Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/76/yw9gXgTsm_k-o5yQHswAmlp9tXU.roa
File: yw9gXgTsm_k-o5yQHswAmlp9tXU.roa (raw, json)
Hash identifier: 75m06pyCdKVxv8PbhMFz7ihR+i2yql8qh7HiK0e4RGw=
Subject key identifier: CB:0F:60:5E:04:EC:9B:F9:3E:A3:9C:90:1E:CC:00:9A:5A:7D:B5:75
Certificate issuer: /CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Certificate serial: 0511
Authority key identifier: 2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yw9gXgTsm_k-o5yQHswAmlp9tXU.roa
Signing time: Tue 13 May 2025 20:08:48 +0000
ROA not before: Tue 13 May 2025 20:08:48 +0000
ROA not after: Thu 09 Apr 2026 06:33:21 +0000
asID: 9391
IP address blocks: 27.103.0.0/16 maxlen: 16
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1297 (0x511)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E266DC3EAD80EB25D49858A64DC1EF1C8A1B942
Validity
Not Before: May 13 20:08:48 2025 GMT
Not After : Apr 9 06:33:21 2026 GMT
Subject: CN=CB0F605E04EC9BF93EA39C901ECC009A5A7DB575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d5:1a:50:27:9b:16:5c:10:9f:da:27:25:64:
35:cc:1f:ce:5d:9b:63:fb:8f:ef:f1:75:b7:3d:e1:
43:de:9f:a1:52:87:8e:b8:32:9c:bb:17:22:38:7f:
ae:dc:b2:48:91:6a:ce:cd:a8:99:55:60:e8:9b:0c:
95:3e:e7:27:cf:05:3a:e6:cb:a5:58:f6:7f:be:18:
89:42:f4:4c:b4:75:fd:fa:ee:69:24:fa:1c:54:43:
29:87:17:de:d3:9d:84:8d:50:9f:7b:25:9c:c7:ef:
15:28:6f:79:b4:f7:53:99:da:45:4b:78:98:81:cb:
00:f0:5c:5f:a9:19:f8:ca:36:ac:03:74:d9:d0:65:
a2:03:00:35:31:4c:a6:da:fc:93:01:25:3a:5a:78:
dc:32:6c:2f:2a:35:bf:47:ae:51:b0:81:bc:c6:83:
42:31:8a:a3:54:3e:80:0a:ad:36:5d:80:58:11:2a:
1b:13:5b:8c:25:f8:eb:cf:cf:a5:f1:3a:5a:6f:bd:
24:03:ef:04:2b:42:06:cf:ac:62:1c:4a:ce:41:67:
24:33:11:f3:ba:7b:a2:f7:e0:36:14:05:3e:df:34:
20:d7:84:b2:9d:83:3b:96:54:18:01:b2:fc:fc:48:
62:b5:a7:1a:f8:e5:80:81:02:73:ef:bc:b8:50:b7:
f0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0F:60:5E:04:EC:9B:F9:3E:A3:9C:90:1E:CC:00:9A:5A:7D:B5:75
X509v3 Authority Key Identifier:
keyid:2E:26:6D:C3:EA:D8:0E:B2:5D:49:85:8A:64:DC:1E:F1:C8:A1:B9:42
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/LiZtw-rYDrJdSYWKZNwe8cihuUI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LiZtw-rYDrJdSYWKZNwe8cihuUI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/76/yw9gXgTsm_k-o5yQHswAmlp9tXU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.103.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:9f:fe:25:7c:26:88:d4:6c:db:56:a0:79:18:64:59:30:9f:
