Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rnsba91VTu8uZOKiOshblo3dxz4.roa
File: rnsba91VTu8uZOKiOshblo3dxz4.roa (raw, json)
Hash identifier: vGE6zr/PNQwpGUvl6ATvWrhykCDopZqo74IsaLnTIFM=
Subject key identifier: AE:7B:1B:6B:DD:55:4E:EF:2E:64:E2:A2:3A:C8:5B:96:8D:DD:C7:3E
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0111
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rnsba91VTu8uZOKiOshblo3dxz4.roa
Signing time: Thu 08 May 2025 12:07:43 +0000
ROA not before: Thu 08 May 2025 12:07:43 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273 (0x111)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 8 12:07:43 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AE7B1B6BDD554EEF2E64E2A23AC85B968DDDC73E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:c4:ba:e8:5b:c8:b0:24:dc:d9:a9:6a:c9:
b6:5e:56:b4:c4:3c:76:bf:91:f3:86:e7:a9:3d:92:
ba:99:dc:f7:64:11:7a:59:9f:bd:52:db:10:86:4e:
16:cb:56:1f:7f:44:1a:85:ef:93:ac:23:31:70:71:
eb:d4:89:39:55:7a:25:d1:e9:89:49:50:81:8f:68:
8a:aa:95:1b:38:78:bf:b1:2a:c7:87:f1:b5:bd:73:
9e:d5:99:81:15:9a:28:5a:cb:45:56:ae:6f:4e:ae:
68:70:76:16:a3:8b:8a:1a:58:e2:14:28:3e:e6:bf:
2c:62:c2:73:59:a7:07:30:6e:b6:2d:0b:6e:64:87:
67:6f:f3:e9:29:2a:81:94:84:09:fc:11:9c:f7:33:
4d:95:23:a1:2a:6e:12:38:9b:21:90:50:0c:7e:4d:
aa:2d:8c:44:2b:2f:87:de:d3:b8:e4:37:f9:46:a6:
c3:ea:be:12:74:a2:94:77:f9:9a:ba:14:95:a6:61:
3d:a1:64:c4:57:a4:90:6b:66:2a:ce:8b:2d:44:f0:
9e:3a:9c:61:c7:63:2e:52:c3:7e:ce:22:5f:6b:58:
58:0e:2a:9a:20:82:f1:5c:7f:38:de:bc:c1:58:aa:
58:49:48:e8:df:66:42:0f:35:86:17:b4:51:67:24:
b9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:7B:1B:6B:DD:55:4E:EF:2E:64:E2:A2:3A:C8:5B:96:8D:DD:C7:3E
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rnsba91VTu8uZOKiOshblo3dxz4.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:c6:bf:ab:29:79:8f:35:1d:7d:29:09:24:f4:f5:1b:7b:e1:
0f:82:c6:ae:76:63:c5:85:fa:6b:a2:51:ea:e8:5b:a1:50:55:
88:a5:b3:30:7b:c4:ee:0e:de:b8:2d:09:d0:66:aa:3b:25:be:
06:6e:9d:04:a4:10:95:9c:8a:c7:7a:95:bb:fa:f2:e1:13:1a:
a1:8c:40:81:db:55:43:b3:5c:5c:4b:80:ba:00:5d:26:ef:fb:
79:72:c1:ac:e8:53:4d:89:e1:ec:e1:8e:ef:c8:7d:d9:f3:74:
fb:9a:d8:a9:3a:b9:3c:06:dd:ce:7f:61:69:23:79:11:f7:20:
8f:44:54:4d:e2:15:d6:b1:7e:9e:02:81:fd:87:fc:31:75:c8:
bd:cf:e1:7b:2c:80:87:7f:be:40:86:a7:1b:6b:94:38:56:83:
bf:42:2c:8d:65:7c:07:db:d1:2f:72:ab:34:5d:2a:aa:ed:02:
69:a3:03:34:f7:6e:ff:ce:fa:77:90:91:c6:66:25:6c:89:74:
58:d9:ca:e3:16:bc:31:9e:75:99:27:76:48:73:bb:5e:14:2a:
06:c7:05:95:bd:91:f8:83:1f:ff:41:d8:22:33:c4:aa:ab:a1:
d7:76:a9:20:f8:a2:a5:4e:57:a3:c6:f4:99:bd:f9:42:ac:3c:
d5:36:47:91
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICAREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MDgx
MjA3NDNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFFN0IxQjZCREQ1NTRF
RUYyRTY0RTJBMjNBQzg1Qjk2OEREREM3M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0BcS66FvIsCTc2alqybZeVrTEPHa/kfOG56k9krqZ3PdkEXpZ
n71S2xCGThbLVh9/RBqF75OsIzFwcevUiTlVeiXR6YlJUIGPaIqqlRs4eL+xKseH
8bW9c57VmYEVmihay0VWrm9Ormhwdhaji4oaWOIUKD7mvyxiwnNZpwcwbrYtC25k
h2dv8+kpKoGUhAn8EZz3M02VI6EqbhI4myGQUAx+TaotjEQrL4fe07jkN/lGpsPq
vhJ0opR3+Zq6FJWmYT2hZMRXpJBrZirOiy1E8J46nGHHYy5Sw37OIl9rWFgOKpog
gvFcfzjevMFYqlhJSOjfZkIPNYYXtFFnJLnBAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrnsba91VTu8uZOKiOshblo3dxz4wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ybnNiYTkxVlR1OHVaT0tp
T3NoYmxvM2R4ejQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAEHGv6speY81HX0pCST09Rt74Q+Cxq52Y8WF
+muiUeroW6FQVYilszB7xO4O3rgtCdBmqjslvgZunQSkEJWcisd6lbv68uETGqGM
QIHbVUOzXFxLgLoAXSbv+3lywazoU02J4ezhju/IfdnzdPua2Kk6uTwG3c5/YWkj
eRH3II9EVE3iFdaxfp4Cgf2H/DF1yL3P4XssgId/vkCGpxtrlDhWg79CLI1lfAfb
0S9yqzRdKqrtAmmjAzT3bv/O+neQkcZmJWyJdFjZyuMWvDGedZkndkhzu14UKgbH
BZW9kfiDH/9B2CIzxKqrodd2qSD4oqVOV6PG9Jm9+UKsPNU2R5E=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:34:04 2025 by rpki-client