Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/u8VPsSSnDZDsSUnYt6TRumfaXQY.roa
File: u8VPsSSnDZDsSUnYt6TRumfaXQY.roa (raw, json)
Hash identifier: hrmHN25smqVBcaPwMs6PwtKaCWyWYoNyDmjnMt83qhw=
Subject key identifier: BB:C5:4F:B1:24:A7:0D:90:EC:49:49:D8:B7:A4:D1:BA:67:DA:5D:06
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0395
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u8VPsSSnDZDsSUnYt6TRumfaXQY.roa
Signing time: Sun 11 May 2025 20:37:53 +0000
ROA not before: Sun 11 May 2025 20:37:53 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 917 (0x395)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 11 20:37:53 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=BBC54FB124A70D90EC4949D8B7A4D1BA67DA5D06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:65:55:eb:a9:1e:1b:3d:58:1c:7f:80:e0:
19:cb:75:35:1c:4e:5f:21:ec:e0:c2:b8:fd:b8:b8:
3c:73:d8:de:5b:4b:cb:2b:74:f1:b4:f6:2a:d7:16:
9c:07:5a:75:38:36:bd:de:0d:f8:9b:2b:01:08:f3:
ce:2a:54:63:02:5d:fb:e7:ce:f0:7c:90:06:c3:0b:
d9:81:d7:5b:7e:9b:03:20:66:db:11:df:ff:cd:d1:
58:59:41:a6:2d:66:60:ec:77:ec:48:f8:2e:24:24:
03:09:60:8b:b9:34:21:c6:1a:f3:53:d1:53:f5:f9:
cc:3a:7e:30:f4:b4:aa:53:ca:aa:62:a1:f1:39:9b:
e8:36:02:a1:98:b9:b2:54:62:92:a7:e8:48:65:cb:
07:71:7c:81:b4:6f:c9:79:62:e1:95:14:bd:ed:e1:
0f:26:b3:f2:f7:3e:5d:be:60:65:9a:96:f5:f6:2e:
c5:dc:17:b6:58:ee:23:36:6d:e4:46:ba:8c:ee:92:
de:e9:0a:44:68:b9:1d:56:9b:e8:04:49:e9:ea:31:
21:fa:e2:99:81:39:cf:a8:59:9c:fd:3f:9a:b1:6b:
79:69:1b:02:24:77:bd:e1:1c:68:77:eb:8d:96:93:
fa:ae:6b:f9:bf:9e:fb:c6:89:b7:82:b3:f1:24:8a:
56:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C5:4F:B1:24:A7:0D:90:EC:49:49:D8:B7:A4:D1:BA:67:DA:5D:06
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/u8VPsSSnDZDsSUnYt6TRumfaXQY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:7f:14:8c:19:7a:3d:90:37:05:79:41:f3:a4:a5:fc:7a:6e:
6c:95:33:91:bd:80:39:81:41:49:4b:44:6e:d1:04:18:e5:1d:
fb:e4:01:8e:b9:f9:83:2e:69:f0:24:f6:e1:8d:8c:3c:be:ba:
eb:48:51:0b:e4:17:b4:bb:f7:55:54:7d:ec:84:f8:7d:71:7a:
0e:75:e4:0e:a2:e8:75:dd:c0:24:06:f3:9e:b5:dc:4b:ea:29:
eb:34:6f:ca:0e:88:6c:82:a4:e0:53:55:a4:87:1a:ce:b9:34:
85:fa:ba:e9:27:d0:7a:b4:52:d7:64:e9:cf:22:77:8b:cf:f3:
61:0a:56:90:bc:d9:1d:b2:31:7c:82:82:ce:86:04:a0:b3:b4:
e8:a9:bf:4a:9a:af:fd:7f:d1:41:2f:67:fc:ce:5a:30:95:68:
b0:cc:3c:88:8d:56:3f:28:bd:fb:5f:17:11:aa:7f:ff:68:bb:
c8:4b:cd:cd:61:41:9b:ba:00:f5:e5:f1:10:63:0f:f0:dc:66:
07:a9:f5:cd:7d:4e:7d:3f:92:cd:28:58:ec:03:dc:b5:f4:e8:
a0:71:3b:3b:94:07:47:ac:a2:68:9f:16:bb:dc:5c:d5:b7:ea:
2e:c7:2d:22:44:bb:3d:38:c8:b5:fd:e2:81:d1:20:e6:e9:fc:
70:0a:c4:b5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICA5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTEy
MDM3NTNaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEJCQzU0RkIxMjRBNzBE
OTBFQzQ5NDlEOEI3QTREMUJBNjdEQTVEMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCE2VV66keGz1YHH+A4BnLdTUcTl8h7ODCuP24uDxz2N5bS8sr
dPG09irXFpwHWnU4Nr3eDfibKwEI884qVGMCXfvnzvB8kAbDC9mB11t+mwMgZtsR
3//N0VhZQaYtZmDsd+xI+C4kJAMJYIu5NCHGGvNT0VP1+cw6fjD0tKpTyqpiofE5
m+g2AqGYubJUYpKn6EhlywdxfIG0b8l5YuGVFL3t4Q8ms/L3Pl2+YGWalvX2LsXc
F7ZY7iM2beRGuozukt7pCkRouR1Wm+gESenqMSH64pmBOc+oWZz9P5qxa3lpGwIk
d73hHGh3642Wk/qua/m/nvvGibeCs/EkilZFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUu8VPsSSnDZDsSUnYt6TRumfaXQYwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni91OFZQc1NTbkRaRHNTVW5Z
dDZUUnVtZmFYUVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAJl/FIwZej2QNwV5QfOkpfx6bmyVM5G9gDmB
QUlLRG7RBBjlHfvkAY65+YMuafAk9uGNjDy+uutIUQvkF7S791VUfeyE+H1xeg51
5A6i6HXdwCQG85613EvqKes0b8oOiGyCpOBTVaSHGs65NIX6uukn0Hq0Utdk6c8i
d4vP82EKVpC82R2yMXyCgs6GBKCztOipv0qar/1/0UEvZ/zOWjCVaLDMPIiNVj8o
vftfFxGqf/9ou8hLzc1hQZu6APXl8RBjD/DcZgep9c19Tn0/ks0oWOwD3LX06KBx
OzuUB0esomifFrvcXNW36i7HLSJEuz04yLX94oHRIObp/HAKxLU=
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:35:12 2025 by rpki-client