Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yPx_QWElvn4qAnKzlXsx7PLbUY0.roa
File: yPx_QWElvn4qAnKzlXsx7PLbUY0.roa (raw, json)
Hash identifier: ZXQPWIUs55JxKTzE9w1p/dSOXBycoTb9VI4fJNz+BVM=
Subject key identifier: C8:FC:7F:41:61:25:BE:7E:2A:02:72:B3:95:7B:31:EC:F2:DB:51:8D
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 2101
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yPx_QWElvn4qAnKzlXsx7PLbUY0.roa
Signing time: Fri 20 Jun 2025 13:41:40 +0000
ROA not before: Fri 20 Jun 2025 13:41:40 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8449 (0x2101)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: Jun 20 13:41:40 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=C8FC7F416125BE7E2A0272B3957B31ECF2DB518D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:56:b1:3a:4e:8a:df:cb:60:f9:51:da:a1:f8:
e8:df:1a:0f:ec:c1:70:2f:d0:64:f8:31:fa:87:39:
27:7b:01:93:ad:f0:76:80:4b:36:d7:37:ec:d5:f4:
5f:4b:6e:08:64:ab:f8:0a:57:c0:b9:91:99:4d:59:
1b:b7:b8:37:bb:67:75:9e:7f:ed:fe:c1:2f:ff:6f:
fe:fe:8b:7e:bd:f7:69:7e:8e:94:9a:65:a1:c1:41:
a6:5e:b0:1e:ce:ce:1f:3f:0d:32:11:26:5b:4d:11:
9d:bf:fd:8f:01:e7:43:ec:eb:07:0a:c2:7f:00:8a:
9e:5f:52:d0:bd:50:79:d9:b2:8e:93:6e:b2:fd:90:
1a:54:2d:67:06:0d:79:1e:0d:55:86:69:0a:45:3e:
c1:99:bd:49:56:86:9e:d9:dd:5c:e6:2d:ba:c9:a4:
62:43:87:e2:c8:5e:03:3c:03:c9:dd:40:bf:ba:01:
a0:98:ce:43:9d:49:0c:fb:ac:be:e2:78:a3:3d:31:
6d:00:1a:ff:5f:f5:22:d4:11:0b:ac:1d:0e:37:15:
b2:e2:57:6c:86:1d:93:c7:b9:45:e5:c3:65:90:f0:
50:d5:85:3f:6d:13:97:79:2a:21:fd:ff:0b:1b:9d:
bb:73:9a:88:b3:e4:1e:e9:28:f0:63:de:04:a7:a5:
d9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:FC:7F:41:61:25:BE:7E:2A:02:72:B3:95:7B:31:EC:F2:DB:51:8D
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yPx_QWElvn4qAnKzlXsx7PLbUY0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:4f:f1:0e:5b:82:1e:9b:e4:fb:ed:4a:d7:89:fd:f0:c2:3c:
ec:ce:f3:9b:eb:0e:a0:6c:00:59:33:02:d9:9a:43:0a:27:74:
30:ce:d7:91:32:d9:fd:e1:d8:5e:6b:8e:6c:b5:cc:e9:2f:8e:
51:a0:97:0a:f6:fe:51:20:53:cd:e0:a2:b5:1e:b6:59:90:35:
6a:69:8a:36:78:90:e9:c2:3a:d9:2f:31:8d:93:00:d2:e4:26:
5e:d4:36:21:2e:6f:7a:fe:8f:9e:b8:00:cb:20:f8:af:ed:8f:
fb:9a:59:97:78:1a:f8:e1:55:80:9e:f9:56:34:f2:49:65:c3:
56:64:d5:3f:c1:17:ef:0e:be:bd:2b:f9:ae:de:85:74:4a:7e:
3b:75:3a:c9:fd:c9:85:2e:b9:1d:d0:dc:d4:a5:3c:69:26:52:
0a:9c:fc:a8:15:d4:df:a9:0d:4c:de:b3:1b:c4:cb:70:73:f7:
e3:fb:32:91:6e:c5:22:49:03:83:ac:18:a8:05:d9:52:5e:cc:
2b:fc:e8:73:66:2e:f6:ab:bc:65:d6:31:33:22:6c:33:5f:31:
27:ba:b2:ac:ab:3b:6b:d0:84:57:37:fb:97:98:e8:39:9a:1c:
90:9e:4f:41:70:e5:ae:df:dc:67:9a:52:2f:59:c8:b1:79:15:
36:2b:ca:21
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICIQEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA2MjAx
MzQxNDBaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKEM4RkM3RjQxNjEyNUJF
N0UyQTAyNzJCMzk1N0IzMUVDRjJEQjUxOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFVrE6Torfy2D5Udqh+OjfGg/swXAv0GT4MfqHOSd7AZOt8HaA
SzbXN+zV9F9Lbghkq/gKV8C5kZlNWRu3uDe7Z3Wef+3+wS//b/7+i36992l+jpSa
ZaHBQaZesB7Ozh8/DTIRJltNEZ2//Y8B50Ps6wcKwn8Aip5fUtC9UHnZso6TbrL9
kBpULWcGDXkeDVWGaQpFPsGZvUlWhp7Z3VzmLbrJpGJDh+LIXgM8A8ndQL+6AaCY
zkOdSQz7rL7ieKM9MW0AGv9f9SLUEQusHQ43FbLiV2yGHZPHuUXlw2WQ8FDVhT9t
E5d5KiH9/wsbnbtzmoiz5B7pKPBj3gSnpdkXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyPx/QWElvn4qAnKzlXsx7PLbUY0wHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95UHhfUVdFbHZuNHFBbkt6
bFhzeDdQTGJVWTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBACtP8Q5bgh6b5PvtSteJ/fDCPOzO85vrDqBs
AFkzAtmaQwondDDO15Ey2f3h2F5rjmy1zOkvjlGglwr2/lEgU83gorUetlmQNWpp
ijZ4kOnCOtkvMY2TANLkJl7UNiEub3r+j564AMsg+K/tj/uaWZd4GvjhVYCe+VY0
8kllw1Zk1T/BF+8Ovr0r+a7ehXRKfjt1Osn9yYUuuR3Q3NSlPGkmUgqc/KgV1N+p
DUzesxvEy3Bz9+P7MpFuxSJJA4OsGKgF2VJezCv86HNmLvarvGXWMTMibDNfMSe6
sqyrO2vQhFc3+5eY6DmaHJCeT0Fw5a7f3GeaUi9ZyLF5FTYryiE=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:38:39 2025 by rpki-client