Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/stwfVXIEEcbcUmRAxcPaFjS6ewI.roa
File: stwfVXIEEcbcUmRAxcPaFjS6ewI.roa (raw, json)
Hash identifier: T7Lk3cUToV2DTPyWZNZtfyj0FVzZNuuWbiFM1yGFw08=
Subject key identifier: B2:DC:1F:55:72:04:11:C6:DC:52:64:40:C5:C3:DA:16:34:BA:7B:02
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0379
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/stwfVXIEEcbcUmRAxcPaFjS6ewI.roa
Signing time: Sun 11 May 2025 17:07:57 +0000
ROA not before: Sun 11 May 2025 17:07:57 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 889 (0x379)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 17:07:57 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=B2DC1F55720411C6DC526440C5C3DA1634BA7B02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fc:48:bc:d2:03:0f:6c:76:ac:95:19:a8:f5:
4d:d9:ab:6c:1a:d9:88:a7:f2:b3:85:75:24:93:4a:
4f:17:1b:99:9f:6c:d2:45:42:d9:93:ad:6a:ec:a9:
fc:b1:74:40:87:80:11:2f:7b:c6:99:7f:b1:63:32:
29:42:95:3b:6a:6f:c2:2d:0d:96:b7:c3:e5:ff:9b:
6d:8d:da:9c:b8:0f:41:4f:7f:a3:80:f6:65:cf:f8:
8b:4e:9d:7a:b5:20:7b:f0:42:4b:82:a3:54:98:12:
f5:ba:d5:5a:bb:ea:19:d4:4e:56:ba:50:e4:01:f8:
22:aa:7a:26:18:f6:02:ef:8b:50:2e:8e:d4:34:6b:
04:24:57:95:7a:4d:df:a3:7a:50:16:e3:5a:c2:55:
cf:9d:55:7a:a3:f0:ef:32:d3:3e:f9:20:2f:46:1c:
60:5c:c7:2f:c3:94:ec:cc:3f:1e:4b:c0:4e:f7:22:
15:ac:cc:50:42:e8:39:d9:34:81:9e:77:4f:3b:46:
57:f8:92:db:f6:38:d1:98:54:4c:f5:d7:b1:02:e0:
ca:cf:15:30:c5:27:9e:42:c4:f5:ec:4b:40:0c:b7:
97:1e:aa:bb:dd:10:c5:43:7f:1f:ba:e4:5e:e3:52:
65:6e:0f:5d:00:55:ec:5b:cc:db:c7:82:98:41:ae:
20:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DC:1F:55:72:04:11:C6:DC:52:64:40:C5:C3:DA:16:34:BA:7B:02
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/stwfVXIEEcbcUmRAxcPaFjS6ewI.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:bd:87:2c:7f:fc:a7:b6:8a:4e:ad:a3:9e:2f:1c:34:f8:af:
c1:47:21:03:56:7b:51:f7:13:d5:6f:8c:8d:1b:01:7e:91:a4:
a5:79:83:b5:3b:d4:a7:5d:ac:99:23:73:ee:db:d3:24:78:f7:
9c:b2:27:4a:ad:94:7f:0f:83:ad:fe:93:8b:76:79:ed:32:b4:
8c:59:12:1c:3d:01:28:a2:1f:2d:cf:23:a5:eb:0f:b1:2e:9b:
68:14:4f:53:04:2f:0a:ff:32:d4:eb:2a:21:6d:f3:8c:28:b2:
29:6c:0c:5f:1c:c0:78:87:9d:26:24:70:bb:36:d5:cd:c2:ff:
7b:f4:1d:55:a5:5d:ca:98:31:73:f5:a2:62:dc:6f:a9:98:d5:
9e:bd:0f:2b:13:74:be:66:39:c4:17:c2:69:83:98:45:ba:4c:
af:80:1b:dd:43:e9:2b:9d:0c:e2:f6:cb:95:1c:d8:f2:b8:31:
03:66:5d:0e:43:c2:eb:8c:7b:b3:22:92:78:6c:85:90:31:cd:
20:a3:15:d4:de:f2:a6:59:91:f1:9d:e6:c2:9d:35:84:1e:bd:
fe:94:20:9b:8b:c7:c3:58:93:4d:43:60:14:3e:7e:f8:46:ee:
df:75:cf:f3:b9:65:2c:95:30:c7:82:45:bb:09:81:db:d8:b1:
f3:b4:78:af
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEx
NzA3NTdaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEIyREMxRjU1NzIwNDEx
QzZEQzUyNjQ0MEM1QzNEQTE2MzRCQTdCMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz/Ei80gMPbHaslRmo9U3Zq2wa2Yin8rOFdSSTSk8XG5mfbNJF
QtmTrWrsqfyxdECHgBEve8aZf7FjMilClTtqb8ItDZa3w+X/m22N2py4D0FPf6OA
9mXP+ItOnXq1IHvwQkuCo1SYEvW61Vq76hnUTla6UOQB+CKqeiYY9gLvi1AujtQ0
awQkV5V6Td+jelAW41rCVc+dVXqj8O8y0z75IC9GHGBcxy/DlOzMPx5LwE73IhWs
zFBC6DnZNIGed087Rlf4ktv2ONGYVEz117EC4MrPFTDFJ55CxPXsS0AMt5ceqrvd
EMVDfx+65F7jUmVuD10AVexbzNvHgphBriB3AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUstwfVXIEEcbcUmRAxcPaFjS6ewIwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni9zdHdmVlhJRUVjYmNVbVJB
eGNQYUZqUzZld0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAK+9hyx//Ke2ik6to54vHDT4r8FHIQNWe1H3
E9VvjI0bAX6RpKV5g7U71KddrJkjc+7b0yR495yyJ0qtlH8Pg63+k4t2ee0ytIxZ
Ehw9ASiiHy3PI6XrD7Eum2gUT1MELwr/MtTrKiFt84wosilsDF8cwHiHnSYkcLs2
1c3C/3v0HVWlXcqYMXP1omLcb6mY1Z69DysTdL5mOcQXwmmDmEW6TK+AG91D6Sud
DOL2y5Uc2PK4MQNmXQ5DwuuMe7MiknhshZAxzSCjFdTe8qZZkfGd5sKdNYQevf6U
IJuLx8NYk01DYBQ+fvhG7t91z/O5ZSyVMMeCRbsJgdvYsfO0eK8=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:55:38 2025 by rpki-client