Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/xYMyoFGqI4wONXsysNquvrDaXPc.roa
File: xYMyoFGqI4wONXsysNquvrDaXPc.roa (raw, json)
Hash identifier: cUV5BaUMUseLAmczK/C4uxsOlmhyYQi1ppKh88no43s=
Subject key identifier: C5:83:32:A0:51:AA:23:8C:0E:35:7B:32:B0:DA:AE:BE:B0:DA:5C:F7
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 1349
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xYMyoFGqI4wONXsysNquvrDaXPc.roa
Signing time: Sun 01 Jun 2025 19:09:58 +0000
ROA not before: Sun 01 Jun 2025 19:09:58 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4937 (0x1349)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 1 19:09:58 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C58332A051AA238C0E357B32B0DAAEBEB0DA5CF7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:3b:d8:44:66:b6:62:1c:bf:47:5f:45:18:
a3:27:c0:5a:01:ca:b9:3e:b6:29:d7:4a:0d:0b:41:
0d:44:3d:74:f9:3d:e5:e0:4c:4d:fc:bf:d7:bf:85:
ff:28:72:b7:20:37:be:01:b2:dc:d9:21:49:ca:da:
ea:54:3c:cd:08:1c:a4:47:f5:03:c3:04:57:48:e5:
6e:63:32:d9:1c:90:27:e6:9e:85:22:c0:6b:96:19:
06:ce:89:76:88:9c:3c:15:0a:2f:2e:d4:06:2d:ae:
32:dd:90:f1:42:f1:46:8e:16:3d:d8:2c:59:e2:03:
1b:34:1b:d0:df:6b:5d:ad:84:3f:05:60:0a:fb:93:
49:01:05:e9:1c:1c:66:64:f7:bb:43:ce:3f:8f:c9:
80:eb:a1:49:b8:e5:81:03:92:51:9c:79:c7:80:1a:
f7:85:38:dd:6b:bb:d7:76:fd:69:6e:66:dd:dc:fe:
34:1a:44:3a:18:f6:7d:54:fd:c9:ef:67:c3:f2:02:
68:7c:aa:e3:92:fe:7c:69:5b:73:7f:4a:96:cb:fe:
7c:2f:66:2d:b2:8c:22:e4:2c:11:0b:01:aa:9e:ab:
d6:fb:65:00:94:80:b5:29:dc:3d:d8:cd:67:bb:ee:
c9:79:69:57:06:e7:34:00:bf:fa:9e:59:c4:e3:ff:
ef:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:83:32:A0:51:AA:23:8C:0E:35:7B:32:B0:DA:AE:BE:B0:DA:5C:F7
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/xYMyoFGqI4wONXsysNquvrDaXPc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:3d:78:30:56:54:c6:ab:f8:0a:06:cb:44:a5:0e:ac:54:ce:
7a:16:b2:10:db:81:21:bc:67:c2:b0:fb:f3:28:36:95:75:a5:
6d:5a:1e:dc:eb:3f:63:b4:d0:d5:0f:4e:c2:5d:32:ba:99:58:
6a:ad:9b:96:42:bd:3f:70:dc:17:eb:93:12:f0:5c:b9:31:05:
d7:dc:54:72:60:13:0a:9e:a1:a0:b2:67:0d:ce:b6:b5:c6:88:
dd:3c:8e:5b:b1:cf:16:51:64:cc:3a:5d:31:98:67:d9:04:cf:
0d:01:4b:5c:01:ff:c2:1a:40:f1:7f:75:2a:07:52:c4:c8:30:
25:48:81:48:83:24:d0:f4:a7:2d:cd:94:56:d3:ab:eb:f9:42:
45:9d:04:f2:3a:af:19:44:7b:ab:3f:9f:0e:04:8e:3e:54:91:
e7:2d:80:4b:43:88:7b:7a:86:32:5b:6f:cc:22:47:dd:a0:af:
58:54:d3:c9:92:bd:be:50:10:23:68:f2:c6:0c:92:93:db:d8:
1d:68:df:2b:9f:78:5b:9f:f2:32:b5:0e:63:6a:a0:c7:21:a5:
11:a1:7b:39:2c:61:c0:c1:ab:89:83:ce:2c:ca:44:b0:b8:06:
1e:fd:2e:e5:db:11:a6:a8:7c:fc:7f:b2:46:39:1b:23:85:56:
cb:82:6f:55
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICE0kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MDEx
OTA5NThaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM1ODMzMkEwNTFBQTIz
OEMwRTM1N0IzMkIwREFBRUJFQjBEQTVDRjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHQDvYRGa2Yhy/R19FGKMnwFoByrk+tinXSg0LQQ1EPXT5PeXg
TE38v9e/hf8ocrcgN74BstzZIUnK2upUPM0IHKRH9QPDBFdI5W5jMtkckCfmnoUi
wGuWGQbOiXaInDwVCi8u1AYtrjLdkPFC8UaOFj3YLFniAxs0G9Dfa12thD8FYAr7
k0kBBekcHGZk97tDzj+PyYDroUm45YEDklGceceAGveFON1ru9d2/WluZt3c/jQa
RDoY9n1U/cnvZ8PyAmh8quOS/nxpW3N/SpbL/nwvZi2yjCLkLBELAaqeq9b7ZQCU
gLUp3D3YzWe77sl5aVcG5zQAv/qeWcTj/+/nAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUxYMyoFGqI4wONXsysNquvrDaXPcwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni94WU15b0ZHcUk0d09OWHN5
c05xdXZyRGFYUGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAH09eDBWVMar+AoGy0SlDqxUznoWshDbgSG8
Z8Kw+/MoNpV1pW1aHtzrP2O00NUPTsJdMrqZWGqtm5ZCvT9w3BfrkxLwXLkxBdfc
VHJgEwqeoaCyZw3OtrXGiN08jluxzxZRZMw6XTGYZ9kEzw0BS1wB/8IaQPF/dSoH
UsTIMCVIgUiDJND0py3NlFbTq+v5QkWdBPI6rxlEe6s/nw4Ejj5UkectgEtDiHt6
hjJbb8wiR92gr1hU08mSvb5QECNo8sYMkpPb2B1o3yufeFuf8jK1DmNqoMchpRGh
ezksYcDBq4mDzizKRLC4Bh79LuXbEaaofPx/skY5GyOFVsuCb1U=
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:52:41 2025 by rpki-client