Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/rw2teD9gt9sXFdF505_hfivNKaU.roa
File: rw2teD9gt9sXFdF505_hfivNKaU.roa (raw, json)
Hash identifier: 94Xoo7UwgJjZnSWlC8zOc2JaRp7Vv9UmpGQXptWiA9M=
Subject key identifier: AF:0D:AD:78:3F:60:B7:DB:17:15:D1:79:D3:9F:E1:7E:2B:CD:29:A5
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0C95
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rw2teD9gt9sXFdF505_hfivNKaU.roa
Signing time: Fri 23 May 2025 20:38:39 +0000
ROA not before: Fri 23 May 2025 20:38:39 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3221 (0xc95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 23 20:38:39 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=AF0DAD783F60B7DB1715D179D39FE17E2BCD29A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ce:00:b2:98:25:64:27:84:e5:07:08:51:04:
d8:5b:5a:fe:19:68:26:fd:89:b5:5c:14:b7:a8:c1:
d2:29:a1:df:4c:07:70:c6:9c:f8:03:9e:80:4d:5f:
95:2b:d6:d0:71:e8:09:2d:cb:82:60:4f:83:f0:23:
1a:b6:64:0c:41:f8:ca:f0:43:cd:27:53:dc:cc:d0:
f2:d3:00:29:2d:16:63:8f:94:0c:ad:d6:a2:35:ff:
a6:f8:f2:01:f8:bb:a9:08:f3:f9:15:9d:a9:e5:c1:
33:ba:ce:2f:d6:3b:dc:5f:46:2c:a6:f2:62:8e:ba:
db:a6:69:a9:ef:3f:e1:9f:12:26:79:80:df:ad:55:
c1:aa:fb:9f:cf:31:20:9a:e6:58:de:1f:62:2a:bf:
a1:e4:7e:56:13:df:54:b2:9b:50:eb:21:a6:3a:9f:
c6:67:63:d6:cb:ce:47:75:f6:6f:ed:c3:0a:a4:9c:
eb:c4:3c:1f:ef:9b:b4:bf:a6:6e:d3:08:aa:8e:d3:
10:63:91:cb:bc:b5:2b:1f:15:ea:bf:7f:cb:9e:33:
d8:89:c2:35:70:4d:29:9e:9c:c5:37:ef:e9:87:6b:
89:9c:d5:df:29:cc:03:6f:a2:ed:ca:9e:84:1b:a3:
52:f2:94:b8:6f:47:5c:04:a0:ee:f6:ea:58:ac:76:
97:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0D:AD:78:3F:60:B7:DB:17:15:D1:79:D3:9F:E1:7E:2B:CD:29:A5
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/rw2teD9gt9sXFdF505_hfivNKaU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:7d:ef:84:18:3e:7b:59:19:2d:0c:53:0a:60:1a:9c:1e:1c:
45:e0:3e:3d:58:c1:5d:87:83:76:5d:d3:d1:38:8e:01:90:d8:
92:0f:cc:e7:9a:9f:43:e1:da:53:4a:6e:40:6a:ed:08:dc:51:
41:a3:f7:34:2b:ec:67:d5:e9:b4:e3:f3:54:d0:8c:e6:ec:c6:
57:3c:ae:85:cb:bd:d7:17:4b:98:5e:6f:70:8b:6a:3c:14:60:
b5:ee:24:6d:ae:ee:e1:f3:4c:d1:d3:2c:9e:4a:9d:4a:05:05:
67:4e:5c:cd:4b:f1:72:4a:e2:b1:54:34:22:59:17:6c:10:1e:
2d:ab:6e:bf:a8:52:b8:5b:5e:a5:c8:b4:e3:f9:6a:72:15:d8:
f8:77:0f:93:51:e9:3f:17:32:89:4f:3e:e1:5a:75:32:27:a7:
e8:28:e6:db:38:81:13:65:a6:79:64:f7:28:71:72:7b:d0:03:
9b:c9:52:cb:52:5f:df:20:88:34:0d:cf:1d:c1:7f:8d:a9:32:
ef:9e:b4:cc:be:0b:b9:1f:11:ce:3e:67:22:58:68:4f:fb:e1:
12:c4:45:2b:14:24:06:6a:a4:a2:e8:49:9b:eb:7d:8b:12:19:
09:6f:f6:b4:1e:47:8c:3b:82:a5:69:79:35:3f:e5:64:9e:15:
3a:80:e5:6e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MjMy
MDM4MzlaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEFGMERBRDc4M0Y2MEI3
REIxNzE1RDE3OUQzOUZFMTdFMkJDRDI5QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgzgCymCVkJ4TlBwhRBNhbWv4ZaCb9ibVcFLeowdIpod9MB3DG
nPgDnoBNX5Ur1tBx6Akty4JgT4PwIxq2ZAxB+MrwQ80nU9zM0PLTACktFmOPlAyt
1qI1/6b48gH4u6kI8/kVnanlwTO6zi/WO9xfRiym8mKOutumaanvP+GfEiZ5gN+t
VcGq+5/PMSCa5ljeH2Iqv6HkflYT31Sym1DrIaY6n8ZnY9bLzkd19m/twwqknOvE
PB/vm7S/pm7TCKqO0xBjkcu8tSsfFeq/f8ueM9iJwjVwTSmenMU37+mHa4mc1d8p
zANvou3KnoQbo1LylLhvR1wEoO726lisdpflAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUrw2teD9gt9sXFdF505/hfivNKaUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9ydzJ0ZUQ5Z3Q5c1hGZEY1
MDVfaGZpdk5LYVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACR974QYPntZGS0MUwpgGpweHEXgPj1YwV2H
g3Zd09E4jgGQ2JIPzOean0Ph2lNKbkBq7QjcUUGj9zQr7GfV6bTj81TQjObsxlc8
roXLvdcXS5heb3CLajwUYLXuJG2u7uHzTNHTLJ5KnUoFBWdOXM1L8XJK4rFUNCJZ
F2wQHi2rbr+oUrhbXqXItOP5anIV2Ph3D5NR6T8XMolPPuFadTInp+go5ts4gRNl
pnlk9yhxcnvQA5vJUstSX98giDQNzx3Bf42pMu+etMy+C7kfEc4+ZyJYaE/74RLE
RSsUJAZqpKLoSZvrfYsSGQlv9rQeR4w7gqVpeTU/5WSeFTqA5W4=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:21:36 2025 by rpki-client