05:de:57:61:06:d5:fb:a4:16:a6:37:76:c9:68:8e:76:08:d7:
33:d6:c2:ca:a8:be:d5:8f:14:6b:a0:09:36:14:5a:27:a2:a1:
8f:6f:5e:17:23:98:0a:d6:0f:d4:21:ec:c9:01:d2:6e:fe:75:
2c:30:76:ea:4e:76:c6:44:ef:6c:bc:6f:a2:b5:11:35:60:11:
73:da:7a:32:b5:64:7e:60:01:1a:c2:cf:6d:07:d9:ee:29:c8:
2b:b9:d5:30:1c:9e:62:63:42:7c:04:4e:3b:91:ef:2d:39:8c:
17:0d:00:03:14:65:a6:f2:2b:d7:fc:61:c9:d6:f9:0c:3a:57:
2c:fc:dd:f0:d9:3d:b1:66:86:6b:d4:16:1b:cd:60:2c:c6:17:
c2:e1:91:e6:29:91:2c:7e:64:42:72:db:af:c3:d6:e9:1d:02:
ee:fd:b3:e2:6d:8d:44:cb:11:4c:22:39:b5:0f:4e:1d:fb:d7:
e9:3c:2e:05:fa:f2:b0:5f:be:0b:53:fe:f3:9d:23:d7:07:21:
5a:fc:0e:05:ec:7a:72:46:54:85:41:b1:da:5c:19:60:14:9b:
70:a1:5f:7f:17:75:9d:13:bf:9d:a6:8e:a3:55:f4:7a:c0:9d:
10:82:9b:23
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICBREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkUy
NjZEQzNFQUQ4MEVCMjVENDk4NThBNjREQzFFRjFDOEExQjk0MjAeFw0yNTA1MTMy
MDA4NDhaFw0yNjA0MDkwNjMzMjFaMDMxMTAvBgNVBAMTKENCMEY2MDVFMDRFQzlC
RjkzRUEzOUM5MDFFQ0MwMDlBNUE3REI1NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDp1RpQJ5sWXBCf2iclZDXMH85dm2P7j+/xdbc94UPen6FSh464
Mpy7FyI4f67cskiRas7NqJlVYOibDJU+5yfPBTrmy6VY9n++GIlC9Ey0df367mkk
+hxUQymHF97TnYSNUJ97JZzH7xUob3m091OZ2kVLeJiBywDwXF+pGfjKNqwDdNnQ
ZaIDADUxTKba/JMBJTpaeNwybC8qNb9HrlGwgbzGg0IxiqNUPoAKrTZdgFgRKhsT
W4wl+OvPz6XxOlpvvSQD7wQrQgbPrGIcSs5BZyQzEfO6e6L34DYUBT7fNCDXhLKd
gzuWVBgBsvz8SGK1pxr45YCBAnPvvLhQt/BxAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUyw9gXgTsm/k+o5yQHswAmlp9tXUwHwYDVR0jBBgwFoAULiZtw+rYDrJdSYWK
ZNwe8cihuUIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzYv
TGladHctcllEckpkU1lXS1pOd2U4Y2lodVVJLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9MaVp0dy1yWURySmRTWVdLWk53ZThjaWh1VUkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC83Ni95dzlnWGdUc21fay1vNXlR
SHN3QW1scDl0WFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA
G2cwDQYJKoZIhvcNAQELBQADggEBAAGf/iV8JojUbNtWoHkYZFkwnwXeV2EG1fuk
FqY3dslojnYI1zPWwsqovtWPFGugCTYUWieioY9vXhcjmArWD9Qh7MkB0m7+dSww
dupOdsZE72y8b6K1ETVgEXPaejK1ZH5gARrCz20H2e4pyCu51TAcnmJjQnwETjuR
7y05jBcNAAMUZabyK9f8YcnW+Qw6Vyz83fDZPbFmhmvUFhvNYCzGF8LhkeYpkSx+
ZEJy26/D1ukdAu79s+JtjUTLEUwiObUPTh371+k8LgX68rBfvgtT/vOdI9cHIVr8
DgXsenJGVIVBsdpcGWAUm3ChX38XdZ0Tv52mjqNV9HrAnRCCmyM=
-----END CERTIFICATE-----
Generated at Wed Jun 4 02:10:20 2025 by rpki-client