Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/raEfCUvdGd1iqC33S-INlPipoTo.roa
File: raEfCUvdGd1iqC33S-INlPipoTo.roa (raw, json)
Hash identifier: K6eJKnFUxP7WAqRZdYQKe5v9yhUS2WSbcbd1wVQonGc=
Subject key identifier: AD:A1:1F:09:4B:DD:19:DD:62:A8:2D:F7:4B:E2:0D:94:F8:A9:A1:3A
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0CD5
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/raEfCUvdGd1iqC33S-INlPipoTo.roa
Signing time: Sat 24 May 2025 04:38:32 +0000
ROA not before: Sat 24 May 2025 04:38:32 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3285 (0xcd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 24 04:38:32 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=ADA11F094BDD19DD62A82DF74BE20D94F8A9A13A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ea:f2:93:30:8b:cf:8a:46:41:ac:0f:bc:9e:
39:8a:89:3f:5f:c7:91:39:f6:81:e1:d8:30:49:97:
77:32:bc:f7:9b:c1:a5:0f:80:58:cc:00:26:a3:d0:
ab:61:b2:3a:65:12:ea:0c:87:15:5b:01:cb:86:16:
55:02:49:78:b2:e7:04:cf:bc:4a:37:67:a4:a1:3e:
5e:a0:b4:59:39:f5:7b:31:6f:36:9d:ac:60:3f:3b:
94:15:f9:3c:b1:b3:53:08:be:16:e3:51:a4:5d:06:
1e:0c:c6:a0:a3:d4:96:e6:e7:fb:33:be:78:a7:1e:
3d:0f:46:a8:0e:90:34:5b:f3:cb:3f:56:d4:a8:8d:
d7:f3:7e:1e:5a:e0:e8:98:3c:4e:98:d9:d9:85:27:
9f:ef:4d:a0:19:5b:2c:9a:f4:3b:9b:5b:ff:36:54:
f2:2c:0a:25:06:36:2d:27:e0:95:29:04:c4:78:4a:
0d:75:24:e5:6d:19:b6:72:79:90:b4:ec:0a:60:6b:
b4:81:25:0b:6f:a7:4e:53:9a:5d:7e:cb:a5:b2:95:
9c:08:8d:23:03:2f:cc:03:d7:1e:68:c0:5e:29:9a:
c4:9c:f9:c1:67:63:c9:c9:3a:18:ac:0f:6c:c0:21:
b4:9c:83:2a:e4:50:ad:96:c1:8d:11:9d:47:70:bc:
0b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A1:1F:09:4B:DD:19:DD:62:A8:2D:F7:4B:E2:0D:94:F8:A9:A1:3A
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/raEfCUvdGd1iqC33S-INlPipoTo.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3e:53:71:12:ec:3a:76:23:4f:41:f4:13:54:f7:2c:0b:43:8e:
ae:6d:05:b5:f3:f5:e8:ca:f8:0f:67:ea:a7:e7:b2:fb:5c:3c:
82:60:68:20:e6:48:18:4a:89:25:a8:f9:4b:11:86:e0:93:14:
34:0d:48:a9:60:7c:a3:a8:25:0a:d1:27:48:09:af:95:f6:a5:
ad:e6:01:b8:04:57:4f:86:fc:61:41:99:10:20:ce:c4:46:42:
87:be:fb:3a:a5:db:4f:b0:92:06:a5:dd:d2:06:43:b0:dc:29:
8b:33:76:b2:6e:fa:0b:54:81:2a:74:6d:3e:97:24:3d:e8:35:
fd:0c:95:95:b9:0d:6b:d8:c8:53:67:09:f2:22:fb:61:ca:18:
a1:f0:0a:e7:44:8f:7f:f9:89:27:7b:bf:46:9f:1e:6e:52:ac:
52:be:f7:f5:5a:2a:eb:57:41:c0:53:01:9a:a5:7a:72:8c:e2:
0b:4a:3e:52:5c:16:af:3b:9c:f9:01:35:7c:32:f2:9d:1a:ba:
ca:e7:5a:58:48:b0:76:8a:63:b2:6e:07:81:97:23:c7:96:04:
50:45:1d:69:9c:c1:0b:09:b2:92:67:ab:0d:3a:97:d9:5b:04:
c2:32:1c:8a:17:04:c1:d7:aa:32:b2:2d:e7:88:4b:00:df:16:
29:29:49:3f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDNUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjQw
NDM4MzJaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFEQTExRjA5NEJERDE5
REQ2MkE4MkRGNzRCRTIwRDk0RjhBOUExM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+6vKTMIvPikZBrA+8njmKiT9fx5E59oHh2DBJl3cyvPebwaUP
gFjMACaj0KthsjplEuoMhxVbAcuGFlUCSXiy5wTPvEo3Z6ShPl6gtFk59Xsxbzad
rGA/O5QV+Tyxs1MIvhbjUaRdBh4MxqCj1Jbm5/szvninHj0PRqgOkDRb88s/VtSo
jdfzfh5a4OiYPE6Y2dmFJ5/vTaAZWyya9DubW/82VPIsCiUGNi0n4JUpBMR4Sg11
JOVtGbZyeZC07Apga7SBJQtvp05Tml1+y6WylZwIjSMDL8wD1x5owF4pmsSc+cFn
Y8nJOhisD2zAIbScgyrkUK2WwY0RnUdwvAuFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUraEfCUvdGd1iqC33S+INlPipoTowHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9yYUVmQ1V2ZEdkMWlxQzMz
Uy1JTmxQaXBvVG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAD5TcRLsOnYjT0H0E1T3LAtDjq5tBbXz9ejK
+A9n6qfnsvtcPIJgaCDmSBhKiSWo+UsRhuCTFDQNSKlgfKOoJQrRJ0gJr5X2pa3m
AbgEV0+G/GFBmRAgzsRGQoe++zql20+wkgal3dIGQ7DcKYszdrJu+gtUgSp0bT6X
JD3oNf0MlZW5DWvYyFNnCfIi+2HKGKHwCudEj3/5iSd7v0afHm5SrFK+9/VaKutX
QcBTAZqlenKM4gtKPlJcFq87nPkBNXwy8p0ausrnWlhIsHaKY7JuB4GXI8eWBFBF
HWmcwQsJspJnqw06l9lbBMIyHIoXBMHXqjKyLeeISwDfFikpST8=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:12:08 2025 by rpki-client