: Sat 24 May 2025 05:38:30 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3293 (0xcdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 05:38:30 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=99C55B7EDBB792EAE6094D6D6F8CE12758F3D3B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:cd:e0:39:57:94:16:36:b4:e3:7b:0c:7b:98:
22:fc:f4:41:3e:f8:76:49:cf:06:19:7b:ce:c0:54:
3c:f2:4e:b7:c8:d8:c1:56:c1:02:f6:a5:5e:78:6e:
20:4f:07:eb:ee:a8:46:43:f1:a3:16:4f:e2:ee:59:
98:e6:08:a3:c0:d8:e9:a1:c1:bb:5a:a1:7e:7c:4d:
a9:44:ea:e0:82:0e:d6:5b:a4:11:2a:ae:00:9c:c7:
c0:92:89:8c:dc:8c:b2:28:b9:f2:21:dd:8f:84:85:
48:e6:07:23:dc:0a:f0:fa:dc:93:f3:21:a4:d7:e8:
db:d7:89:ea:63:2b:03:8b:47:f7:8c:05:0e:23:d7:
ef:be:29:c7:02:d1:b9:58:ca:ea:cc:51:43:63:14:
d6:b0:f4:04:da:d5:60:80:70:07:f5:e4:26:8e:c9:
19:50:b3:0e:f7:d8:3b:47:e9:04:e7:e0:89:90:df:
e4:f4:48:7b:20:70:eb:33:47:04:c3:32:e4:09:bc:
9f:9d:f1:5d:29:6a:ee:92:64:a2:78:fd:d5:32:d7:
82:4c:62:2f:b0:c6:20:11:71:3e:d6:9d:0a:db:e0:
c2:af:44:d0:cb:9e:16:9c:4e:72:06:3b:43:6f:01:
91:5d:7a:01:bf:34:74:c0:f3:c9:76:cd:af:55:df:
af:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C5:5B:7E:DB:B7:92:EA:E6:09:4D:6D:6F:8C:E1:27:58:F3:D3:B8
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/mcVbftu3kurmCU1tb4zhJ1jz07g.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
10:50:66:1e:45:6d:9a:64:1b:8c:d8:47:d0:2f:3c:a3:7b:30:
08:22:64:e3:35:be:19:a1:90:8c:92:f5:5d:2f:1c:c0:02:31:
d2:4b:d8:15:fa:67:df:97:ea:d0:26:bb:bd:be:e5:2a:bb:79:
c5:53:a4:69:23:ff:36:07:94:91:6b:80:8c:08:67:72:6d:49:
25:0d:09:8a:27:8d:3e:26:04:b4:81:de:09:5b:5c:e4:2d:88:
6b:ea:d0:30:bb:58:59:29:01:b5:15:74:3f:c1:fa:27:1e:e2:
5a:3d:28:9e:a7:39:b8:af:44:c6:6e:07:ce:de:a4:06:0c:0b:
51:6e:d5:8e:a2:eb:d7:c3:6b:c4:dd:51:21:7a:b8:39:2e:d0:
c1:57:88:89:ac:1c:03:bc:b1:bb:67:c6:ba:4d:8e:a0:d9:26:
e1:da:a3:5b:e3:df:f9:80:5f:a6:7a:3c:ce:6f:ac:37:f0:42:
5f:13:04:69:63:a3:1b:20:ea:a0:69:d1:d6:6c:2d:0c:78:5f:
15:41:5d:b0:e3:de:c7:1e:08:25:37:33:59:d2:cb:2e:7b:82:
b7:3e:30:34:8e:46:c0:4d:12:f5:7d:fd:49:31:4e:85:c9:a5:
0c:1c:73:48:c9:53:41:5d:8d:c0:ca:b9:1c:23:8c:07:da:42:
35:52:34:7f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDN0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQw
NTM4MzBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKDk5QzU1QjdFREJCNzky
RUFFNjA5NEQ2RDZGOENFMTI3NThGM0QzQjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzzeA5V5QWNrTjewx7mCL89EE++HZJzwYZe87AVDzyTrfI2MFW
wQL2pV54biBPB+vuqEZD8aMWT+LuWZjmCKPA2OmhwbtaoX58TalE6uCCDtZbpBEq
rgCcx8CSiYzcjLIoufIh3Y+EhUjmByPcCvD63JPzIaTX6NvXiepjKwOLR/eMBQ4j
1+++KccC0blYyurMUUNjFNaw9ATa1WCAcAf15CaOyRlQsw732DtH6QTn4ImQ3+T0
SHsgcOszRwTDMuQJvJ+d8V0pau6SZKJ4/dUy14JMYi+wxiARcT7WnQrb4MKvRNDL
nhacTnIGO0NvAZFdegG/NHTA88l2za9V369tAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmcVbftu3kurmCU1tb4zhJ1jz07gwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9tY1ZiZnR1M2t1cm1DVTF0
YjR6aEoxanowN2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBABBQZh5FbZpkG4zYR9AvPKN7MAgiZOM1vhmh
kIyS9V0vHMACMdJL2BX6Z9+X6tAmu72+5Sq7ecVTpGkj/zYHlJFrgIwIZ3JtSSUN
CYonjT4mBLSB3glbXOQtiGvq0DC7WFkpAbUVdD/B+ice4lo9KJ6nObivRMZuB87e
pAYMC1Fu1Y6i69fDa8TdUSF6uDku0MFXiImsHAO8sbtnxrpNjqDZJuHao1vj3/mA
X6Z6PM5vrDfwQl8TBGljoxsg6qBp0dZsLQx4XxVBXbDj3sceCCU3M1nSyy57grc+
MDSORsBNEvV9/UkxToXJpQwcc0jJU0FdjcDKuRwjjAfaQjVSNH8=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:16:06 2025 by rpki-client